VIRY.CZ

Zdravim, Zonealarm mi hlásí trojana ..dal jsem ho do karanteny,taktéž jsem prováděl scan programem Nod 32 ,ten taky detekoval pár virů ...mohly by jste se podívat jak je na tom moje pc teď co se týče virů ?díky

Logfile of random's system information tool 1.07 (written by random/random)
Run by Pita at 2010-05-26 20:05:27
Systém Microsoft Windows XP Professional Service Pack 2
System drive L: has 74 GB (87%) free of 85 GB
Total RAM: 2047 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:44, on 26.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
L:\WINDOWS\System32\smss.exe
L:\WINDOWS\system32\winlogon.exe
L:\WINDOWS\system32\services.exe
L:\WINDOWS\system32\lsass.exe
L:\WINDOWS\system32\Ati2evxx.exe
L:\WINDOWS\system32\svchost.exe
L:\WINDOWS\System32\svchost.exe
L:\WINDOWS\system32\ZoneLabs\vsmon.exe
L:\WINDOWS\system32\Ati2evxx.exe
L:\WINDOWS\Explorer.EXE
L:\WINDOWS\system32\spoolsv.exe
L:\Program Files\Java\jre6\bin\jqs.exe
L:\Program Files\Eset\nod32krn.exe
L:\WINDOWS\system32\wbem\wmiapsrv.exe
L:\WINDOWS\system32\wscntfy.exe
L:\WINDOWS\RTHDCPL.EXE
L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
L:\Program Files\Common Files\Java\Java Update\jusched.exe
L:\Program Files\Eset\nod32kui.exe
L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
L:\WINDOWS\system32\ctfmon.exe
L:\Program Files\DAEMON Tools\daemon.exe
L:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
L:\Program Files\Skype\Phone\Skype.exe
L:\Program Files\Skype\Plugin Manager\skypePM.exe
L:\WINDOWS\system32\svchost.exe
E:\net- foto bordel\RSIT.exe
L:\Program Files\trend micro\Pita.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - L:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - L:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Nap] "L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] L:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [nod32kui] "L:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [ZoneAlarm Client] "L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] L:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe l:\windows\system32\zonelabs\srescan.dll,DoSpecialAction
O4 - HKCU\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "L:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - L:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - L:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - L:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - L:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - L:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - L:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - L:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio CMIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - L:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - L:\Program Files\Eset\nod32krn.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - L:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4693 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - L:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - L:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RTHDCPL"=L:\WINDOWS\RTHDCPL.EXE [2007-08-10 16384000]
"Alcmtr"=L:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Ai Nap"=L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 626688]
"Cpu Level Up help"=L:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"nod32kui"=L:\Program Files\Eset\nod32kui.exe [2010-05-25 950664]
"ZoneAlarm Client"=L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"MSConfig"=L:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-17 159232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"srePostpone"=l:\windows\system32\zonelabs\srescan.dll [2008-02-27 1504736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=L:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"DAEMON Tools"=L:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
L:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
L:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\DRAGON RISING\OFDR.exe"="E:\DRAGON RISING\OFDR.exe:*:Enabled:OF Dragon Rising"
"E:\Resolume 2.4\resolume.exe"="E:\Resolume 2.4\resolume.exe:*:Enabled:Resolume 2.4 beta"
"E:\Program Files\Dragon Age\bin_ship\daorigins.exe"="E:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"E:\Program Files\Dragon Age\DAOriginsLauncher.exe"="E:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"L:\Program Files\Opera\opera.exe"="L:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"L:\Program Files\SecondLife\SLVoice.exe"="L:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"L:\Program Files\Skype\Phone\Skype.exe"="L:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c500f6c-6010-11de-87fe-806d6172696f}]
shell\AutoRun\command - F:\ECSTASY\ECSTASY.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d4dc1d4-4091-11de-a754-001e8c5d467f}]
shell\AutoRun\command - F:\ejpyypm.exe
shell\explore\command - F:\ejpyypm.exe
shell\open\command - F:\ejpyypm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94ed180c-43d7-11df-b823-001e8c5d467f}]
shell\AutoRun\command - F:\ejpyypm.exe
shell\explore\command - F:\ejpyypm.exe
shell\open\command - F:\ejpyypm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a15513fa-3bee-11de-a74d-001e8c5d467f}]
shell\AutoRun\command - G:\ejpyypm.exe
shell\explore\command - G:\ejpyypm.exe
shell\open\command - G:\ejpyypm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea822118-1c18-11df-b811-001e8c5d467f}]
shell\AutoRun\command - D:\Autorun.exe

======List of files/folders created in the last 1 months======

2010-05-26 20:05:27 ----D---- L:\rsit
2010-05-26 20:05:27 ----D---- L:\Program Files\trend micro
2010-05-25 13:05:53 ----D---- L:\WINDOWS\pss
2010-05-25 12:35:58 ----D---- L:\Documents and Settings\Pita\Data aplikací\MailFrontier
2010-05-25 12:28:33 ----D---- L:\Documents and Settings\Pita\Data aplikací\Thinstall
2010-05-25 12:25:48 ----D---- L:\Documents and Settings\All Users\Data aplikací\MailFrontier
2010-05-25 12:25:33 ----A---- L:\WINDOWS\zllsputility.exe
2010-05-25 12:25:14 ----A---- L:\WINDOWS\system32\vsregexp.dll
2010-05-25 12:25:14 ----A---- L:\WINDOWS\system32\libeay32_0.9.6l.dll
2010-05-25 12:25:08 ----A---- L:\WINDOWS\system32\zlcommdb.dll
2010-05-25 12:25:08 ----A---- L:\WINDOWS\system32\zlcomm.dll
2010-05-25 12:25:06 ----A---- L:\WINDOWS\system32\vswmi.dll
2010-05-25 12:25:05 ----A---- L:\WINDOWS\system32\zpeng24.dll
2010-05-25 12:25:04 ----D---- L:\WINDOWS\system32\ZoneLabs
2010-05-25 12:25:04 ----D---- L:\Program Files\Zone Labs
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vsxml.dll
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vspubapi.dll
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vsmonapi.dll
2010-05-25 12:24:39 ----D---- L:\WINDOWS\Internet Logs
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsutil.dll
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsinit.dll
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsdata.dll
2010-05-25 12:17:23 ----A---- L:\WINDOWS\system32\imon.dll
2010-05-25 12:16:36 ----D---- L:\Program Files\ESET
2010-05-15 18:48:20 ----D---- L:\Program Files\OpenAL
2010-05-15 18:48:20 ----A---- L:\WINDOWS\system32\wrap_oal.dll
2010-05-15 18:48:20 ----A---- L:\WINDOWS\system32\OpenAL32.dll
2010-05-15 18:47:56 ----D---- L:\Program Files\RedLynx
2010-05-04 02:58:58 ----D---- L:\Program Files\Common Files\Java
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\javaws.exe
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\javaw.exe
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\java.exe
2010-05-04 02:58:34 ----D---- L:\Program Files\Java
2010-04-29 13:51:58 ----D---- L:\Program Files\Common Files\iZotope
2010-04-29 11:15:44 ----D---- L:\Program Files\iZotope

