Dobrý den,
prosím o kontrolu logu. AVG nalézá výše zmíněnou infekci (například v nějakém VistaCodecs)
Zde je log, předem děkuji.
-------------------------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdenek at 2010-04-21 13:59:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (32%) free of 153 GB
Total RAM: 894 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:01, on 21.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/microsoftupdate
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m‘|Ľę
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2978353209
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2978488569
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\rdolib.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG9IDSAgent (avgidsagent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 8399 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-21 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\SearchSettings.dll [2010-01-08 1109504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-03 16876032]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"GEST"=m‘|Ľę []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-21 2064736]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2010-01-08 974848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\rdolib.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-11 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-05 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\CDS\Nero\Installation\SetupX.exe"="D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3add5b3-e10f-11de-afcc-001fd08fdccd}]
shell\AutoRun\command - M:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dade2450-3fb7-11de-805e-001fd08fdccd}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddf36c7f-ef0e-11dd-bff1-001fd08fdccd}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8c7df71-416e-11de-8061-001fd08fdccd}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}]
shell\AutoRun\command - SETUP.EXE /AUTORUN
shell\configure\command - SETUP.EXE
shell\install\command - SETUP.EXE
======List of files/folders created in the last 1 months======
2010-04-21 13:59:53 ----D---- C:\Program Files\trend micro
2010-04-21 13:59:52 ----D---- C:\rsit
2010-04-21 11:34:07 ----D---- C:\Program Files\CCleaner
2010-04-21 10:05:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files\Java
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\java.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-11 19:15:18 ----D---- C:\Program Files\TVAnts
2010-04-09 21:51:18 ----D---- C:\Program Files\AVI to 3GP
2010-04-09 21:43:47 ----D---- C:\Program Files\VDownloader
2010-04-06 00:30:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
2010-04-06 00:29:44 ----D---- C:\Program Files\Keronsoft
2010-04-06 00:23:39 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
2010-04-06 00:23:33 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
2010-04-06 00:23:14 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
2010-04-06 00:23:01 ----D---- C:\Program Files\Search Settings
2010-04-06 00:22:50 ----D---- C:\Program Files\Application Updater
2010-04-06 00:22:49 ----D---- C:\Program Files\Dealio Toolbar
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-04-06 00:22:29 ----D---- C:\Program Files\Free Audio Pack
2010-04-06 00:22:29 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-04-06 00:07:28 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
2010-04-06 00:07:18 ----D---- C:\Program Files\Any Video Converter Professional
2010-04-05 21:38:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
2010-04-05 21:38:44 ----D---- C:\Program Files\ABC 3GP Converter
======List of files/folders modified in the last 1 months======
2010-04-21 13:59:53 ----RD---- C:\Program Files
2010-04-21 13:56:25 ----SHD---- C:\WINDOWS\Installer
2010-04-21 13:56:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-21 13:56:16 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 13:56:10 ----SD---- C:\WINDOWS\Tasks
2010-04-21 13:05:40 ----D---- C:\WINDOWS\Temp
2010-04-21 12:23:03 ----D---- C:\WINDOWS\Prefetch
2010-04-21 11:46:30 ----D---- C:\WINDOWS\Debug
2010-04-21 11:46:30 ----D---- C:\WINDOWS
2010-04-21 11:29:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-21 10:12:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 10:11:59 ----D---- C:\WINDOWS\system32
2010-04-21 10:10:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files
2010-04-21 10:04:46 ----D---- C:\Program Files\Java
2010-04-09 21:00:35 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-06 00:32:05 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-06 00:22:50 ----D---- C:\WINDOWS\WinSxS
2010-03-28 03:39:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 22:01:55 ----D---- C:\Program Files\Ask.com
2010-03-22 23:48:06 ----D---- C:\Program Files\Mozilla Firefox
2010-03-22 22:44:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-05 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-05 29512]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-11 3225088]
R3 avgidsdriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 avgidsfilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 avgidsshimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-06-18 3692288]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-11 557056]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-05 308064]
R2 avgidsagent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-03-05 5888008]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
AVG nalezlo infekci Packed.AutoIt
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Zdravím 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
CREATERESTOREPOINT- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
OTL Extras logfile created on: 21.4.2010 14:55:07 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Zdenek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
894,00 Mb Total Physical Memory | 499,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 47,18 Gb Free Space | 31,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-EBF3010F78514
Current User Name: Zdenek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\CDS\Nero\Installation\SetupX.exe" = D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{03F80C08-D71B-0A10-CD7D-456442509F5D}" = CCC Help Portuguese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0C4FE82F-E850-94C8-E0F9-7CF8717063BE}" = CCC Help Dutch
"{0C57B376-5CC2-61BB-AE0A-C02423EC53E9}" = CCC Help Japanese
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1477032B-2E54-B9E1-0E49-6DACFE064A96}" = Skins
"{17A044F6-8E12-EEC8-6FDC-EC500ADB333E}" = CCC Help Russian
"{18A487B4-F267-D43D-B7DC-736C32D67307}" = CCC Help Norwegian
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2092A86C-8AA3-5FB1-6BF9-54A3CBBDA800}" = Catalyst Control Center Localization Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 20
"{271EDE4E-7A11-5A22-D740-87414E56B530}" = Catalyst Control Center Localization Czech
"{28D8484E-AEA0-A39E-CDA2-11BA96C5AB00}" = Catalyst Control Center Graphics Full Existing
"{2B383D3F-3C99-C205-16C9-6EEBA6780CFB}" = Catalyst Control Center Localization Turkish
"{2B520D5F-933D-708C-7591-ECD843B60E02}" = CCC Help Czech
"{336EC39F-ED06-3232-D1F6-27C8746C6DA9}" = CCC Help Hungarian
"{33B7795E-0D4B-669A-AE0A-0F2E3645489F}" = Catalyst Control Center Localization German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36629B2A-EDB2-AE16-9384-E67D0DBE966B}" = Catalyst Control Center Localization Chinese Traditional
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{388ACF09-5A2A-3CDF-15A3-96996462E99D}" = CCC Help Italian
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{411D46C2-727E-AAFC-4177-D17B6BE41BF3}" = CCC Help Turkish
"{45F7604F-72D5-9B73-1741-294B709ECEBC}" = CCC Help Swedish
"{49E88C54-0BD8-396D-3710-431CCE892137}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ECB8D1D-2A49-6391-B43C-71F4D2C38AA7}" = Catalyst Control Center Localization Greek
"{514F2DA0-9FAC-2344-260F-19399ACBF7FC}" = Catalyst Control Center Localization Japanese
"{52A02CE4-ABC3-2C95-A99C-7A4F1E2A9721}" = Catalyst Control Center Localization Russian
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56427725-3CF3-3537-4B5C-377D95504984}" = Catalyst Control Center Localization Chinese Standard
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A118B81-A2BE-9CBC-626A-EF7EEE18D9DA}" = Catalyst Control Center Localization Danish
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6114F8D0-57A9-B34C-98ED-AAF81C748953}" = CCC Help Spanish
"{64DFF668-AF04-A6D2-8510-A4F35F39EED6}" = Catalyst Control Center Graphics Light
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6CC5E7B2-8BCD-BC7D-DE94-D6F6CA9BA432}" = Catalyst Control Center Localization Dutch
"{7303803E-9470-A9DC-FFF6-4D47CF251305}" = Catalyst Control Center Localization Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{82298CC6-35F5-FDC5-559C-3EC746E727A9}" = Catalyst Control Center Localization Finnish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88629D44-50C3-7C3F-3B42-11640768D4DB}" = Catalyst Control Center Localization Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{92988A89-4398-6C04-A7BF-4ED00AAC1DCE}" = Catalyst Control Center Localization Italian
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A997B0B-5236-FF93-0DB7-B697817D9835}" = Catalyst Control Center Core Implementation
"{A03A308F-0618-5A2F-D870-B13983D5F0D1}" = CCC Help English
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.5
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5B8756-B0E3-406D-4B68-F4B879076712}" = Catalyst Control Center Localization Spanish
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AE4E8D53-2D05-4EB4-A1E7-FF48B8E76DDE}_is1" = AVI to 3GP 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5E7AC18-9ABE-8F72-3F25-49679643C225}" = CCC Help Chinese Traditional
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB705B0D-15FC-DAF7-B10C-4E85481E5541}" = ccc-utility
"{BBE6239B-25DA-BC3C-0FD1-DC893314A89E}" = CCC Help Danish
"{BF90F866-D947-D201-5238-2210959FC267}" = ccc-core-static
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C63547E9-8657-E2CA-5609-CA5A1E5FAE8C}" = CCC Help Chinese Standard
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C9A3E9AD-D65A-9EFE-C9E5-C3283B5D99E8}" = CCC Help Thai
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFAEDD6-847E-521A-60C0-D05F98A8D111}" = Catalyst Control Center Graphics Full New
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC32ACC9-6828-0F12-2657-915E5622F33B}" = Catalyst Control Center Localization Norwegian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF3A299C-7F02-7C73-E4F0-70DDF09EB58F}" = ccc-core-preinstall
"{D4AD0C47-40CC-3928-44F0-B8F7A2D807FF}" = Catalyst Control Center Localization Portuguese
"{DD545D9E-8759-5588-BB82-8FAC582D1A02}" = CCC Help Korean
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E0FE183A-5582-A295-DBCB-2DBE694F310B}" = Catalyst Control Center Localization French
"{EB9C4381-6524-DDD6-3489-3163C678FF4E}" = CCC Help Polish
"{EBCA72FE-4EE1-84EC-00EF-37515F4DB482}" = CCC Help French
"{EF3E420F-2DCF-4C24-8E37-896801901029}" = Nero 7 Essentials
"{F0ED89F1-F006-B724-8A41-9F1BC09BA25B}" = CCC Help Greek
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22A2F8B-9F34-CCD5-1E40-344D3E1EF13E}" = Catalyst Control Center Localization Polish
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA20D57C-65E2-77D6-497C-8801C26B818A}" = CCC Help German
"{FE3FBF70-4823-F7AA-38BD-3C13E6F05E5F}" = Catalyst Control Center Localization Thai
"ABC 3GP/MP4 Converter" = ABC 3GP/MP4 Converter 3.00
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Video Converter Professional_is1" = Any Video Converter Professional 2.7.8
"ATI Display Driver" = ATI Display Driver
"avg9uninstall" = AVG 9.0
"AviSynth" = AviSynth 2.5
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.2
"Free Video to JPG Converter_is1" = Free Video to JPG Converter version 1.5
"GOM ENCODER" = GOM ENCODER
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobileVideo For 3GP_is1" = MobileVideo For 3GP 3.62
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer
"Registrace uživatele zařízení Canon MP550 series" = Registrace uživatele zařízení Canon MP550 series
"The KMPlayer" = The KMPlayer (remove only)
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Totalcmd" = Total Commander (Remove or Repair)
"TVAnts 1.0" = TVAnts 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.4.2010 04:01:17 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:03:45 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:03:50 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 04:07:13 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:07:19 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:23:57 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 05:24:06 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 05:30:00 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:40:43 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
[ System Events ]