======List of files/folders modified in the last 1 months======

2010-05-26 20:08:26 ----D---- L:\Documents and Settings\Pita\Data aplikací\Skype
2010-05-26 20:05:43 ----D---- L:\WINDOWS\Prefetch
2010-05-26 20:05:33 ----D---- L:\WINDOWS\Temp
2010-05-26 20:05:27 ----RD---- L:\Program Files
2010-05-26 18:04:19 ----D---- L:\Documents and Settings\Pita\Data aplikací\skypePM
2010-05-25 21:12:00 ----A---- L:\WINDOWS\system32\msvcsv60.dll
2010-05-25 20:38:33 ----D---- L:\WINDOWS\system32
2010-05-25 20:38:33 ----A---- L:\WINDOWS\system32\ssprs.dll
2010-05-25 20:38:33 ----A---- L:\WINDOWS\system32\lsprst7.dll
2010-05-25 17:39:59 ----SHD---- L:\WINDOWS\Installer
2010-05-25 15:34:48 ----HD---- L:\WINDOWS\inf
2010-05-25 13:07:19 ----A---- L:\WINDOWS\win.ini
2010-05-25 13:07:19 ----A---- L:\WINDOWS\system.ini
2010-05-25 13:05:53 ----D---- L:\WINDOWS
2010-05-25 12:39:25 ----A---- L:\WINDOWS\SchedLgU.Txt
2010-05-25 12:32:33 ----D---- L:\WINDOWS\system32\drivers
2010-05-25 12:25:27 ----D---- L:\WINDOWS\system32\CatRoot2
2010-05-19 00:25:23 ----D---- L:\Documents and Settings\Pita\Data aplikací\gtk-2.0
2010-05-16 16:34:19 ----D---- L:\Program Files\Native Instruments
2010-05-14 06:08:57 ----SD---- L:\WINDOWS\Tasks
2010-05-04 02:58:58 ----D---- L:\Program Files\Common Files
2010-05-04 02:58:37 ----A---- L:\WINDOWS\system32\deploytk.dll
2010-04-29 18:21:57 ----D---- L:\Program Files\Common Files\Native Instruments

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; L:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 intelppm;Řadič procesoru Intel; L:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 KLIF;KLIF; L:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 nod32drv;nod32drv; L:\WINDOWS\system32\drivers\nod32drv.sys [2010-05-25 15424]
R1 vsdatant;vsdatant; L:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; L:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; L:\WINDOWS\system32\drivers\amon.sys [2010-05-25 512096]
R3 Arp1394;Protokol 1394 ARP Client; L:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ati2mtag;ati2mtag; L:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; L:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; L:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); L:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 MTsensor;ATK0110 ACPI UTILITY; L:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; L:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; L:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; L:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; L:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; L:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; L:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 a4puwupp;a4puwupp; L:\WINDOWS\system32\drivers\a4puwupp.sys []
S3 MA_CMIDI;%EVOL_USB.SvcDesc%; L:\WINDOWS\system32\drivers\ma_cmidi.sys [2005-06-14 21888]
S3 pgusbmme;usb-audio.de MME-Adapter; L:\WINDOWS\system32\drivers\pgusbmm3.sys [2007-09-19 32768]
S3 usbaudio;Ovladač zvukové karty USB (WDM); L:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; L:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 uw500usb;usb-audio.de driver for Yamaha UW500; L:\WINDOWS\System32\Drivers\uw500usb.sys [2007-09-19 340992]
S4 IntelIde;IntelIde; L:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; L:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 JavaQuickStarterService;Java Quick Starter; L:\Program Files\Java\jre6\bin\jqs.exe [2010-05-04 153376]
R2 NOD32krn;NOD32 Kernel Service; L:\Program Files\Eset\nod32krn.exe [2010-05-25 549256]
R2 vsmon;TrueVector Internet Monitor; L:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S2 ATI Smart;ATI Smart; L:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 MA_CMIDI_InstallerService;M-Audio CMIDI Installer; L:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe []
S3 aspnet_state;ASP.NET State Service; L:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; L:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]

-----------------EOF-----------------

Zdravím

Vložte do PC všechny flash disky, které používáte.

Obrázek

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté zvolte jazyk E - Enter
Zvolte 2 - Enter (je možný restart PC)
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

############################## | UsbFix V6.115 |

User : Pita (Administrators) # PITA-08CA8C38C5
Update on 26/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:31:34 | 26.5.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Disabled
AV : ZoneAlarm Security Suite Antivirus 7.0.483.000 [ (!) Disabled | (!) Outdated ]
AV : ESET NOD32 antivirus system 2.70 2.70 [ Enabled | Updated ]
FW : ZoneAlarm Security Suite Firewall[ Enabled ]7.0.483.000

C:\ -> Místní pevný disk # 19,53 Go (5,44 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Místní pevný disk # 195,31 Go (42,11 Go free) # NTFS
F:\ -> Disk CD-ROM # 655,5 Mo (0 Mo free) [ECSTASY] # CDFS
G:\ -> Vyměnitelný disk # 249,76 Mo (1,04 Mo free) [PITAFLASH] # FAT32
I:\ -> Vyměnitelný disk # 3,67 Go (15,81 Mo free) [USB DISK] # FAT32
L:\ -> Místní pevný disk # 83,24 Go (72,56 Go free) # NTFS

################## | Files # Infected Folders |

Deleted ! L:\DOCUME~1\Pita\LOCALS~1\Temp\7e37730c-198a-0ce0-0e30-7b66bb3c1a0f.tmp.exe
Deleted ! C:\Recycler\S-1-5-21-329068152-1177238915-839522115-500
Deleted ! C:\Recycler\S-1-5-21-329068152-861567501-839522115-1003
Deleted ! C:\Recycler\S-1-5-21-343818398-1844823847-839522115-1003
Deleted ! C:\Recycler\S-1-5-21-725345543-1364589140-839522115-1003
Deleted ! C:\Recycler\S-1-5-21-73586283-1979792683-839522115-500
Deleted ! E:\Recycler\S-1-5-21-343818398-1844823847-839522115-1003
(!) Not deleted ! F:\autorun.inf
Deleted ! L:\Recycler\S-1-5-21-343818398-1844823847-839522115-1003

################## | Registry |

Deleted ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "MSConfig"

################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{94ed180c-43d7-11df-b823-001e8c5d467f}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{a15513fa-3bee-11de-a74d-001e8c5d467f}\Shell\AutoRun\Command