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 05:34:36 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 05:34:37 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 06:29:02 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 06:29:03 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 07:29:02 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 07:29:03 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 07:55:23 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 07:55:23 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Zdenek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
894,00 Mb Total Physical Memory | 499,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 47,18 Gb Free Space | 31,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-EBF3010F78514
Current User Name: Zdenek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\CDS\Nero\Installation\SetupX.exe" = D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{03F80C08-D71B-0A10-CD7D-456442509F5D}" = CCC Help Portuguese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0C4FE82F-E850-94C8-E0F9-7CF8717063BE}" = CCC Help Dutch
"{0C57B376-5CC2-61BB-AE0A-C02423EC53E9}" = CCC Help Japanese
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1477032B-2E54-B9E1-0E49-6DACFE064A96}" = Skins
"{17A044F6-8E12-EEC8-6FDC-EC500ADB333E}" = CCC Help Russian
"{18A487B4-F267-D43D-B7DC-736C32D67307}" = CCC Help Norwegian
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2092A86C-8AA3-5FB1-6BF9-54A3CBBDA800}" = Catalyst Control Center Localization Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 20
"{271EDE4E-7A11-5A22-D740-87414E56B530}" = Catalyst Control Center Localization Czech
"{28D8484E-AEA0-A39E-CDA2-11BA96C5AB00}" = Catalyst Control Center Graphics Full Existing
"{2B383D3F-3C99-C205-16C9-6EEBA6780CFB}" = Catalyst Control Center Localization Turkish
"{2B520D5F-933D-708C-7591-ECD843B60E02}" = CCC Help Czech
"{336EC39F-ED06-3232-D1F6-27C8746C6DA9}" = CCC Help Hungarian
"{33B7795E-0D4B-669A-AE0A-0F2E3645489F}" = Catalyst Control Center Localization German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36629B2A-EDB2-AE16-9384-E67D0DBE966B}" = Catalyst Control Center Localization Chinese Traditional
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{388ACF09-5A2A-3CDF-15A3-96996462E99D}" = CCC Help Italian
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{411D46C2-727E-AAFC-4177-D17B6BE41BF3}" = CCC Help Turkish
"{45F7604F-72D5-9B73-1741-294B709ECEBC}" = CCC Help Swedish
"{49E88C54-0BD8-396D-3710-431CCE892137}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ECB8D1D-2A49-6391-B43C-71F4D2C38AA7}" = Catalyst Control Center Localization Greek
"{514F2DA0-9FAC-2344-260F-19399ACBF7FC}" = Catalyst Control Center Localization Japanese
"{52A02CE4-ABC3-2C95-A99C-7A4F1E2A9721}" = Catalyst Control Center Localization Russian
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56427725-3CF3-3537-4B5C-377D95504984}" = Catalyst Control Center Localization Chinese Standard
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A118B81-A2BE-9CBC-626A-EF7EEE18D9DA}" = Catalyst Control Center Localization Danish
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6114F8D0-57A9-B34C-98ED-AAF81C748953}" = CCC Help Spanish
"{64DFF668-AF04-A6D2-8510-A4F35F39EED6}" = Catalyst Control Center Graphics Light
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6CC5E7B2-8BCD-BC7D-DE94-D6F6CA9BA432}" = Catalyst Control Center Localization Dutch
"{7303803E-9470-A9DC-FFF6-4D47CF251305}" = Catalyst Control Center Localization Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{82298CC6-35F5-FDC5-559C-3EC746E727A9}" = Catalyst Control Center Localization Finnish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88629D44-50C3-7C3F-3B42-11640768D4DB}" = Catalyst Control Center Localization Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{92988A89-4398-6C04-A7BF-4ED00AAC1DCE}" = Catalyst Control Center Localization Italian
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A997B0B-5236-FF93-0DB7-B697817D9835}" = Catalyst Control Center Core Implementation
"{A03A308F-0618-5A2F-D870-B13983D5F0D1}" = CCC Help English
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.5
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5B8756-B0E3-406D-4B68-F4B879076712}" = Catalyst Control Center Localization Spanish
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AE4E8D53-2D05-4EB4-A1E7-FF48B8E76DDE}_is1" = AVI to 3GP 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5E7AC18-9ABE-8F72-3F25-49679643C225}" = CCC Help Chinese Traditional
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB705B0D-15FC-DAF7-B10C-4E85481E5541}" = ccc-utility
"{BBE6239B-25DA-BC3C-0FD1-DC893314A89E}" = CCC Help Danish
"{BF90F866-D947-D201-5238-2210959FC267}" = ccc-core-static
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C63547E9-8657-E2CA-5609-CA5A1E5FAE8C}" = CCC Help Chinese Standard
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C9A3E9AD-D65A-9EFE-C9E5-C3283B5D99E8}" = CCC Help Thai
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFAEDD6-847E-521A-60C0-D05F98A8D111}" = Catalyst Control Center Graphics Full New
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC32ACC9-6828-0F12-2657-915E5622F33B}" = Catalyst Control Center Localization Norwegian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF3A299C-7F02-7C73-E4F0-70DDF09EB58F}" = ccc-core-preinstall
"{D4AD0C47-40CC-3928-44F0-B8F7A2D807FF}" = Catalyst Control Center Localization Portuguese
"{DD545D9E-8759-5588-BB82-8FAC582D1A02}" = CCC Help Korean
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E0FE183A-5582-A295-DBCB-2DBE694F310B}" = Catalyst Control Center Localization French
"{EB9C4381-6524-DDD6-3489-3163C678FF4E}" = CCC Help Polish
"{EBCA72FE-4EE1-84EC-00EF-37515F4DB482}" = CCC Help French
"{EF3E420F-2DCF-4C24-8E37-896801901029}" = Nero 7 Essentials
"{F0ED89F1-F006-B724-8A41-9F1BC09BA25B}" = CCC Help Greek
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22A2F8B-9F34-CCD5-1E40-344D3E1EF13E}" = Catalyst Control Center Localization Polish
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA20D57C-65E2-77D6-497C-8801C26B818A}" = CCC Help German
"{FE3FBF70-4823-F7AA-38BD-3C13E6F05E5F}" = Catalyst Control Center Localization Thai
"ABC 3GP/MP4 Converter" = ABC 3GP/MP4 Converter 3.00
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Video Converter Professional_is1" = Any Video Converter Professional 2.7.8
"ATI Display Driver" = ATI Display Driver
"avg9uninstall" = AVG 9.0
"AviSynth" = AviSynth 2.5
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.2
"Free Video to JPG Converter_is1" = Free Video to JPG Converter version 1.5
"GOM ENCODER" = GOM ENCODER
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobileVideo For 3GP_is1" = MobileVideo For 3GP 3.62
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer
"Registrace uživatele zařízení Canon MP550 series" = Registrace uživatele zařízení Canon MP550 series
"The KMPlayer" = The KMPlayer (remove only)
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Totalcmd" = Total Commander (Remove or Repair)
"TVAnts 1.0" = TVAnts 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.4.2010 04:01:17 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:03:45 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:03:50 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 04:07:13 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 04:07:19 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:23:57 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 05:24:06 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
Error - 21.4.2010 05:30:00 | Computer Name = N-EBF3010F78514 | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 21.4.2010 05:40:43 | Computer Name = N-EBF3010F78514 | Source = MPSampleSubmission | ID = 5000
Description =
[ System Events ]
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 21.4.2010 05:29:55 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 05:34:36 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 05:34:37 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 06:29:02 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 06:29:03 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 07:29:02 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 07:29:03 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 21.4.2010 07:55:23 | Computer Name = N-EBF3010F78514 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 21.4.2010 07:55:23 | Computer Name = N-EBF3010F78514 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
První část logu...
**********************************************************************************
OTL logfile created on: 21.4.2010 14:55:07 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Zdenek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
894,00 Mb Total Physical Memory | 499,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 47,18 Gb Free Space | 31,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-EBF3010F78514
Current User Name: Zdenek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
PRC - [2010.04.21 10:02:10 | 002,064,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.04.21 10:02:08 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.03.31 08:15:17 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.05 20:54:46 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.05 20:54:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.05 20:54:32 | 000,596,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010.03.05 20:54:31 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010.03.05 20:54:26 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.03.05 20:54:23 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010.01.08 01:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.11.13 13:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009.03.24 04:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010.03.05 20:54:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.05 20:54:31 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (avgidsagent)
SRV - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.04.21 10:02:08 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.05 20:54:45 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.05 20:54:34 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (avgidserhrxpx)
DRV - [2010.03.05 20:54:33 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (avgidsdriverxpx)
DRV - [2010.03.05 20:54:33 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (avgidsfilterxpx)
DRV - [2010.03.05 20:54:33 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (avgidsshimxpx)
DRV - [2010.03.05 20:54:26 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.05 20:54:24 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.11.17 14:31:17 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\glaide32.sys -- (glaide32)
DRV - [2009.01.26 15:20:48 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.07.03 11:03:14 | 004,745,216 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.18 05:23:38 | 003,692,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.06.11 06:34:20 | 003,225,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 DF AF 4B 5E F3 C9 01 [binary data]
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.0.145
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.04.21 10:11:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.22 23:48:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.21 10:05:18 | 000,000,000 | ---D | M]
[2009.11.14 14:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Extensions
[2009.01.30 23:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.04.06 00:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions
[2009.11.14 14:54:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.05 21:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com
[2010.04.05 21:45:35 | 000,002,426 | ---- | M] () -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\searchplugins\askcom.xml
[2010.04.21 10:05:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.21 10:05:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1659004503-884357618-682003330-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 2978353209 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2978488569 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.50
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rdolib.dll) - C:\WINDOWS\System32\rdolib.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.26 14:33:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a3add5b3-e10f-11de-afcc-001fd08fdccd}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{dade2450-3fb7-11de-805e-001fd08fdccd}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{ddf36c7f-ef0e-11dd-bff1-001fd08fdccd}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{f8c7df71-416e-11de-8061-001fd08fdccd}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\configure\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\install\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mscert.dll) - C:\WINDOWS\System32\mscert.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.01.26 14:33:30 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Unable to start service SrService!