################## | Listing of the present files |

[07.05.2009 14:54|--a------|0] C:\AUTOEXEC.BAT
[25.05.2010 13:07|---hs----|321] C:\boot.ini
[25.10.2001 14:00|-rahs----|4952] C:\Bootfont.bin
[07.05.2009 14:54|--a------|0] C:\CONFIG.SYS
[17.02.2010 23:09|--a------|42531] C:\dhuy.exe
[06.06.2009 14:11|--a------|294] C:\DrvInst (1).log
[06.06.2009 14:11|--a------|230] C:\DrvInst (2).log
[06.06.2009 14:11|--a------|1191] C:\DrvInst.log
[16.09.2007 19:07|---hs----|65404] C:\ejpyypm.exe
[01.06.2009 09:50|--a------|1080] C:\Install (1).log
[06.06.2009 14:13|--a------|1188] C:\Install.log
[07.05.2009 14:54|-rahs----|0] C:\IO.SYS
[07.05.2009 14:54|-rahs----|0] C:\MSDOS.SYS
[07.05.2009 15:56|-rahs----|47564] C:\NTDETECT.COM
[07.05.2009 15:56|-rahs----|250576] C:\ntldr
[17.02.2010 06:16|--a------|42531] C:\posrt.exe
[18.02.2010 00:32|--a------|522] C:\RHDSetup.log
[15.02.2010 21:54|--a------|77312] C:\sjeu.exe
[29.04.2009 22:22|--a------|19799040] C:\TortoiseSVN-1.6.1.16129-win32-svn-1.6.1.msi
[16.09.2007 19:07|---hs----|65404] E:\ejpyypm.exe
[25.04.1999 13:11|-r-------|63] F:\AUTORUN.INF
[03.05.2010 15:41|--a------|87841626] G:\++++master2track.wav
[19.05.2010 23:54|--a------|33197406] G:\HC2.wav
[04.05.2010 23:44|--a------|88404126] G:\track.wav
[16.09.2007 18:07|---hs----|65404] G:\ejpyypm.exe
[19.04.2010 13:41|--a------|41852] G:\KORG PANDORA PX5D multiefekt.htm
[16.09.2007 19:07|---hs----|65404] L:\ejpyypm.exe
[?|?|?] L:\pagefile.sys
[26.05.2010 21:37|--a------|3637] L:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# E:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# G:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# L:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : L:\UsbFix_Upload_Me_PITA-08CA8C38C5.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.115 ! |

OTL logfile created on: 26.5.2010 21:46:46 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = L:\Documents and Settings\Pita\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): L:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = L: | %SystemRoot% = L:\WINDOWS | %ProgramFiles% = L:\Program Files
Drive C: | 19,53 Gb Total Space | 6,44 Gb Free Space | 32,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 195,31 Gb Total Space | 42,12 Gb Free Space | 21,56% Space Free | Partition Type: NTFS
Drive F: | 655,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 249,76 Mb Total Space | 1,04 Mb Free Space | 0,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
Drive I: | 3,67 Gb Total Space | 0,02 Gb Free Space | 0,42% Space Free | Partition Type: FAT32
Drive L: | 83,24 Gb Total Space | 72,88 Gb Free Space | 87,56% Space Free | Partition Type: NTFS

Computer Name: PITA-08CA8C38C5
Current User Name: Pita
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.26 21:44:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- L:\Documents and Settings\Pita\Plocha\OTL.exe
PRC - [2010.05.25 12:16:38 | 000,549,256 | ---- | M] (Eset ) -- L:\Program Files\ESET\nod32krn.exe
PRC - [2009.02.26 11:49:18 | 000,099,328 | ---- | M] (Opera Software) -- L:\Program Files\Opera\opera.exe
PRC - [2008.07.09 09:05:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) -- L:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- L:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.05.26 21:44:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- L:\Documents and Settings\Pita\Plocha\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- L:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- L:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MA_CMIDI_InstallerService)
SRV - [2010.05.25 12:16:38 | 000,549,256 | ---- | M] (Eset ) [Auto | Running] -- L:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008.07.09 09:05:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- L:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)

========== Driver Services (SafeList) ==========

DRV - [2010.05.25 12:16:38 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- L:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.05.25 12:16:38 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- L:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2010.02.18 01:03:43 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- L:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.07.09 09:05:22 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- L:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008.02.27 03:10:44 | 000,051,176 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- L:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007.11.02 07:52:04 | 002,644,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.09.19 13:44:02 | 000,340,992 | ---- | M] (Yamaha) [Kernel | On_Demand | Stopped] -- L:\WINDOWS\system32\drivers\uw500usb.sys -- (uw500usb)
DRV - [2007.09.19 13:42:42 | 000,032,768 | ---- | M] (usb-audio.de) [Kernel | On_Demand | Stopped] -- L:\WINDOWS\system32\drivers\pgusbmm3.sys -- (pgusbmme)
DRV - [2007.08.15 10:22:00 | 000,265,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.08.10 07:52:44 | 004,603,904 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.07.19 15:10:28 | 000,127,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- L:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.10.18 21:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- L:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2005.06.14 14:44:00 | 000,021,888 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- L:\WINDOWS\system32\drivers\MA_CMIDI.SYS -- (MA_CMIDI)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.13 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- L:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- L:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-343818398-1844823847-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - L:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Ai Nap] L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [Alcmtr] L:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Cpu Level Up help] L:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [CPU Power Monitor] L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe ()
O4 - HKLM..\Run: [nod32kui] L:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [StartCCC] L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKU\S-1-5-21-343818398-1844823847-839522115-1003..\Run: [DAEMON Tools] L:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-1844823847-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-343818398-1844823847-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKU\S-1-5-21-343818398-1844823847-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - L:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - L:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - L:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - L:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - L:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - L:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} http://stream.pussyharem.com/stream/mmp3.cab (_Multimedia Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.126.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - L:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - L:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - L:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.07 14:54:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.05.26 21:37:42 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.05.26 21:37:42 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [1999.04.25 13:11:00 | 000,000,063 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010.05.26 21:37:44 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.05.24 15:59:30 | 000,000,000 | -H-D | M] - I:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.05.26 21:37:44 | 000,000,000 | RHSD | M] - L:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - L:\WINDOWS\system32\ias [2010.02.18 00:47:35 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - L:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - L:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - L:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - L:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - L:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - L:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - L:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - L:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - L:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - L:\WINDOWS\System32\xvid.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.26 21:44:14 | 000,571,904 | ---- | C] (OldTimer Tools) -- L:\Documents and Settings\Pita\Plocha\OTL.exe
[2010.05.26 21:37:44 | 000,000,000 | RHSD | C] -- L:\autorun.inf
[2010.05.26 21:24:19 | 000,000,000 | ---D | C] -- L:\UsbFix
[2010.05.26 20:05:27 | 000,000,000 | ---D | C] -- L:\Program Files\trend micro
[2010.05.26 20:05:27 | 000,000,000 | ---D | C] -- L:\rsit
[2010.05.25 13:05:53 | 000,000,000 | ---D | C] -- L:\WINDOWS\pss
[2010.05.25 12:35:58 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Data aplikací\MailFrontier
[2010.05.25 12:28:33 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Data aplikací\Thinstall
[2010.05.25 12:25:48 | 000,000,000 | ---D | C] -- L:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2010.05.25 12:25:33 | 000,075,248 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\zllsputility.exe
[2010.05.25 12:25:26 | 000,127,768 | ---- | C] (Kaspersky Lab) -- L:\WINDOWS\System32\drivers\klif.sys
[2010.05.25 12:25:14 | 000,071,144 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsregexp.dll
[2010.05.25 12:25:08 | 000,083,432 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\zlcomm.dll
[2010.05.25 12:25:08 | 000,071,144 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\zlcommdb.dll
[2010.05.25 12:25:06 | 000,046,568 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vswmi.dll
[2010.05.25 12:25:05 | 001,086,952 | ---- | C] (Python Software Foundation) -- L:\WINDOWS\System32\zpeng24.dll
[2010.05.25 12:25:04 | 000,275,944 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vspubapi.dll
[2010.05.25 12:25:04 | 000,103,912 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsmonapi.dll
[2010.05.25 12:25:04 | 000,099,816 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsxml.dll
[2010.05.25 12:25:04 | 000,000,000 | ---D | C] -- L:\WINDOWS\System32\ZoneLabs
[2010.05.25 12:25:04 | 000,000,000 | ---D | C] -- L:\Program Files\Zone Labs
[2010.05.25 12:25:03 | 000,394,952 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsdatant.sys
[2010.05.25 12:24:39 | 000,472,552 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsutil.dll
[2010.05.25 12:24:39 | 000,157,160 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsinit.dll
[2010.05.25 12:24:39 | 000,083,432 | ---- | C] (Zone Labs, LLC) -- L:\WINDOWS\System32\vsdata.dll
[2010.05.25 12:24:39 | 000,000,000 | ---D | C] -- L:\WINDOWS\Internet Logs
[2010.05.25 12:17:23 | 000,512,096 | ---- | C] (Eset ) -- L:\WINDOWS\System32\drivers\amon.sys
[2010.05.25 12:17:23 | 000,299,392 | ---- | C] (Eset ) -- L:\WINDOWS\System32\imon.dll
[2010.05.25 12:16:36 | 000,000,000 | ---D | C] -- L:\Program Files\ESET
[2010.05.15 18:48:47 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Dokumenty\Trials 2
[2010.05.15 18:48:30 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Local Settings\Data aplikací\Redlynx
[2010.05.15 18:48:20 | 000,413,696 | ---- | C] (Creative Labs) -- L:\WINDOWS\System32\wrap_oal.dll
[2010.05.15 18:48:20 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- L:\WINDOWS\System32\OpenAL32.dll
[2010.05.15 18:48:20 | 000,000,000 | ---D | C] -- L:\Program Files\OpenAL
[2010.05.15 18:47:56 | 000,000,000 | ---D | C] -- L:\Program Files\RedLynx
[2010.05.04 02:58:58 | 000,000,000 | ---D | C] -- L:\Program Files\Common Files\Java
[2010.05.04 02:58:47 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javaws.exe
[2010.05.04 02:58:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javaw.exe
[2010.05.04 02:58:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\java.exe
[2010.05.04 02:58:47 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javacpl.cpl
[2010.05.04 02:58:34 | 000,000,000 | ---D | C] -- L:\Program Files\Java
[2010.04.29 18:22:49 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Local Settings\Data aplikací\Native Instruments
[2010.04.29 13:56:50 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Dokumenty\iZotope Ozone 4 Presets
[2010.04.29 13:51:59 | 000,000,000 | ---D | C] -- L:\Documents and Settings\Pita\Dokumenty\iZotope Ozone Presets
[2010.04.29 13:51:58 | 000,000,000 | ---D | C] -- L:\Program Files\Common Files\iZotope
[2010.04.29 11:15:44 | 000,000,000 | ---D | C] -- L:\Program Files\iZotope
[3 L:\WINDOWS\*.tmp files -> L:\WINDOWS\*.tmp -> ]
[1 L:\WINDOWS\System32\*.tmp files -> L:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.26 21:49:58 | 000,002,283 | ---- | M] () -- L:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.26 21:47:19 | 000,944,160 | -HS- | M] () -- L:\WINDOWS\System32\drivers\fidbox.dat
[2010.05.26 21:44:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- L:\Documents and Settings\Pita\Plocha\OTL.exe
[2010.05.26 21:40:08 | 000,010,011 | ---- | M] () -- L:\UsbFix_Upload_Me_PITA-08CA8C38C5.zip
[2010.05.26 21:31:27 | 000,355,091 | ---- | M] () -- L:\WINDOWS\System32\vsconfig.xml
[2010.05.26 21:30:59 | 000,000,006 | -H-- | M] () -- L:\WINDOWS\tasks\SA.DAT
[2010.05.26 21:30:56 | 000,002,206 | ---- | M] () -- L:\WINDOWS\System32\wpa.dbl
[2010.05.26 21:30:54 | 000,002,048 | --S- | M] () -- L:\WINDOWS\bootstat.dat
[2010.05.26 21:29:55 | 000,015,080 | -HS- | M] () -- L:\WINDOWS\System32\drivers\fidbox.idx
[2010.05.26 21:29:36 | 002,097,152 | -H-- | M] () -- L:\Documents and Settings\Pita\NTUSER.DAT
[2010.05.26 21:29:33 | 000,000,178 | -HS- | M] () -- L:\Documents and Settings\Pita\ntuser.ini
[2010.05.26 19:20:02 | 003,888,054 | ---- | M] () -- L:\Documents and Settings\Pita\Plocha\zzzzzzzzzzzzzzzz.bmp
[2010.05.26 18:07:30 | 000,004,212 | -H-- | M] () -- L:\WINDOWS\System32\zllictbl.dat
[2010.05.25 21:12:00 | 000,000,016 | ---- | M] () -- L:\WINDOWS\System32\w3data.vss
[2010.05.25 21:12:00 | 000,000,016 | ---- | M] () -- L:\WINDOWS\System32\msvcsv60.dll
[2010.05.25 21:12:00 | 000,000,016 | ---- | M] () -- L:\WINDOWS\msocreg32.dat
[2010.05.25 20:38:33 | 000,000,219 | ---- | M] () -- L:\WINDOWS\System32\lsprst7.tgz
[2010.05.25 20:38:33 | 000,000,205 | ---- | M] () -- L:\WINDOWS\System32\lsprst7.dll
[2010.05.25 20:38:33 | 000,000,087 | ---- | M] () -- L:\WINDOWS\System32\ssprs.tgz
[2010.05.25 20:38:33 | 000,000,073 | ---- | M] () -- L:\WINDOWS\System32\ssprs.dll
[2010.05.25 13:07:19 | 000,000,477 | ---- | M] () -- L:\WINDOWS\win.ini
[2010.05.25 13:07:19 | 000,000,227 | ---- | M] () -- L:\WINDOWS\system.ini
[2010.05.25 12:16:38 | 000,512,096 | ---- | M] (Eset ) -- L:\WINDOWS\System32\drivers\amon.sys
[2010.05.25 12:16:38 | 000,299,392 | ---- | M] (Eset ) -- L:\WINDOWS\System32\imon.dll
[2010.05.25 12:16:38 | 000,015,424 | ---- | M] () -- L:\WINDOWS\System32\drivers\nod32drv.sys
[2010.05.25 12:16:03 | 000,007,168 | ---- | M] () -- L:\Documents and Settings\Pita\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.19 00:25:23 | 000,001,431 | ---- | M] () -- L:\Documents and Settings\Pita\.recently-used.xbel
[2010.05.16 16:34:40 | 000,000,737 | ---- | M] () -- L:\Documents and Settings\Pita\Plocha\B4 II.lnk
[2010.05.16 14:08:07 | 000,000,664 | ---- | M] () -- L:\WINDOWS\System32\d3d9caps.dat
[2010.05.15 18:48:20 | 000,413,696 | ---- | M] (Creative Labs) -- L:\WINDOWS\System32\wrap_oal.dll
[2010.05.15 18:48:20 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- L:\WINDOWS\System32\OpenAL32.dll
[2010.05.15 18:48:06 | 000,000,887 | ---- | M] () -- L:\Documents and Settings\All Users\Plocha\Trials 2 Second Edition.lnk
[2010.05.04 02:58:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\deploytk.dll
[2010.05.04 02:58:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javaws.exe
[2010.05.04 02:58:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javaw.exe
[2010.05.04 02:58:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\java.exe
[2010.05.04 02:58:37 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- L:\WINDOWS\System32\javacpl.cpl
[3 L:\WINDOWS\*.tmp files -> L:\WINDOWS\*.tmp -> ]
[1 L:\WINDOWS\System32\*.tmp files -> L:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.26 21:40:08 | 000,010,011 | ---- | C] () -- L:\UsbFix_Upload_Me_PITA-08CA8C38C5.zip
[2010.05.26 19:20:01 | 003,888,054 | ---- | C] () -- L:\Documents and Settings\Pita\Plocha\zzzzzzzzzzzzzzzz.bmp
[2010.05.25 12:32:33 | 000,944,160 | -HS- | C] () -- L:\WINDOWS\System32\drivers\fidbox.dat
[2010.05.25 12:32:33 | 000,015,080 | -HS- | C] () -- L:\WINDOWS\System32\drivers\fidbox.idx
[2010.05.25 12:25:43 | 000,004,212 | -H-- | C] () -- L:\WINDOWS\System32\zllictbl.dat
[2010.05.25 12:25:14 | 000,796,048 | ---- | C] () -- L:\WINDOWS\System32\libeay32_0.9.6l.dll
[2010.05.25 12:25:03 | 000,355,091 | ---- | C] () -- L:\WINDOWS\System32\vsconfig.xml
[2010.05.25 12:17:23 | 000,015,424 | ---- | C] () -- L:\WINDOWS\System32\drivers\nod32drv.sys
[2010.05.19 00:25:23 | 000,001,431 | ---- | C] () -- L:\Documents and Settings\Pita\.recently-used.xbel
[2010.05.16 16:34:40 | 000,000,737 | ---- | C] () -- L:\Documents and Settings\Pita\Plocha\B4 II.lnk
[2010.05.16 14:08:07 | 000,000,664 | ---- | C] () -- L:\WINDOWS\System32\d3d9caps.dat
[2010.05.15 18:48:06 | 000,000,887 | ---- | C] () -- L:\Documents and Settings\All Users\Plocha\Trials 2 Second Edition.lnk
[2010.04.20 22:20:00 | 000,000,016 | ---- | C] () -- L:\WINDOWS\System32\msvcsv60.dll
[2010.04.20 19:07:27 | 000,001,025 | ---- | C] () -- L:\WINDOWS\System32\sysprs7.dll
[2010.04.20 19:07:27 | 000,001,025 | ---- | C] () -- L:\WINDOWS\System32\clauth2.dll
[2010.04.20 19:07:27 | 000,001,025 | ---- | C] () -- L:\WINDOWS\System32\clauth1.dll
[2010.04.20 19:07:27 | 000,000,205 | ---- | C] () -- L:\WINDOWS\System32\lsprst7.dll
[2010.04.20 19:07:27 | 000,000,073 | ---- | C] () -- L:\WINDOWS\System32\ssprs.dll
[2010.02.18 01:18:42 | 000,178,176 | ---- | C] () -- L:\WINDOWS\System32\unrar.dll
[2010.02.18 01:03:43 | 000,682,232 | ---- | C] () -- L:\WINDOWS\System32\drivers\sptd.sys
[2010.02.18 00:37:14 | 000,024,576 | R--- | C] () -- L:\WINDOWS\System32\AsIO.dll
[2010.02.18 00:37:13 | 000,012,664 | R--- | C] () -- L:\WINDOWS\System32\drivers\AsIO.sys
[2010.02.18 00:37:10 | 000,012,096 | ---- | C] () -- L:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2010.02.18 00:37:10 | 000,010,304 | ---- | C] () -- L:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2010.02.18 00:23:31 | 000,031,865 | ---- | C] () -- L:\WINDOWS\Ascd_log.ini
[2010.02.18 00:22:36 | 000,005,810 | R--- | C] () -- L:\WINDOWS\System32\drivers\ASACPI.sys
[2010.02.18 00:22:31 | 000,031,559 | ---- | C] () -- L:\WINDOWS\Ascd_tmp.ini
[2010.02.18 00:22:18 | 000,010,288 | ---- | C] () -- L:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- L:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- L:\WINDOWS\System32\AgCPanelFrench.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- L:\WINDOWS\System32\ieencode.dll
[2004.07.17 11:36:38 | 000,027,440 | ---- | C] () -- L:\WINDOWS\System32\drivers\secdrv.sys
[2004.06.27 22:49:42 | 000,159,744 | ---- | C] () -- L:\WINDOWS\System32\xvid.dll
[2004.06.27 20:15:12 | 000,679,936 | ---- | C] () -- L:\WINDOWS\System32\xvidcore.dll