========== Files/Folders - Created Within 30 Days ==========
[2010.04.21 14:53:55 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
[2010.04.21 13:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.21 13:59:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.21 11:45:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zdenek\Recent
[2010.04.21 11:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.21 11:31:48 | 003,376,656 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Zdenek\Dokumenty\ccsetup230.exe
[2010.04.21 10:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.04.21 10:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.04.21 10:05:18 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.21 10:05:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.21 10:05:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.21 10:05:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.11 19:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\TVAnts
[2010.04.09 22:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\z avi do 3gp
[2010.04.09 21:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVI to 3GP
[2010.04.09 21:50:36 | 002,460,965 | ---- | C] (avito3gp.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\avi_to_3gp_setup.exe
[2010.04.09 21:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\VDownloader
[2010.04.09 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader
[2010.04.09 21:42:29 | 006,939,499 | ---- | C] (Vitzo Limited ) -- C:\Documents and Settings\Zdenek\Dokumenty\VDownloaderSetup2.5.exe
[2010.04.06 00:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2010.04.06 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Keronsoft
[2010.04.06 00:28:57 | 007,195,311 | ---- | C] ( ) -- C:\Documents and Settings\Zdenek\Dokumenty\mobilevideo3gp.exe
[2010.04.06 00:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2010.04.06 00:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2010.04.06 00:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2010.04.06 00:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010.04.06 00:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010.04.06 00:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
[2010.04.06 00:22:36 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX
[2010.04.06 00:22:32 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll
[2010.04.06 00:22:32 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll
[2010.04.06 00:22:32 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll
[2010.04.06 00:22:32 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll
[2010.04.06 00:22:32 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll
[2010.04.06 00:22:32 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll
[2010.04.06 00:22:32 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll
[2010.04.06 00:22:32 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2010.04.06 00:22:32 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTL32.OCX
[2010.04.06 00:22:32 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2010.04.06 00:22:32 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.OCX
[2010.04.06 00:22:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2010.04.06 00:22:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL
[2010.04.06 00:22:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2010.04.06 00:22:31 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.04.06 00:22:31 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010.04.06 00:22:31 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2010.04.06 00:22:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll
[2010.04.06 00:22:31 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2010.04.06 00:22:29 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2010.04.06 00:22:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.04.06 00:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Free Audio Pack
[2010.04.06 00:20:29 | 006,925,347 | ---- | C] (Koyote Soft ) -- C:\Documents and Settings\Zdenek\Dokumenty\Setup_FreeConverter.exe
[2010.04.06 00:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\Any Video Converter Professional
[2010.04.06 00:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2010.04.06 00:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Any Video Converter Professional
[2010.04.06 00:05:58 | 016,394,493 | ---- | C] (Any-Video-Converter.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\Video3GPConverter.exe
[2010.04.05 21:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\upravené filmy
[2010.04.05 21:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
[2010.04.05 21:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\ABC 3GP Converter
[2010.03.22 23:46:24 | 008,158,488 | ---- | C] (Mozilla) -- C:\Documents and Settings\Zdenek\Dokumenty\Firefox Setup 3.6.exe
[2010.02.02 12:20:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010.01.04 17:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\PCHealth
[2009.11.17 11:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.01.26 18:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.01.26 16:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
[2010.04.21 14:27:00 | 000,000,242 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 14:25:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010.04.21 14:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.04.21 13:59:50 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
[2010.04.21 11:52:27 | 059,109,052 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.21 11:34:14 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Zdenek\Plocha\CCleaner.lnk
[2010.04.21 11:34:01 | 003,376,656 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Zdenek\Dokumenty\ccsetup230.exe
[2010.04.21 10:11:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.21 10:11:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.21 10:10:43 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT
[2010.04.21 10:10:43 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Zdenek\ntuser.ini
[2010.04.21 10:02:08 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.04.21 09:58:45 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
[2010.04.21 09:52:56 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.11 20:40:45 | 000,253,208 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SoftonicDownloader56473.exe
[2010.04.11 19:15:05 | 003,005,440 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\TvantsSetup.exe
[2010.04.11 15:35:06 | 000,302,173 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\spust_LA7.exe
[2010.04.09 21:50:53 | 002,460,965 | ---- | M] (avito3gp.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\avi_to_3gp_setup.exe
[2010.04.09 21:43:53 | 000,001,538 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VDownloader.lnk
[2010.04.09 21:42:52 | 006,939,499 | ---- | M] (Vitzo Limited ) -- C:\Documents and Settings\Zdenek\Dokumenty\VDownloaderSetup2.5.exe
[2010.04.09 21:20:05 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.09 21:00:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.09 20:22:18 | 000,073,443 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Penzion_ubytovani.ov2
[2010.04.09 20:22:01 | 000,000,470 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-aquaplaning.ov2
[2010.04.09 20:21:42 | 000,089,325 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Hotel.ov2
[2010.04.09 20:21:31 | 000,152,586 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-WIFI_free.ov2
[2010.04.09 20:21:17 | 000,406,853 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Restaurace.ov2
[2010.04.08 23:31:05 | 734,312,628 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muži v říji,Česká komedie,2009,.avi
[2010.04.08 22:43:28 | 733,145,088 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Loudilove - komedie 2009_ cz dabing.avi
[2010.04.08 22:41:51 | 734,686,720 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Svůdnici žen CZ.Komedie.2009.kk.avi
[2010.04.07 23:37:56 | 964,704,066 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Pan Božský (komedie,romantika)-CZ (pelda).avi
[2010.04.07 23:16:57 | 735,868,928 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dokaž to 2008 komedie romantika hudba.avi
[2010.04.07 22:20:35 | 735,903,756 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dum u jezera 2006.avi.romantika.STEN.ok.avi
[2010.04.07 22:11:41 | 732,747,776 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Holka z predmesti CZ-AVI komedie-romantika.avi
[2010.04.07 21:35:37 | 732,700,672 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jak sbalit super kost cesky dabing filmy CZ avi komedie avi CZ.avi
[2010.04.07 21:10:47 | 408,424,400 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zachrante Vojina Ryana.3gp
[2010.04.07 20:48:37 | 246,470,312 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sherlock Holmes.Novinky-2009-2010.cz(raplisko).3gp
[2010.04.07 20:36:18 | 105,522,228 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jarní prázdniny 2009 [176x144 H263].3gp
[2010.04.06 21:34:48 | 159,790,989 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\V zajeti rychlosti.3gp
[2010.04.06 21:34:09 | 119,836,978 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\(3gpfilmy.7u.cz) Muzikál ze střední 3.3gp
[2010.04.06 21:22:08 | 179,251,817 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muj soused zabijak 1..3gp
[2010.04.06 21:07:17 | 201,237,709 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta na Mesic.cz.3gp
[2010.04.06 20:42:44 | 118,670,272 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\29 a jeste panna [176x144 H263].3gp
[2010.04.06 20:18:33 | 000,033,392 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.ov2
[2010.04.06 20:17:57 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.bmp
[2010.04.06 00:45:07 | 132,665,362 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Let cislo 93.3gp
[2010.04.06 00:29:24 | 007,195,311 | ---- | M] ( ) -- C:\Documents and Settings\Zdenek\Dokumenty\mobilevideo3gp.exe
[2010.04.06 00:21:01 | 006,925,347 | ---- | M] (Koyote Soft ) -- C:\Documents and Settings\Zdenek\Dokumenty\Setup_FreeConverter.exe
[2010.04.06 00:06:32 | 016,394,493 | ---- | M] (Any-Video-Converter.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\Video3GPConverter.exe
[2010.04.06 00:04:49 | 213,648,427 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle 2.3gp
[2010.04.05 23:50:36 | 213,838,264 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle.3gp
[2010.04.05 23:35:25 | 176,593,865 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chci to.3gp
[2010.04.05 21:38:50 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ABC 3GP Converter.lnk
[2010.04.05 21:37:08 | 004,676,944 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\abc-3gp-mp4-converter.exe
[2010.04.05 19:38:43 | 000,004,593 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_stacionarni.ov2
[2010.04.05 19:38:24 | 000,016,175 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Podjezdy_nizke.ov2
[2010.04.05 19:37:30 | 000,003,465 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.ov2
[2010.04.05 19:37:18 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.bmp
[2010.03.31 23:23:45 | 215,415,063 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\polarni-boure-2009-dvdrip.3gp
[2010.03.31 23:14:29 | 120,648,571 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\10 důvodů proč tě nenávidím.3gp
[2010.03.31 23:03:49 | 132,719,535 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\laska-na-druhem-konci-CZ.3gp
[2010.03.31 23:03:21 | 113,363,562 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\John Tucker musí zemřít 2006 Romantická Komedie avi.cz.3gp
[2010.03.31 22:54:24 | 120,928,432 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Na území žen (2007) cz dab.3gp
[2010.03.31 22:00:01 | 000,063,910 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_mobilni.ov2
[2010.03.31 21:59:45 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-prednost.bmp
[2010.03.31 21:59:34 | 000,003,298 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-prednost.ov2
[2010.03.31 21:59:16 | 000,020,685 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Policejni_kontroly.ov2
[2010.03.31 00:32:08 | 384,099,991 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\requiem za sen.3gp (skvělá kvalita) CZ.3gp
[2010.03.31 00:12:25 | 270,410,204 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\V1137_13-03-10.3gp