========== LOP Check ==========

[2010.03.01 19:08:22 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.05.25 12:43:02 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2010.02.27 23:30:20 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\Native Instruments
[2010.02.18 19:57:57 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\Propellerhead Software
[2010.02.21 20:41:28 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\Resolume 2.4
[2010.02.18 19:17:10 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\Steinberg
[2010.02.18 19:21:49 | 000,000,000 | ---D | M] -- L:\Documents and Settings\All Users\Data aplikací\VST3 Presets
[2010.02.27 23:30:18 | 000,000,000 | -H-D | M] -- L:\Documents and Settings\All Users\Data aplikací\{902029B2-957E-4066-85FA-30DA31731718}
[2010.02.27 23:30:27 | 000,000,000 | -H-D | M] -- L:\Documents and Settings\All Users\Data aplikací\{C79A30AF-08C1-49CF-8F27-526F179A478D}
[2010.03.13 20:09:22 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Audacity
[2010.02.27 21:52:05 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\COWON
[2010.02.18 14:39:53 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\GHISLER
[2010.05.19 00:25:23 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\gtk-2.0
[2010.05.25 12:35:58 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\MailFrontier
[2010.02.18 01:08:46 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Opera
[2010.02.18 20:03:33 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Propellerhead Software
[2010.03.18 22:21:13 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\SecondLife
[2010.03.13 19:38:40 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Sony
[2010.02.18 20:15:54 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Steinberg
[2010.05.25 12:28:33 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Thinstall
[2010.02.18 00:33:47 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\TMP

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = L:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"DAEMON Tools" = "L:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -- [2007.04.04 00:29:15 | 000,165,784 | ---- | M] (DT Soft Ltd.)

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.09.16 19:07:12 | 000,065,404 | -HS- | M] () -- L:\ejpyypm.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.02.18 02:18:35 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Adobe
[2010.02.18 00:21:07 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\ATI
[2010.03.13 20:09:22 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Audacity
[2010.02.27 21:52:05 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\COWON
[2010.02.18 14:39:53 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\GHISLER
[2010.05.19 00:25:23 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\gtk-2.0
[2010.02.18 00:07:37 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Identities
[2010.02.18 01:26:32 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\InstallShield
[2010.02.18 02:18:35 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Macromedia
[2010.05.25 12:35:58 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\MailFrontier
[2010.04.15 02:35:10 | 000,000,000 | --SD | M] -- L:\Documents and Settings\Pita\Data aplikací\Microsoft
[2010.03.18 22:14:50 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Mozilla
[2010.02.18 01:08:46 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Opera
[2010.02.18 20:03:33 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Propellerhead Software
[2010.03.18 22:21:13 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\SecondLife
[2010.05.26 21:50:40 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Skype
[2010.05.26 21:50:04 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\skypePM
[2010.03.13 19:38:40 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Sony
[2010.02.18 20:15:54 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Steinberg
[2010.04.15 02:23:16 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Sun
[2010.05.25 12:28:33 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\Thinstall
[2010.02.18 00:33:47 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\TMP
[2010.03.01 22:21:23 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\vlc
[2010.03.13 23:00:01 | 000,000,000 | ---D | M] -- L:\Documents and Settings\Pita\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.02.18 00:16:02 | 000,009,158 | R--- | M] () -- L:\DOCUME~1\Pita\DATAAP~1\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2010.05.25 12:28:33 | 000,007,168 | ---- | M] () -- L:\DOCUME~1\Pita\DATAAP~1\Thinstall\Autorun Virus Remover 2.3\40000013800002i\AutorunRemover.exe
[2010.05.25 12:29:45 | 000,007,168 | ---- | M] () -- L:\DOCUME~1\Pita\DATAAP~1\Thinstall\Autorun Virus Remover 2.3\4ad000006100003i\cmd.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- L:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- L:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- L:\WINDOWS\System32\dllcache\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- L:\WINDOWS\System32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- L:\WINDOWS\System32\drivers\system32\DRIVERS\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- L:\WINDOWS\System32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- L:\WINDOWS\System32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- L:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- L:\WINDOWS\System32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- L:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- L:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- L:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- L:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- L:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- L:\WINDOWS\System32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- L:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- L:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- L:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- L:\WINDOWS\System32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- L:\WINDOWS\System32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- L:\WINDOWS\System32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- L:\WINDOWS\System32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- L:\WINDOWS\System32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- L:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- L:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- L:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- L:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- L:\WINDOWS\System32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- L:\WINDOWS\System32\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- L:\WINDOWS\System32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- L:\WINDOWS\System32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- L:\WINDOWS\System32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- L:\WINDOWS\System32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- L:\WINDOWS\System32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- L:\WINDOWS\System32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- L:\WINDOWS\System32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- L:\WINDOWS\System32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- L:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- L:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 L:\WINDOWS\system32\*.tmp files -> L:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.18 01:03:43 | 000,682,232 | ---- | M] () Unable to obtain MD5 -- L:\WINDOWS\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.02.18 00:50:54 | 000,094,208 | ---- | M] () -- L:\WINDOWS\system32\config\default.sav
[2010.02.18 00:50:53 | 000,663,552 | ---- | M] () -- L:\WINDOWS\system32\config\software.sav
[2010.02.18 00:50:53 | 000,495,616 | ---- | M] () -- L:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 L:\WINDOWS\system32\*.tmp files -> L:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.05.25 12:16:38 | 000,512,096 | ---- | M] (Eset ) -- L:\WINDOWS\System32\drivers\amon.sys
[2010.05.25 12:16:38 | 000,015,424 | ---- | M] () -- L:\WINDOWS\System32\drivers\nod32drv.sys

< %systemroot%\system32\*.* /3 >
[2010.05.25 12:16:38 | 000,299,392 | ---- | M] (Eset ) -- L:\WINDOWS\system32\imon.dll
[2010.05.25 20:38:33 | 000,000,205 | ---- | M] () -- L:\WINDOWS\system32\lsprst7.dll
[2010.05.25 20:38:33 | 000,000,219 | ---- | M] () -- L:\WINDOWS\System32\lsprst7.tgz
[2010.05.25 21:12:00 | 000,000,016 | ---- | M] () -- L:\WINDOWS\system32\msvcsv60.dll
[2010.05.25 20:38:33 | 000,000,073 | ---- | M] () -- L:\WINDOWS\system32\ssprs.dll
[2010.05.25 20:38:33 | 000,000,087 | ---- | M] () -- L:\WINDOWS\System32\ssprs.tgz
[2010.05.26 21:31:27 | 000,355,091 | ---- | M] () -- L:\WINDOWS\System32\vsconfig.xml
[2010.05.25 21:12:00 | 000,000,016 | ---- | M] () -- L:\WINDOWS\system32\w3data.vss
[2010.05.26 21:30:56 | 000,002,206 | ---- | M] () -- L:\WINDOWS\system32\wpa.dbl
[2010.05.26 18:07:30 | 000,004,212 | -H-- | M] () -- L:\WINDOWS\System32\zllictbl.dat
[1 L:\WINDOWS\system32\*.tmp files -> L:\WINDOWS\system32\*.tmp -> ]
< End of report >

OTL Extras logfile created on: 26.5.2010 21:46:46 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = L:\Documents and Settings\Pita\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): L:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = L: | %SystemRoot% = L:\WINDOWS | %ProgramFiles% = L:\Program Files
Drive C: | 19,53 Gb Total Space | 6,44 Gb Free Space | 32,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 195,31 Gb Total Space | 42,12 Gb Free Space | 21,56% Space Free | Partition Type: NTFS
Drive F: | 655,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 249,76 Mb Total Space | 1,04 Mb Free Space | 0,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
Drive I: | 3,67 Gb Total Space | 0,02 Gb Free Space | 0,42% Space Free | Partition Type: FAT32
Drive L: | 83,24 Gb Total Space | 72,88 Gb Free Space | 87,56% Space Free | Partition Type: NTFS