[2010.03.31 00:02:26 | 256,108,915 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Veřejný nepřítel č1.3gp
[2010.03.30 23:51:56 | 120,072,915 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zakázané ovoce.3gp
[2010.03.30 23:37:29 | 213,992,593 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zbouchni mě.3gp
[2010.03.30 23:23:06 | 147,259,606 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zohan Krycí jméno Kadeřník.3gp
[2010.03.30 23:00:50 | 024,169,639 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\01x11_Zase_sem_to_pokazila_www.m4u.own.cz.3gp
[2010.03.30 22:50:55 | 142,575,696 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Láska za časů cholery.3gp
[2010.03.30 22:44:50 | 236,530,671 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chytte tu holku (2004) filmy.kinotip.cz - online filmy zdarma.flv
[2010.03.29 18:26:30 | 100,688,538 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Co ta holka chce_3gp_do mobilu.3gp
[2010.03.29 18:13:01 | 105,191,865 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Comeback Heavy Christmas (velka kvalita do mobilu) 3gp.mp4
[2010.03.28 03:39:14 | 001,046,050 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 03:39:14 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 03:39:14 | 000,437,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 03:39:14 | 000,082,462 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 03:39:14 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.25 23:42:03 | 154,543,400 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dědictví aneb Kurvahošigutntag.3gp
[2010.03.25 23:26:40 | 109,023,834 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlidac c. 47.3gp
[2010.03.25 23:22:25 | 063,805,261 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlídač č.47.3gp
[2010.03.25 23:10:15 | 157,499,718 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\klic-key_3gp do mobilu.3gp
[2010.03.25 22:55:32 | 211,169,139 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta do stredu zeme 2008 cz avi_CD_1.3gp
[2010.03.25 22:30:00 | 000,004,903 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zpomalovaci_retardery.ov2
[2010.03.25 22:29:46 | 000,004,364 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_usekove.ov2
[2010.03.22 23:46:44 | 008,158,488 | ---- | M] (Mozilla) -- C:\Documents and Settings\Zdenek\Dokumenty\Firefox Setup 3.6.exe
[2010.03.22 22:12:27 | 000,003,350 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Jidelny.ov2
[2010.03.22 22:12:16 | 000,042,170 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\EU-druha_svetova_valka.ov2
[2010.03.22 22:12:01 | 000,003,144 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ- Bez_zimni_udrzby.ov2
[2010.03.22 22:11:52 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ- Bez_zimni_udrzby.bmp
[2010.03.22 22:11:42 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Autobusova_nadrazi.bmp
[2010.03.22 22:11:34 | 000,006,127 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Autobusova_nadrazi.ov2
[2010.03.22 22:11:00 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Usekova_mereni(EU).ov2
[2010.03.22 22:10:52 | 000,007,700 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SK-Radary_mobilni.ov2
[2010.03.22 22:10:41 | 000,001,881 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Santini.ov2
[2010.03.22 22:09:59 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_semafory.ov2
[2010.03.22 22:09:12 | 000,006,483 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-zatacka.ov2
[2010.03.22 22:09:02 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-zatacka.bmp
[2010.03.22 22:08:44 | 000,005,657 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SK-WIFI_free.ov2
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
**********************************************************************************
OTL logfile created on: 21.4.2010 14:55:07 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Zdenek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
894,00 Mb Total Physical Memory | 499,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 47,18 Gb Free Space | 31,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-EBF3010F78514
Current User Name: Zdenek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
PRC - [2010.04.21 10:02:10 | 002,064,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.04.21 10:02:08 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.03.31 08:15:17 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.05 20:54:46 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.05 20:54:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.05 20:54:32 | 000,596,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010.03.05 20:54:31 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010.03.05 20:54:26 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.03.05 20:54:23 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010.01.08 01:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.11.13 13:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009.03.24 04:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010.03.05 20:54:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.05 20:54:31 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (avgidsagent)
SRV - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.04.21 10:02:08 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.05 20:54:45 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.05 20:54:34 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (avgidserhrxpx)
DRV - [2010.03.05 20:54:33 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (avgidsdriverxpx)
DRV - [2010.03.05 20:54:33 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (avgidsfilterxpx)
DRV - [2010.03.05 20:54:33 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (avgidsshimxpx)
DRV - [2010.03.05 20:54:26 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.05 20:54:24 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.11.17 14:31:17 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\glaide32.sys -- (glaide32)
DRV - [2009.01.26 15:20:48 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.07.03 11:03:14 | 004,745,216 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.18 05:23:38 | 003,692,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.06.11 06:34:20 | 003,225,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 DF AF 4B 5E F3 C9 01 [binary data]
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1659004503-884357618-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.0.145
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.0.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.04.21 10:11:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.22 23:48:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.21 10:05:18 | 000,000,000 | ---D | M]
[2009.11.14 14:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Extensions
[2009.01.30 23:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.04.06 00:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions
[2009.11.14 14:54:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.05 21:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com
[2010.04.05 21:45:35 | 000,002,426 | ---- | M] () -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\searchplugins\askcom.xml
[2010.04.21 10:05:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.21 10:05:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1659004503-884357618-682003330-1006..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-884357618-682003330-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 2978353209 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2978488569 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.50
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rdolib.dll) - C:\WINDOWS\System32\rdolib.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.26 14:33:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a3add5b3-e10f-11de-afcc-001fd08fdccd}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{dade2450-3fb7-11de-805e-001fd08fdccd}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{ddf36c7f-ef0e-11dd-bff1-001fd08fdccd}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{f8c7df71-416e-11de-8061-001fd08fdccd}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\configure\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}\Shell\install\command - "" = C:\WINDOWS\System32\setup.exe -- [2008.04.14 05:22:45 | 000,023,040 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mscert.dll) - C:\WINDOWS\System32\mscert.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.01.26 14:33:30 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Unable to start service SrService!
========== Files/Folders - Created Within 30 Days ==========
[2010.04.21 14:53:55 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
[2010.04.21 13:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.21 13:59:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.21 11:45:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zdenek\Recent
[2010.04.21 11:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.21 11:31:48 | 003,376,656 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Zdenek\Dokumenty\ccsetup230.exe
[2010.04.21 10:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.04.21 10:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.04.21 10:05:18 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.21 10:05:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.21 10:05:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.21 10:05:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.11 19:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\TVAnts
[2010.04.09 22:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\z avi do 3gp
[2010.04.09 21:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVI to 3GP
[2010.04.09 21:50:36 | 002,460,965 | ---- | C] (avito3gp.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\avi_to_3gp_setup.exe
[2010.04.09 21:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\VDownloader
[2010.04.09 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader
[2010.04.09 21:42:29 | 006,939,499 | ---- | C] (Vitzo Limited ) -- C:\Documents and Settings\Zdenek\Dokumenty\VDownloaderSetup2.5.exe
[2010.04.06 00:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2010.04.06 00:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Keronsoft
[2010.04.06 00:28:57 | 007,195,311 | ---- | C] ( ) -- C:\Documents and Settings\Zdenek\Dokumenty\mobilevideo3gp.exe
[2010.04.06 00:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2010.04.06 00:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2010.04.06 00:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2010.04.06 00:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010.04.06 00:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010.04.06 00:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
[2010.04.06 00:22:36 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX
[2010.04.06 00:22:32 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll
[2010.04.06 00:22:32 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll
[2010.04.06 00:22:32 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll
[2010.04.06 00:22:32 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll
[2010.04.06 00:22:32 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll
[2010.04.06 00:22:32 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll
[2010.04.06 00:22:32 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll
[2010.04.06 00:22:32 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2010.04.06 00:22:32 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTL32.OCX
[2010.04.06 00:22:32 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2010.04.06 00:22:32 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.OCX
[2010.04.06 00:22:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2010.04.06 00:22:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL
[2010.04.06 00:22:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2010.04.06 00:22:31 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.04.06 00:22:31 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010.04.06 00:22:31 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2010.04.06 00:22:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll
[2010.04.06 00:22:31 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2010.04.06 00:22:29 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2010.04.06 00:22:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.04.06 00:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Free Audio Pack