Computer Name: PITA-08CA8C38C5
Current User Name: Pita
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- L:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "L:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "L:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\DRAGON RISING\OFDR.exe" = E:\DRAGON RISING\OFDR.exe:*:Enabled:OF Dragon Rising -- (Codemasters Software Company Limited)
"E:\Resolume 2.4\resolume.exe" = E:\Resolume 2.4\resolume.exe:*:Enabled:Resolume 2.4 beta -- (Resolume V.O.F)
"E:\Program Files\Dragon Age\bin_ship\daorigins.exe" = E:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra -- (BioWare)
"E:\Program Files\Dragon Age\DAOriginsLauncher.exe" = E:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit -- (BioWare)
"E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat -- (BioWare)
"L:\Program Files\Opera\opera.exe" = L:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"L:\Program Files\SecondLife\SLVoice.exe" = L:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02408B4B-35AB-6F27-F09F-AB755604F18A}" = CCC Help Norwegian
"{03303AE9-B8E3-8736-6760-7AC5E5F28411}" = Catalyst Control Center Graphics Full Existing
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0816BEDF-7156-86ED-73A7-51E3A6F9618C}" = Catalyst Control Center Localization Portuguese
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{14088A3C-96E9-0326-1E31-40B599739D5D}" = Catalyst Control Center Localization Danish
"{18AEAA52-353E-1FBA-49A7-8A7846B756FC}" = CCC Help Portuguese
"{18E63856-66DB-ABD3-4537-F02A93DDDAF2}" = CCC Help French
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C496937-CF1D-250E-4982-8ECFA1AF040E}" = Catalyst Control Center Localization Dutch
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{204A052D-43C1-64BD-888D-17BD668AD6F3}" = Catalyst Control Center Graphics Light
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{3083F455-68C6-8830-4207-16CDB73D704D}" = CCC Help Polish
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{379BD39E-F13E-458F-96D8-56BD7F2CC516}" = MA_CMIDI
"{3C273231-7C97-FF28-1FD0-126CAE0F60C1}" = Catalyst Control Center Localization Turkish
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4228D0C1-068F-09AA-CF06-F3D41C086E60}" = CCC Help Russian
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{46272908-CB74-55D6-015C-56FC9E696943}" = Catalyst Control Center Localization Thai
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4CA5A832-3CE1-E0F4-09CB-74B8D78AACAB}" = CCC Help Thai
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{4FBAE95B-8FAA-7A43-1D4B-7FA1140F04A4}" = CCC Help Spanish
"{532972DC-7450-C767-0CAB-DEEADC042C97}" = CCC Help Korean
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5CBE8BF9-E386-144E-2275-A0571CD4AB3E}" = CCC Help Chinese Standard
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D6609E8-5A6C-58C9-B99D-99019F42D4FF}" = CCC Help Czech
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77604F22-C6C4-6FCD-9C0F-0D5D4363D0EB}" = Catalyst Control Center Localization Hungarian
"{79A9EE33-3F8E-F03B-127E-DE3AA6E1A045}" = CCC Help Finnish
"{7A5A52BA-CB57-787B-10DD-1F717D9FCEFD}" = CCC Help Italian
"{82841135-112D-2587-98F1-532FCEA99A4C}" = CCC Help Greek
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8B3700A3-3A38-900D-2192-D1E9E7999F68}" = Catalyst Control Center Localization Finnish
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8EEF2D6F-509A-0F8E-647A-0EECE541E55F}" = Catalyst Control Center Localization Czech
"{965D29F4-902C-8211-5302-840FD87F7DF2}" = Catalyst Control Center Localization Greek
"{98764FC3-87A6-1EB3-E0CB-B84F73B780DB}" = CCC Help German
"{9B741240-EF62-154B-1997-60B506449417}" = Catalyst Control Center Localization Chinese Traditional
"{9B9A6B96-6970-9ED6-0675-E060EFE658E0}" = Catalyst Control Center Localization Polish
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ADB13867-C822-EEA4-1D00-9B5E0399612D}" = Catalyst Control Center Core Implementation
"{AE3890B6-877C-B8B2-D4A7-BD3D61EBF803}" = CCC Help Japanese
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AFA31743-20A2-7D27-2987-681F91D6E85F}" = Catalyst Control Center Localization Korean
"{B01EAEB2-ECC8-1DFC-65D0-3127B10AE7C7}" = ccc-core-preinstall
"{B18EC160-29FA-2B04-BBCD-2917956EEFC8}" = Catalyst Control Center Graphics Full New
"{B57CA8AB-9461-1386-54D0-1F2D211C9F3F}" = CCC Help Hungarian
"{B7A13295-43A4-D0EF-8EF5-1874FEF4AFD6}" = Catalyst Control Center Localization French
"{BC550D51-807D-EF68-AE54-0ABBF943A653}" = Catalyst Control Center Localization Swedish
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{BE621D1B-141E-9BAB-0670-285633BC0050}" = Skins
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3831B1E-8822-8E53-9911-2A6950E3CA8F}" = Catalyst Control Center Localization Russian
"{C68CA5F3-3762-5097-E198-EC308508C643}" = CCC Help English
"{D0E24994-42AB-32B3-89D6-B487B42B5340}" = Catalyst Control Center Localization Norwegian
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D6F4EF5E-5792-4ECA-D024-5763335B16F1}" = CCC Help Danish
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v2.1
"{DE33B0D5-6781-1477-A825-015B189CDA48}" = ccc-core-static
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E58BD749-ACFE-9342-E158-4527CFB0F32F}" = Catalyst Control Center Graphics Previews Common
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EB109037-3C5D-D11E-ADD1-8C96585315F1}" = Catalyst Control Center Localization Chinese Standard
"{ECEE477B-6FDC-B62A-2782-ED13DD44A466}" = Catalyst Control Center Localization Spanish
"{EFC9FED9-A930-0573-4537-CF4CF52F41EC}" = Catalyst Control Center Localization Italian
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0A81C0F-F842-98B9-9E92-E519E101A6A6}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D0DD2C-CDF8-CF48-2C05-CE209511A683}" = CCC Help Dutch
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F448EFBD-E9B5-1025-887D-C5A79BA7CF17}" = Catalyst Control Center Localization German
"{F66E79DF-A079-9881-4C3E-FE74B1B538E9}" = CCC Help Swedish
"{F8B226E7-3DDF-2F6C-08D9-ADE9D2CFF0D7}" = ccc-utility
"{FB6ED2DF-E2FD-8FD9-C7D2-9287C904A545}" = CCC Help Chinese Traditional
"{FC7EFC9F-61C8-A9AE-2DA6-DBBF188DE386}" = Catalyst Control Center Localization Japanese
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"CDex" = CDex - Open Source Digital Audio CD Extractor
"iZotope Ozone 3_is1" = iZotope Ozone 3
"iZotope Ozone 4_is1" = iZotope Ozone 4
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Standard)
"Korg Legacy Collection v1.0.0.2" = Korg Legacy Collection v1.0.0.2
"Marvell Miniport Driver" = Marvell Miniport Driver
"Native Instruments B4 II" = Native Instruments B4 II
"Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS" = Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"NOD32" = NOD32 antivirus system
"OpenAL" = OpenAL
"Reason4_is1" = Reason 4.0
"Resolume 2.4_is1" = Resolume 2.4
"SecondLife" = SecondLife (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Trials 2 Second Edition_is1" = Trials 2 Second Edition v1.08
"USB_AUDIO_DEusb-audio.deYamahaUW500" = Yamaha UW 500 USB ASIO driver
"VLC media player" = VideoLAN VLC media player 0.8.6e
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"Xvid CZ 1.01_is1" = Xvid CZ 1.01
"ZoneAlarm Security Suite" = ZoneAlarm Security Suite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.4.2010 7:58:32 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Cubase5.exe, verze 5.1.0.105, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2010 17:06:47 | Computer Name = PITA-08CA8C38C5 | Source = Application Error | ID = 1000
Description = Chybující aplikace skype.exe, verze 4.0.0.206, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 29.4.2010 4:53:27 | Computer Name = PITA-08CA8C38C5 | Source = Application Error | ID = 1000
Description = Chybující aplikace installer_register_proxy.exe, verze 0.0.0.0, chybující
modul installer_register_proxy.exe, verze 0.0.0.0, adresa chyby 0x0000536d.

Error - 29.4.2010 5:14:52 | Computer Name = PITA-08CA8C38C5 | Source = Application Error | ID = 1000
Description = Chybující aplikace installer_register_proxy.exe, verze 0.0.0.0, chybující
modul installer_register_proxy.exe, verze 0.0.0.0, adresa chyby 0x0000536d.

Error - 29.4.2010 8:20:31 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Cubase5.exe, verze 5.1.0.105, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 3.5.2010 10:00:28 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Cubase5.exe, verze 5.1.0.105, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.5.2010 18:10:55 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 0.8.6.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.5.2010 18:21:53 | Computer Name = PITA-08CA8C38C5 | Source = Application Error | ID = 1000
Description = Chybující aplikace opera.exe, verze 9.64.10487.0, chybující modul
opera.dll, verze 9.64.10487.0, adresa chyby 0x0004ba96.

Error - 12.5.2010 12:50:01 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace opera.exe, verze 9.64.10487.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.5.2010 14:39:16 | Computer Name = PITA-08CA8C38C5 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Cubase5.exe, verze 5.1.0.105, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 20.5.2010 16:36:36 | Computer Name = PITA-08CA8C38C5 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.126.15 pro síťovou kartu se síťovou
adresou 001E8C5D467F byla ukončena.