[2010.04.06 00:20:29 | 006,925,347 | ---- | C] (Koyote Soft ) -- C:\Documents and Settings\Zdenek\Dokumenty\Setup_FreeConverter.exe
[2010.04.06 00:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\Any Video Converter Professional
[2010.04.06 00:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2010.04.06 00:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Any Video Converter Professional
[2010.04.06 00:05:58 | 016,394,493 | ---- | C] (Any-Video-Converter.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\Video3GPConverter.exe
[2010.04.05 21:49:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Dokumenty\upravené filmy
[2010.04.05 21:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
[2010.04.05 21:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\ABC 3GP Converter
[2010.03.22 23:46:24 | 008,158,488 | ---- | C] (Mozilla) -- C:\Documents and Settings\Zdenek\Dokumenty\Firefox Setup 3.6.exe
[2010.02.02 12:20:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010.01.04 17:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\PCHealth
[2009.11.17 11:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.01.26 18:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.01.26 16:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.21 14:54:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdenek\Plocha\OTL.exe
[2010.04.21 14:27:00 | 000,000,242 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 14:25:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010.04.21 14:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.04.21 13:59:50 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
[2010.04.21 11:52:27 | 059,109,052 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.21 11:34:14 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Zdenek\Plocha\CCleaner.lnk
[2010.04.21 11:34:01 | 003,376,656 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Zdenek\Dokumenty\ccsetup230.exe
[2010.04.21 10:11:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.21 10:11:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.21 10:10:43 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT
[2010.04.21 10:10:43 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Zdenek\ntuser.ini
[2010.04.21 10:02:08 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.04.21 09:58:45 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
[2010.04.21 09:52:56 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.11 20:40:45 | 000,253,208 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SoftonicDownloader56473.exe
[2010.04.11 19:15:05 | 003,005,440 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\TvantsSetup.exe
[2010.04.11 15:35:06 | 000,302,173 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\spust_LA7.exe
[2010.04.09 21:50:53 | 002,460,965 | ---- | M] (avito3gp.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\avi_to_3gp_setup.exe
[2010.04.09 21:43:53 | 000,001,538 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VDownloader.lnk
[2010.04.09 21:42:52 | 006,939,499 | ---- | M] (Vitzo Limited ) -- C:\Documents and Settings\Zdenek\Dokumenty\VDownloaderSetup2.5.exe
[2010.04.09 21:20:05 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.09 21:00:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.09 20:22:18 | 000,073,443 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Penzion_ubytovani.ov2
[2010.04.09 20:22:01 | 000,000,470 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-aquaplaning.ov2
[2010.04.09 20:21:42 | 000,089,325 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Hotel.ov2
[2010.04.09 20:21:31 | 000,152,586 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-WIFI_free.ov2
[2010.04.09 20:21:17 | 000,406,853 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Restaurace.ov2
[2010.04.08 23:31:05 | 734,312,628 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muži v říji,Česká komedie,2009,.avi
[2010.04.08 22:43:28 | 733,145,088 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Loudilove - komedie 2009_ cz dabing.avi
[2010.04.08 22:41:51 | 734,686,720 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Svůdnici žen CZ.Komedie.2009.kk.avi
[2010.04.07 23:37:56 | 964,704,066 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Pan Božský (komedie,romantika)-CZ (pelda).avi
[2010.04.07 23:16:57 | 735,868,928 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dokaž to 2008 komedie romantika hudba.avi
[2010.04.07 22:20:35 | 735,903,756 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dum u jezera 2006.avi.romantika.STEN.ok.avi
[2010.04.07 22:11:41 | 732,747,776 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Holka z predmesti CZ-AVI komedie-romantika.avi
[2010.04.07 21:35:37 | 732,700,672 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jak sbalit super kost cesky dabing filmy CZ avi komedie avi CZ.avi
[2010.04.07 21:10:47 | 408,424,400 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zachrante Vojina Ryana.3gp
[2010.04.07 20:48:37 | 246,470,312 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sherlock Holmes.Novinky-2009-2010.cz(raplisko).3gp
[2010.04.07 20:36:18 | 105,522,228 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jarní prázdniny 2009 [176x144 H263].3gp
[2010.04.06 21:34:48 | 159,790,989 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\V zajeti rychlosti.3gp
[2010.04.06 21:34:09 | 119,836,978 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\(3gpfilmy.7u.cz) Muzikál ze střední 3.3gp
[2010.04.06 21:22:08 | 179,251,817 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muj soused zabijak 1..3gp
[2010.04.06 21:07:17 | 201,237,709 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta na Mesic.cz.3gp
[2010.04.06 20:42:44 | 118,670,272 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\29 a jeste panna [176x144 H263].3gp
[2010.04.06 20:18:33 | 000,033,392 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.ov2
[2010.04.06 20:17:57 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.bmp
[2010.04.06 00:45:07 | 132,665,362 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Let cislo 93.3gp
[2010.04.06 00:29:24 | 007,195,311 | ---- | M] ( ) -- C:\Documents and Settings\Zdenek\Dokumenty\mobilevideo3gp.exe
[2010.04.06 00:21:01 | 006,925,347 | ---- | M] (Koyote Soft ) -- C:\Documents and Settings\Zdenek\Dokumenty\Setup_FreeConverter.exe
[2010.04.06 00:06:32 | 016,394,493 | ---- | M] (Any-Video-Converter.com ) -- C:\Documents and Settings\Zdenek\Dokumenty\Video3GPConverter.exe
[2010.04.06 00:04:49 | 213,648,427 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle 2.3gp
[2010.04.05 23:50:36 | 213,838,264 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle.3gp
[2010.04.05 23:35:25 | 176,593,865 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chci to.3gp
[2010.04.05 21:38:50 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ABC 3GP Converter.lnk
[2010.04.05 21:37:08 | 004,676,944 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\abc-3gp-mp4-converter.exe
[2010.04.05 19:38:43 | 000,004,593 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_stacionarni.ov2
[2010.04.05 19:38:24 | 000,016,175 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Podjezdy_nizke.ov2
[2010.04.05 19:37:30 | 000,003,465 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.ov2
[2010.04.05 19:37:18 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.bmp
[2010.03.31 23:23:45 | 215,415,063 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\polarni-boure-2009-dvdrip.3gp
[2010.03.31 23:14:29 | 120,648,571 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\10 důvodů proč tě nenávidím.3gp
[2010.03.31 23:03:49 | 132,719,535 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\laska-na-druhem-konci-CZ.3gp
[2010.03.31 23:03:21 | 113,363,562 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\John Tucker musí zemřít 2006 Romantická Komedie avi.cz.3gp
[2010.03.31 22:54:24 | 120,928,432 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Na území žen (2007) cz dab.3gp
[2010.03.31 22:00:01 | 000,063,910 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_mobilni.ov2
[2010.03.31 21:59:45 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-prednost.bmp
[2010.03.31 21:59:34 | 000,003,298 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-prednost.ov2
[2010.03.31 21:59:16 | 000,020,685 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Policejni_kontroly.ov2
[2010.03.31 00:32:08 | 384,099,991 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\requiem za sen.3gp (skvělá kvalita) CZ.3gp
[2010.03.31 00:12:25 | 270,410,204 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\V1137_13-03-10.3gp
[2010.03.31 00:02:26 | 256,108,915 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Veřejný nepřítel č1.3gp
[2010.03.30 23:51:56 | 120,072,915 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zakázané ovoce.3gp
[2010.03.30 23:37:29 | 213,992,593 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zbouchni mě.3gp
[2010.03.30 23:23:06 | 147,259,606 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zohan Krycí jméno Kadeřník.3gp
[2010.03.30 23:00:50 | 024,169,639 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\01x11_Zase_sem_to_pokazila_www.m4u.own.cz.3gp
[2010.03.30 22:50:55 | 142,575,696 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Láska za časů cholery.3gp
[2010.03.30 22:44:50 | 236,530,671 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chytte tu holku (2004) filmy.kinotip.cz - online filmy zdarma.flv
[2010.03.29 18:26:30 | 100,688,538 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Co ta holka chce_3gp_do mobilu.3gp
[2010.03.29 18:13:01 | 105,191,865 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Comeback Heavy Christmas (velka kvalita do mobilu) 3gp.mp4
[2010.03.28 03:39:14 | 001,046,050 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 03:39:14 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 03:39:14 | 000,437,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 03:39:14 | 000,082,462 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 03:39:14 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.25 23:42:03 | 154,543,400 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dědictví aneb Kurvahošigutntag.3gp
[2010.03.25 23:26:40 | 109,023,834 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlidac c. 47.3gp
[2010.03.25 23:22:25 | 063,805,261 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlídač č.47.3gp
[2010.03.25 23:10:15 | 157,499,718 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\klic-key_3gp do mobilu.3gp
[2010.03.25 22:55:32 | 211,169,139 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta do stredu zeme 2008 cz avi_CD_1.3gp
[2010.03.25 22:30:00 | 000,004,903 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zpomalovaci_retardery.ov2
[2010.03.25 22:29:46 | 000,004,364 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_usekove.ov2
[2010.03.22 23:46:44 | 008,158,488 | ---- | M] (Mozilla) -- C:\Documents and Settings\Zdenek\Dokumenty\Firefox Setup 3.6.exe
[2010.03.22 22:12:27 | 000,003,350 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Jidelny.ov2
[2010.03.22 22:12:16 | 000,042,170 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\EU-druha_svetova_valka.ov2
[2010.03.22 22:12:01 | 000,003,144 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ- Bez_zimni_udrzby.ov2
[2010.03.22 22:11:52 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ- Bez_zimni_udrzby.bmp
[2010.03.22 22:11:42 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Autobusova_nadrazi.bmp
[2010.03.22 22:11:34 | 000,006,127 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Autobusova_nadrazi.ov2
[2010.03.22 22:11:00 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Usekova_mereni(EU).ov2
[2010.03.22 22:10:52 | 000,007,700 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SK-Radary_mobilni.ov2
[2010.03.22 22:10:41 | 000,001,881 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Santini.ov2
[2010.03.22 22:09:59 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Radary_semafory.ov2
[2010.03.22 22:09:12 | 000,006,483 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-zatacka.ov2
[2010.03.22 22:09:02 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Nebezpecna_mista-zatacka.bmp
[2010.03.22 22:08:44 | 000,005,657 | ---- | M] () -- C:\Documents and Settings\Zdenek\Dokumenty\SK-WIFI_free.ov2
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
2. část logu...
********************************************
========== Files Created - No Company Name ==========
[2010.04.21 13:59:45 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
[2010.04.21 11:34:13 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Zdenek\Plocha\CCleaner.lnk
[2010.04.11 20:40:38 | 000,253,208 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\SoftonicDownloader56473.exe
[2010.04.11 15:35:03 | 000,302,173 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\spust_LA7.exe
[2010.04.11 15:11:02 | 003,005,440 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\TvantsSetup.exe
[2010.04.09 21:43:53 | 000,001,538 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VDownloader.lnk
[2010.04.09 21:43:50 | 000,026,694 | ---- | C] () -- C:\WINDOWS\System32\eBay.ico
[2010.04.09 21:43:50 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\eBay.url
[2010.04.08 23:29:28 | 734,312,628 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muži v říji,Česká komedie,2009,.avi
[2010.04.08 22:42:33 | 733,145,088 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Loudilove - komedie 2009_ cz dabing.avi
[2010.04.08 22:40:50 | 734,686,720 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Svůdnici žen CZ.Komedie.2009.kk.avi
[2010.04.07 23:35:23 | 964,704,066 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Pan Božský (komedie,romantika)-CZ (pelda).avi
[2010.04.07 23:15:46 | 735,868,928 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dokaž to 2008 komedie romantika hudba.avi
[2010.04.07 22:18:40 | 735,903,756 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dum u jezera 2006.avi.romantika.STEN.ok.avi
[2010.04.07 22:09:28 | 732,747,776 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Holka z predmesti CZ-AVI komedie-romantika.avi
[2010.04.07 21:34:36 | 732,700,672 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jak sbalit super kost cesky dabing filmy CZ avi komedie avi CZ.avi
[2010.04.07 21:09:52 | 408,424,400 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zachrante Vojina Ryana.3gp
[2010.04.07 20:48:12 | 246,470,312 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sherlock Holmes.Novinky-2009-2010.cz(raplisko).3gp
[2010.04.07 20:36:08 | 105,522,228 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jarní prázdniny 2009 [176x144 H263].3gp
[2010.04.06 21:34:36 | 159,790,989 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\V zajeti rychlosti.3gp
[2010.04.06 21:33:59 | 119,836,978 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\(3gpfilmy.7u.cz) Muzikál ze střední 3.3gp
[2010.04.06 21:21:39 | 179,251,817 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muj soused zabijak 1..3gp
[2010.04.06 21:07:06 | 201,237,709 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta na Mesic.cz.3gp
[2010.04.06 20:42:35 | 118,670,272 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\29 a jeste panna [176x144 H263].3gp
[2010.04.06 20:18:33 | 000,033,392 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.ov2
[2010.04.06 20:17:57 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.bmp
[2010.04.06 00:45:00 | 132,665,362 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Let cislo 93.3gp
[2010.04.06 00:22:32 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2010.04.06 00:22:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.04.05 23:54:59 | 213,648,427 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle 2.3gp
[2010.04.05 23:40:28 | 213,838,264 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle.3gp
[2010.04.05 23:04:40 | 176,593,865 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chci to.3gp
[2010.04.05 21:38:50 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ABC 3GP Converter.lnk
[2010.04.05 21:36:52 | 004,676,944 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\abc-3gp-mp4-converter.exe
[2010.04.05 19:37:30 | 000,003,465 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.ov2
[2010.04.05 19:37:17 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.bmp
[2010.03.31 23:23:22 | 215,415,063 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\polarni-boure-2009-dvdrip.3gp
[2010.03.31 23:14:25 | 120,648,571 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\10 důvodů proč tě nenávidím.3gp
[2010.03.31 23:03:35 | 132,719,535 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\laska-na-druhem-konci-CZ.3gp
[2010.03.31 23:03:17 | 113,363,562 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\John Tucker musí zemřít 2006 Romantická Komedie avi.cz.3gp
[2010.03.31 22:54:09 | 120,928,432 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Na území žen (2007) cz dab.3gp
[2010.03.31 00:31:21 | 384,099,991 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\requiem za sen.3gp (skvělá kvalita) CZ.3gp
[2010.03.31 00:11:38 | 270,410,204 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\V1137_13-03-10.3gp
[2010.03.31 00:01:53 | 256,108,915 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Veřejný nepřítel č1.3gp
[2010.03.30 23:51:24 | 120,072,915 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zakázané ovoce.3gp
[2010.03.30 23:37:03 | 213,992,593 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zbouchni mě.3gp
[2010.03.30 23:22:47 | 147,259,606 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zohan Krycí jméno Kadeřník.3gp
[2010.03.30 23:00:49 | 024,169,639 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\01x11_Zase_sem_to_pokazila_www.m4u.own.cz.3gp
[2010.03.30 22:50:39 | 142,575,696 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Láska za časů cholery.3gp
[2010.03.30 22:44:13 | 236,530,671 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chytte tu holku (2004) filmy.kinotip.cz - online filmy zdarma.flv
[2010.03.29 18:26:23 | 100,688,538 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Co ta holka chce_3gp_do mobilu.3gp
[2010.03.29 18:12:53 | 105,191,865 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Comeback Heavy Christmas (velka kvalita do mobilu) 3gp.mp4
[2010.03.25 23:41:54 | 154,543,400 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dědictví aneb Kurvahošigutntag.3gp
[2010.03.25 23:26:38 | 109,023,834 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlidac c. 47.3gp
[2010.03.25 23:22:23 | 063,805,261 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlídač č.47.3gp
[2010.03.25 23:10:02 | 157,499,718 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\klic-key_3gp do mobilu.3gp
[2010.03.25 22:55:04 | 211,169,139 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta do stredu zeme 2008 cz avi_CD_1.3gp
[2010.01.28 03:09:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.11.22 17:31:20 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.11.14 16:13:09 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009.11.14 15:13:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\glaide32.sys
[2009.05.30 02:37:40 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.29 16:06:03 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.26 19:14:05 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.01.27 15:43:50 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\Zdenek\ntuser.ini
[2009.01.27 15:43:49 | 004,456,448 | -H-- | C] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT
[2009.01.27 15:43:49 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT.LOG
[2009.01.27 10:49:18 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.01.26 18:30:11 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.26 17:49:11 | 000,000,895 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
========== LOP Check ==========
[2009.11.17 14:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2009.09.23 18:49:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.03.02 10:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2009.09.23 19:00:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2010.03.22 22:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2009.09.23 19:03:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2009.09.23 19:00:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2010.04.06 00:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2010.04.06 00:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.30 23:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VistaCodecs
[2010.04.05 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
[2009.11.22 17:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zoom Player
[2009.11.14 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Audio Converter
[2010.04.06 00:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2009.09.23 19:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Canon
[2010.04.06 00:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2010.04.06 00:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2010.04.06 00:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2009.01.30 23:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs
[2009.01.29 10:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Zoner
[2010.04.21 14:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010.04.21 09:58:45 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
[2010.04.21 14:27:00 | 000,000,242 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 14:25:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"TomTomHOME.exe" = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -- [2009.11.13 13:31:12 | 000,247,144 | ---- | M] (TomTom)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2009.11.14 15:12:45 | 000,000,000 | ---- | M] () -- C:\mdjvbrw.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\sesk.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\uqaxgnpo.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.30 23:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Adobe
[2010.02.06 21:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Ahead
[2009.11.14 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Audio Converter
[2010.04.06 00:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2009.01.27 15:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\ATI
[2009.09.23 19:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Canon
[2009.11.24 20:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\CyberLink
[2010.04.06 00:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2009.11.14 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\DivX
[2010.04.06 00:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2009.11.22 20:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Gretech
[2009.01.27 15:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Identities
[2009.01.30 23:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Macromedia
[2010.01.28 16:43:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Microsoft
[2009.11.14 14:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla
[2009.11.14 15:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Real
[2010.04.06 00:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2009.02.27 20:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Sun
[2009.01.30 23:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs
[2009.01.29 10:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2010.03.25 22:32:56 | 002,131,336 | ---- | M] (Ask.com ) -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.06.11 04:14:54 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.01.26 15:21:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.01.26 15:21:25 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.01.26 15:21:25 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2008.06.11 04:14:54 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008.04.13 20:36:04 | 002,927,616 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\xpsp2res.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D
< End of report >
********************************************
========== Files Created - No Company Name ==========
[2010.04.21 13:59:45 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
[2010.04.21 11:34:13 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Zdenek\Plocha\CCleaner.lnk
[2010.04.11 20:40:38 | 000,253,208 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\SoftonicDownloader56473.exe
[2010.04.11 15:35:03 | 000,302,173 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\spust_LA7.exe
[2010.04.11 15:11:02 | 003,005,440 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\TvantsSetup.exe
[2010.04.09 21:43:53 | 000,001,538 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VDownloader.lnk
[2010.04.09 21:43:50 | 000,026,694 | ---- | C] () -- C:\WINDOWS\System32\eBay.ico
[2010.04.09 21:43:50 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\eBay.url
[2010.04.08 23:29:28 | 734,312,628 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muži v říji,Česká komedie,2009,.avi
[2010.04.08 22:42:33 | 733,145,088 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Loudilove - komedie 2009_ cz dabing.avi
[2010.04.08 22:40:50 | 734,686,720 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Svůdnici žen CZ.Komedie.2009.kk.avi
[2010.04.07 23:35:23 | 964,704,066 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Pan Božský (komedie,romantika)-CZ (pelda).avi
[2010.04.07 23:15:46 | 735,868,928 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dokaž to 2008 komedie romantika hudba.avi
[2010.04.07 22:18:40 | 735,903,756 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dum u jezera 2006.avi.romantika.STEN.ok.avi
[2010.04.07 22:09:28 | 732,747,776 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Holka z predmesti CZ-AVI komedie-romantika.avi
[2010.04.07 21:34:36 | 732,700,672 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jak sbalit super kost cesky dabing filmy CZ avi komedie avi CZ.avi
[2010.04.07 21:09:52 | 408,424,400 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zachrante Vojina Ryana.3gp
[2010.04.07 20:48:12 | 246,470,312 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sherlock Holmes.Novinky-2009-2010.cz(raplisko).3gp
[2010.04.07 20:36:08 | 105,522,228 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Jarní prázdniny 2009 [176x144 H263].3gp
[2010.04.06 21:34:36 | 159,790,989 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\V zajeti rychlosti.3gp
[2010.04.06 21:33:59 | 119,836,978 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\(3gpfilmy.7u.cz) Muzikál ze střední 3.3gp
[2010.04.06 21:21:39 | 179,251,817 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Muj soused zabijak 1..3gp
[2010.04.06 21:07:06 | 201,237,709 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta na Mesic.cz.3gp
[2010.04.06 20:42:35 | 118,670,272 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\29 a jeste panna [176x144 H263].3gp
[2010.04.06 20:18:33 | 000,033,392 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.ov2
[2010.04.06 20:17:57 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Zamky.bmp
[2010.04.06 00:45:00 | 132,665,362 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Let cislo 93.3gp
[2010.04.06 00:22:32 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2010.04.06 00:22:29 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.04.05 23:54:59 | 213,648,427 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle 2.3gp
[2010.04.05 23:40:28 | 213,838,264 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Sexbomba od vedle.3gp
[2010.04.05 23:04:40 | 176,593,865 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chci to.3gp
[2010.04.05 21:38:50 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ABC 3GP Converter.lnk
[2010.04.05 21:36:52 | 004,676,944 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\abc-3gp-mp4-converter.exe
[2010.04.05 19:37:30 | 000,003,465 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.ov2
[2010.04.05 19:37:17 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\CZ-Architekt_Dientzenhofer.bmp
[2010.03.31 23:23:22 | 215,415,063 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\polarni-boure-2009-dvdrip.3gp
[2010.03.31 23:14:25 | 120,648,571 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\10 důvodů proč tě nenávidím.3gp
[2010.03.31 23:03:35 | 132,719,535 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\laska-na-druhem-konci-CZ.3gp
[2010.03.31 23:03:17 | 113,363,562 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\John Tucker musí zemřít 2006 Romantická Komedie avi.cz.3gp
[2010.03.31 22:54:09 | 120,928,432 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Na území žen (2007) cz dab.3gp
[2010.03.31 00:31:21 | 384,099,991 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\requiem za sen.3gp (skvělá kvalita) CZ.3gp
[2010.03.31 00:11:38 | 270,410,204 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\V1137_13-03-10.3gp
[2010.03.31 00:01:53 | 256,108,915 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Veřejný nepřítel č1.3gp
[2010.03.30 23:51:24 | 120,072,915 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zakázané ovoce.3gp
[2010.03.30 23:37:03 | 213,992,593 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zbouchni mě.3gp
[2010.03.30 23:22:47 | 147,259,606 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Zohan Krycí jméno Kadeřník.3gp
[2010.03.30 23:00:49 | 024,169,639 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\01x11_Zase_sem_to_pokazila_www.m4u.own.cz.3gp
[2010.03.30 22:50:39 | 142,575,696 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Láska za časů cholery.3gp
[2010.03.30 22:44:13 | 236,530,671 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Chytte tu holku (2004) filmy.kinotip.cz - online filmy zdarma.flv
[2010.03.29 18:26:23 | 100,688,538 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Co ta holka chce_3gp_do mobilu.3gp
[2010.03.29 18:12:53 | 105,191,865 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Comeback Heavy Christmas (velka kvalita do mobilu) 3gp.mp4
[2010.03.25 23:41:54 | 154,543,400 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Dědictví aneb Kurvahošigutntag.3gp
[2010.03.25 23:26:38 | 109,023,834 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlidac c. 47.3gp
[2010.03.25 23:22:23 | 063,805,261 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Hlídač č.47.3gp
[2010.03.25 23:10:02 | 157,499,718 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\klic-key_3gp do mobilu.3gp
[2010.03.25 22:55:04 | 211,169,139 | ---- | C] () -- C:\Documents and Settings\Zdenek\Dokumenty\Cesta do stredu zeme 2008 cz avi_CD_1.3gp
[2010.01.28 03:09:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.11.22 17:31:20 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.11.14 16:13:09 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009.11.14 15:13:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\glaide32.sys
[2009.05.30 02:37:40 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.29 16:06:03 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.26 19:14:05 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.01.27 15:43:50 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\Zdenek\ntuser.ini
[2009.01.27 15:43:49 | 004,456,448 | -H-- | C] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT
[2009.01.27 15:43:49 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\Zdenek\NTUSER.DAT.LOG
[2009.01.27 10:49:18 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.01.26 18:30:11 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.26 17:49:11 | 000,000,895 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
========== LOP Check ==========
[2009.11.17 14:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2009.09.23 18:49:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.03.02 10:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2009.09.23 19:00:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2010.03.22 22:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2009.09.23 19:03:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2009.09.23 19:00:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2010.04.06 00:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2010.04.06 00:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.30 23:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VistaCodecs
[2010.04.05 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
[2009.11.22 17:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zoom Player
[2009.11.14 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Audio Converter
[2010.04.06 00:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2009.09.23 19:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Canon
[2010.04.06 00:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2010.04.06 00:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2010.04.06 00:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2009.01.30 23:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs
[2009.01.29 10:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Zoner
[2010.04.21 14:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010.04.21 09:58:45 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
[2010.04.21 14:27:00 | 000,000,242 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 14:25:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"TomTomHOME.exe" = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -- [2009.11.13 13:31:12 | 000,247,144 | ---- | M] (TomTom)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2009.11.14 15:12:45 | 000,000,000 | ---- | M] () -- C:\mdjvbrw.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\sesk.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\uqaxgnpo.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.30 23:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Adobe
[2010.02.06 21:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Ahead
[2009.11.14 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Audio Converter
[2010.04.06 00:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
[2009.01.27 15:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\ATI
[2009.09.23 19:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Canon
[2009.11.24 20:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\CyberLink
[2010.04.06 00:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2009.11.14 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\DivX
[2010.04.06 00:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
[2010.04.06 00:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
[2009.11.22 20:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Gretech
[2009.01.27 15:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Identities
[2009.01.30 23:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Macromedia
[2010.01.28 16:43:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Microsoft
[2009.11.14 14:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla
[2009.11.14 15:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Real
[2010.04.06 00:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2009.02.27 20:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Sun
[2009.01.30 23:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\TomTom
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs
[2009.01.29 10:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2010.03.25 22:32:56 | 002,131,336 | ---- | M] (Ask.com ) -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.01.26 16:36:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.06.11 04:14:54 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.01.26 15:21:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.01.26 15:21:25 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.01.26 15:21:25 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2008.06.11 04:14:54 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008.04.13 20:36:04 | 002,927,616 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\xpsp2res.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
O2 - BHO: (no name) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1659004503-884357618-682003330-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mscert.dll) - C:\WINDOWS\System32\mscert.dll File not found
[2010.04.06 00:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Search Settings
[2010.04.06 00:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdenek\Data aplikací\Dealio
[2010.04.06 00:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2010.04.06 00:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010.04.06 00:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010.04.21 14:27:00 | 000,000,242 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 14:25:00 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010.04.21 14:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.02.08 21:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs
[2009.11.14 15:12:45 | 000,000,000 | ---- | M] () -- C:\mdjvbrw.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\sesk.exe
[2009.11.14 15:12:43 | 000,000,000 | ---- | M] () -- C:\uqaxgnpo.exe
[2010.03.25 22:32:56 | 002,131,336 | ---- | M] (Ask.com ) -- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2009.11.14 15:13:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\glaide32.sys
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=""
:Files
C:\Program Files\Ask.com
C:\WINDOWS\system32\rdolib.dll
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
C:\WINDOWS\system32\ATIDEMGX.dll
C:\WINDOWS\system32\xpsp2res.dll
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Tady je log:
All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{500BCA15-57A7-4eaf-8143-8C619470B13D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
C:\Program Files\Search Settings\SearchSettings.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1659004503-884357618-682003330-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\AppSecDll:C:\WINDOWS\system32\mscert.dll deleted successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings\kb130\temp folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings\kb130 folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio\temp folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio\res folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio folder moved successfully.
C:\Program Files\Search Settings\temp folder moved successfully.
C:\Program Files\Search Settings\res folder moved successfully.
C:\Program Files\Search Settings\FF\components folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\skin folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\locale\en-US folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\locale folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\content folder moved successfully.
C:\Program Files\Search Settings\FF\chrome folder moved successfully.
C:\Program Files\Search Settings\FF folder moved successfully.
C:\Program Files\Search Settings folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Dealio Toolbar\Res folder moved successfully.
C:\Program Files\Dealio Toolbar\IE\4.0.2 folder moved successfully.
C:\Program Files\Dealio Toolbar\IE folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\components folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome folder moved successfully.
C:\Program Files\Dealio Toolbar\FF folder moved successfully.
C:\Program Files\Dealio Toolbar folder moved successfully.
C:\WINDOWS\002568_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs folder moved successfully.
C:\mdjvbrw.exe moved successfully.
C:\sesk.exe moved successfully.
C:\uqaxgnpo.exe moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe moved successfully.
C:\WINDOWS\system32\drivers\glaide32.sys moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\WINDOWS\system32\rdolib.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Inst
->Temp folder emptied: 22610977 bytes
->Temporary Internet Files folder emptied: 7485941 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 63378 bytes
User: NetworkService
->Temp folder emptied: 232680 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Zdenek
->Temp folder emptied: 33712428 bytes
->Temporary Internet Files folder emptied: 6846139 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32157712 bytes
->Flash cache emptied: 2961 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 318943 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10955780 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 109,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Inst
User: LocalService
User: NetworkService
User: Zdenek
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start service SrService!
OTL by OldTimer - Version 3.2.1.3 log created on 04212010_154425
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7812.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7817.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF786D.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7872.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF78A9.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF78AE.tmp not found!
C:\Documents and Settings\Zdenek\Local Settings\Temporary Internet Files\Content.IE5\YXC6QA17\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Zdenek\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
Registry entries deleted on Reboot...
*********************************************************************************************
tady jsou odkazy:
http://www.virustotal.com/cs/analisis/8 ... 1271857858
http://www.virustotal.com/cs/analisis/0 ... 1271858120
All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{500BCA15-57A7-4eaf-8143-8C619470B13D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
C:\Program Files\Search Settings\SearchSettings.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1659004503-884357618-682003330-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\AppSecDll:C:\WINDOWS\system32\mscert.dll deleted successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings\kb130\temp folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings\kb130 folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio\temp folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio\res folder moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Dealio folder moved successfully.
C:\Program Files\Search Settings\temp folder moved successfully.
C:\Program Files\Search Settings\res folder moved successfully.
C:\Program Files\Search Settings\FF\components folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\skin folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\locale\en-US folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\locale folder moved successfully.
C:\Program Files\Search Settings\FF\chrome\content folder moved successfully.
C:\Program Files\Search Settings\FF\chrome folder moved successfully.
C:\Program Files\Search Settings\FF folder moved successfully.
C:\Program Files\Search Settings folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Dealio Toolbar\Res folder moved successfully.
C:\Program Files\Dealio Toolbar\IE\4.0.2 folder moved successfully.
C:\Program Files\Dealio Toolbar\IE folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\components folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\skin folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\locale\EN-US folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\locale folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome\content folder moved successfully.
C:\Program Files\Dealio Toolbar\FF\chrome folder moved successfully.
C:\Program Files\Dealio Toolbar\FF folder moved successfully.
C:\Program Files\Dealio Toolbar folder moved successfully.
C:\WINDOWS\002568_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\VistaCodecs folder moved successfully.
C:\mdjvbrw.exe moved successfully.
C:\sesk.exe moved successfully.
C:\uqaxgnpo.exe moved successfully.
C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\dp4b8ej7.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe moved successfully.
C:\WINDOWS\system32\drivers\glaide32.sys moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:73B1147D deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\WINDOWS\system32\rdolib.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Inst
->Temp folder emptied: 22610977 bytes
->Temporary Internet Files folder emptied: 7485941 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 63378 bytes
User: NetworkService
->Temp folder emptied: 232680 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Zdenek
->Temp folder emptied: 33712428 bytes
->Temporary Internet Files folder emptied: 6846139 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32157712 bytes
->Flash cache emptied: 2961 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 318943 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10955780 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 109,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Inst
User: LocalService
User: NetworkService
User: Zdenek
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start service SrService!
OTL by OldTimer - Version 3.2.1.3 log created on 04212010_154425
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7812.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7817.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF786D.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF7872.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF78A9.tmp not found!
File\Folder C:\Documents and Settings\Zdenek\Local Settings\Temp\~DF78AE.tmp not found!
C:\Documents and Settings\Zdenek\Local Settings\Temporary Internet Files\Content.IE5\YXC6QA17\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Zdenek\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
Registry entries deleted on Reboot...
*********************************************************************************************
tady jsou odkazy:
http://www.virustotal.com/cs/analisis/8 ... 1271857858
http://www.virustotal.com/cs/analisis/0 ... 1271858120
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Zatím dobře, děkuji.
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Tak ne... zkusil jsem tedď a nefunguje Microsoft Update.
Hází mi to chybu s kódem 0x80070002
Hází mi to chybu s kódem 0x80070002
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Start > Spustit (Win + R) > napište regedit.exe > OK- Najděte následující klíče klíče (je možné, že tam některý nebude)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wuauserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BITS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\wuauserv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BITS
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\wuauserv
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
- Najďěte složky BITS a wuauserv (u všech klíčů výše uvedených), klikněte na ně pravým tlačítkem myši, vyberte možnost "Oprávnění". Dejte "Povolit vše".
Potom v pravém okénku najdete hodnotu ImagePath, klikněte na ni pravým tl. myši a zvolte možnost "Změnit".
Zobrazí se Vám okénko s cestou (%fystemRoot%\system32\svchost.exe -k netsvcs)
Vy musíte přepsat písmenko F na s
aby cesta byla (%systemRoot%\system32\svchost.exe -k netsvcs)
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
po provedeni a spusteni je winupdate strasne pomaly a napsal:
Soubory, které systém Microsoft Update potřebuje, již nejsou v počítači zaregistrovány nebo nainstalovány. Chcete-li pokračovat, vyberte jednu z následujících možností:
Zaregistrovat nebo znovu nainstalovat tyto soubory (Doporučeno)
Seznámit se s dalšími kroky, které by mohly být požadovány pro řešení těchto potíží
po odsouhlaseni naskoci chyba 0x8024D007
Soubory, které systém Microsoft Update potřebuje, již nejsou v počítači zaregistrovány nebo nainstalovány. Chcete-li pokračovat, vyberte jednu z následujících možností:
Zaregistrovat nebo znovu nainstalovat tyto soubory (Doporučeno)
Seznámit se s dalšími kroky, které by mohly být požadovány pro řešení těchto potíží
po odsouhlaseni naskoci chyba 0x8024D007
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdenek at 2010-04-22 14:42:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (32%) free of 153 GB
Total RAM: 894 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:42:30, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/microsoftupdate
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2978353209
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2978488569
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG9IDSAgent (avgidsagent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 7550 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-21 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-03 16876032]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-21 2064736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-11 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-05 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\CDS\Nero\Installation\SetupX.exe"="D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3add5b3-e10f-11de-afcc-001fd08fdccd}]
shell\AutoRun\command - M:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dade2450-3fb7-11de-805e-001fd08fdccd}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddf36c7f-ef0e-11dd-bff1-001fd08fdccd}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8c7df71-416e-11de-8061-001fd08fdccd}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}]
shell\AutoRun\command - SETUP.EXE /AUTORUN
shell\configure\command - SETUP.EXE
shell\install\command - SETUP.EXE
======List of files/folders created in the last 1 months======
2010-04-21 15:44:25 ----D---- C:\_OTL
2010-04-21 13:59:53 ----D---- C:\Program Files\trend micro
2010-04-21 13:59:52 ----D---- C:\rsit
2010-04-21 11:34:07 ----D---- C:\Program Files\CCleaner
2010-04-21 10:05:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files\Java
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\java.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-11 19:15:18 ----D---- C:\Program Files\TVAnts
2010-04-09 21:51:18 ----D---- C:\Program Files\AVI to 3GP
2010-04-09 21:43:47 ----D---- C:\Program Files\VDownloader
2010-04-06 00:30:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
2010-04-06 00:29:44 ----D---- C:\Program Files\Keronsoft
2010-04-06 00:23:14 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-04-06 00:22:29 ----D---- C:\Program Files\Free Audio Pack
2010-04-06 00:22:29 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-04-06 00:07:28 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
2010-04-06 00:07:18 ----D---- C:\Program Files\Any Video Converter Professional
2010-04-05 21:38:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
2010-04-05 21:38:44 ----D---- C:\Program Files\ABC 3GP Converter
======List of files/folders modified in the last 1 months======
2010-04-22 14:05:21 ----D---- C:\WINDOWS\Prefetch
2010-04-22 14:05:21 ----D---- C:\WINDOWS
2010-04-22 13:57:25 ----D---- C:\WINDOWS\Temp
2010-04-22 13:56:01 ----D---- C:\WINDOWS\system32
2010-04-22 13:55:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-22 09:01:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 15:44:38 ----SD---- C:\WINDOWS\Tasks
2010-04-21 15:44:38 ----RD---- C:\Program Files
2010-04-21 15:44:38 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 13:56:25 ----SHD---- C:\WINDOWS\Installer
2010-04-21 13:56:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-21 11:46:30 ----D---- C:\WINDOWS\Debug
2010-04-21 11:29:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files
2010-04-21 10:04:46 ----D---- C:\Program Files\Java
2010-04-09 21:00:35 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-06 00:32:05 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-06 00:22:50 ----D---- C:\WINDOWS\WinSxS
2010-03-28 03:39:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-05 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-05 29512]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-11 3225088]
R3 avgidsdriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 avgidsfilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 avgidsshimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-06-18 3692288]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-11 557056]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-05 308064]
R2 avgidsagent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-03-05 5888008]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Zdenek at 2010-04-22 14:42:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (32%) free of 153 GB
Total RAM: 894 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:42:30, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/microsoftupdate
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2978353209
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2978488569
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG9IDSAgent (avgidsagent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 7550 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{F3C14C9E-3AD4-420E-8351-F3D651B80300}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-21 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-03 16876032]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-21 2064736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-11 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-05 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\CDS\Nero\Installation\SetupX.exe"="D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3add5b3-e10f-11de-afcc-001fd08fdccd}]
shell\AutoRun\command - M:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dade2450-3fb7-11de-805e-001fd08fdccd}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddf36c7f-ef0e-11dd-bff1-001fd08fdccd}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8c7df71-416e-11de-8061-001fd08fdccd}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fbb41e57-ede9-11dd-bfef-001fd08fdccd}]
shell\AutoRun\command - SETUP.EXE /AUTORUN
shell\configure\command - SETUP.EXE
shell\install\command - SETUP.EXE
======List of files/folders created in the last 1 months======
2010-04-21 15:44:25 ----D---- C:\_OTL
2010-04-21 13:59:53 ----D---- C:\Program Files\trend micro
2010-04-21 13:59:52 ----D---- C:\rsit
2010-04-21 11:34:07 ----D---- C:\Program Files\CCleaner
2010-04-21 10:05:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files\Java
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\java.exe
2010-04-21 10:05:18 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-11 19:15:18 ----D---- C:\Program Files\TVAnts
2010-04-09 21:51:18 ----D---- C:\Program Files\AVI to 3GP
2010-04-09 21:43:47 ----D---- C:\Program Files\VDownloader
2010-04-06 00:30:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
2010-04-06 00:29:44 ----D---- C:\Program Files\Keronsoft
2010-04-06 00:23:14 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeCDRipper
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-04-06 00:22:32 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-04-06 00:22:31 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-04-06 00:22:29 ----D---- C:\Program Files\Free Audio Pack
2010-04-06 00:22:29 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\FreeAudioPack
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-04-06 00:22:29 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-04-06 00:07:28 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Any Video Converter Professional
2010-04-06 00:07:18 ----D---- C:\Program Files\Any Video Converter Professional
2010-04-05 21:38:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
2010-04-05 21:38:44 ----D---- C:\Program Files\ABC 3GP Converter
======List of files/folders modified in the last 1 months======
2010-04-22 14:05:21 ----D---- C:\WINDOWS\Prefetch
2010-04-22 14:05:21 ----D---- C:\WINDOWS
2010-04-22 13:57:25 ----D---- C:\WINDOWS\Temp
2010-04-22 13:56:01 ----D---- C:\WINDOWS\system32
2010-04-22 13:55:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-22 09:01:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 15:44:38 ----SD---- C:\WINDOWS\Tasks
2010-04-21 15:44:38 ----RD---- C:\Program Files
2010-04-21 15:44:38 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 13:56:25 ----SHD---- C:\WINDOWS\Installer
2010-04-21 13:56:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-21 11:46:30 ----D---- C:\WINDOWS\Debug
2010-04-21 11:29:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-21 10:05:37 ----D---- C:\Program Files\Common Files
2010-04-21 10:04:46 ----D---- C:\Program Files\Java
2010-04-09 21:00:35 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-06 00:32:05 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-06 00:22:50 ----D---- C:\WINDOWS\WinSxS
2010-03-28 03:39:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-05 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-05 29512]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-11 3225088]
R3 avgidsdriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 avgidsfilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 avgidsshimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-06-18 3692288]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-11 557056]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-05 308064]
R2 avgidsagent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-03-05 5888008]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG nalezlo infekci Packed.AutoIt
Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229- Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
- Nic nemažte
MBAM má občas falešné detekce a mohl by smazat např. systémové soubory. - Log vložte sem.
Přispějete na provoz fóra?