Error - 21.5.2010 8:48:47 | Computer Name = PITA-08CA8C38C5 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.126.15 pro síťovou kartu se síťovou
adresou 001E8C5D467F byla ukončena.

Error - 22.5.2010 11:22:58 | Computer Name = PITA-08CA8C38C5 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.126.15 pro síťovou kartu se síťovou
adresou 001E8C5D467F byla ukončena.

Error - 23.5.2010 17:51:58 | Computer Name = PITA-08CA8C38C5 | Source = Service Control Manager | ID = 7000
Description = Služba M-Audio CMIDI Installer neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 24.5.2010 19:53:41 | Computer Name = PITA-08CA8C38C5 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.126.15 pro síťovou kartu se síťovou
adresou 001E8C5D467F byla ukončena.

Error - 25.5.2010 6:20:23 | Computer Name = PITA-08CA8C38C5 | Source = Service Control Manager | ID = 7000
Description = Služba M-Audio CMIDI Installer neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 25.5.2010 6:33:13 | Computer Name = PITA-08CA8C38C5 | Source = Service Control Manager | ID = 7000
Description = Služba M-Audio CMIDI Installer neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 25.5.2010 6:41:02 | Computer Name = PITA-08CA8C38C5 | Source = Service Control Manager | ID = 7000
Description = Služba M-Audio CMIDI Installer neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 26.5.2010 12:04:26 | Computer Name = PITA-08CA8C38C5 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.126.15 pro síťovou kartu se síťovou
adresou 001E8C5D467F byla ukončena.

Error - 26.5.2010 15:31:24 | Computer Name = PITA-08CA8C38C5 | Source = Service Control Manager | ID = 7000
Description = Služba M-Audio CMIDI Installer neuspěla při spuštění v důsledku následující
chyby: %%2

< End of report >

Zdravím

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

zdravim .....ok ,zítra stahnu legal a pošlu logy , dnes jsem v prácy tak už to nestihnu.dik

Logfile of random's system information tool 1.07 (written by random/random)
Run by Pita at 2010-05-29 00:40:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive L: has 74 GB (87%) free of 85 GB
Total RAM: 2047 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:40:33, on 29.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
L:\WINDOWS\System32\smss.exe
L:\WINDOWS\system32\winlogon.exe
L:\WINDOWS\system32\services.exe
L:\WINDOWS\system32\lsass.exe
L:\WINDOWS\system32\Ati2evxx.exe
L:\WINDOWS\system32\svchost.exe
L:\WINDOWS\System32\svchost.exe
L:\WINDOWS\system32\ZoneLabs\vsmon.exe
L:\WINDOWS\system32\Ati2evxx.exe
L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
L:\WINDOWS\system32\spoolsv.exe
L:\Program Files\Java\jre6\bin\jqs.exe
L:\WINDOWS\Explorer.EXE
L:\WINDOWS\RTHDCPL.EXE
L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
L:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
L:\WINDOWS\system32\ctfmon.exe
L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
L:\Program Files\DAEMON Tools\daemon.exe
L:\WINDOWS\system32\wscntfy.exe
L:\WINDOWS\system32\wbem\wmiapsrv.exe
L:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
L:\Program Files\Opera\opera.exe
L:\totalcmd\TOTALCMD.EXE
E:\net- foto bordel\RSIT.exe
L:\Program Files\trend micro\Pita.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - L:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - L:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Nap] "L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] L:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast5] L:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "L:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] L:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - L:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - L:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - L:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - L:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - L:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - L:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio CMIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - L:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - L:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4555 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - L:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - L:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=L:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RTHDCPL"=L:\WINDOWS\RTHDCPL.EXE [2007-08-10 16384000]
"Alcmtr"=L:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Ai Nap"=L:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=L:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 626688]
"Cpu Level Up help"=L:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"ZoneAlarm Client"=L:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"avast5"=L:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=L:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"DAEMON Tools"=L:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
L:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
L:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\DRAGON RISING\OFDR.exe"="E:\DRAGON RISING\OFDR.exe:*:Enabled:OF Dragon Rising"
"E:\Resolume 2.4\resolume.exe"="E:\Resolume 2.4\resolume.exe:*:Enabled:Resolume 2.4 beta"
"E:\Program Files\Dragon Age\bin_ship\daorigins.exe"="E:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"E:\Program Files\Dragon Age\DAOriginsLauncher.exe"="E:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"L:\Program Files\Opera\opera.exe"="L:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"L:\Program Files\SecondLife\SLVoice.exe"="L:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"L:\Program Files\Skype\Phone\Skype.exe"="L:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-05-28 10:36:35 ----A---- L:\WINDOWS\system32\aswBoot.exe
2010-05-28 10:36:27 ----D---- L:\Program Files\Alwil Software
2010-05-28 10:36:27 ----D---- L:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-05-26 21:37:44 ----RASHD---- L:\autorun.inf
2010-05-26 21:31:30 ----A---- L:\UsbFix.txt
2010-05-26 21:24:19 ----D---- L:\UsbFix
2010-05-26 20:05:27 ----D---- L:\rsit
2010-05-26 20:05:27 ----D---- L:\Program Files\trend micro
2010-05-25 13:05:53 ----D---- L:\WINDOWS\pss
2010-05-25 12:35:58 ----D---- L:\Documents and Settings\Pita\Data aplikací\MailFrontier
2010-05-25 12:28:33 ----D---- L:\Documents and Settings\Pita\Data aplikací\Thinstall
2010-05-25 12:25:48 ----D---- L:\Documents and Settings\All Users\Data aplikací\MailFrontier
2010-05-25 12:25:33 ----A---- L:\WINDOWS\zllsputility.exe
2010-05-25 12:25:14 ----A---- L:\WINDOWS\system32\vsregexp.dll
2010-05-25 12:25:14 ----A---- L:\WINDOWS\system32\libeay32_0.9.6l.dll
2010-05-25 12:25:08 ----A---- L:\WINDOWS\system32\zlcommdb.dll
2010-05-25 12:25:08 ----A---- L:\WINDOWS\system32\zlcomm.dll
2010-05-25 12:25:06 ----A---- L:\WINDOWS\system32\vswmi.dll
2010-05-25 12:25:05 ----A---- L:\WINDOWS\system32\zpeng24.dll
2010-05-25 12:25:04 ----D---- L:\WINDOWS\system32\ZoneLabs
2010-05-25 12:25:04 ----D---- L:\Program Files\Zone Labs
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vsxml.dll
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vspubapi.dll
2010-05-25 12:25:04 ----A---- L:\WINDOWS\system32\vsmonapi.dll
2010-05-25 12:24:39 ----D---- L:\WINDOWS\Internet Logs
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsutil.dll
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsinit.dll
2010-05-25 12:24:39 ----A---- L:\WINDOWS\system32\vsdata.dll
2010-05-25 12:16:36 ----D---- L:\Program Files\ESET
2010-05-15 18:48:20 ----D---- L:\Program Files\OpenAL
2010-05-15 18:48:20 ----A---- L:\WINDOWS\system32\wrap_oal.dll
2010-05-15 18:48:20 ----A---- L:\WINDOWS\system32\OpenAL32.dll
2010-05-15 18:47:56 ----D---- L:\Program Files\RedLynx
2010-05-04 02:58:58 ----D---- L:\Program Files\Common Files\Java
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\javaws.exe
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\javaw.exe
2010-05-04 02:58:47 ----A---- L:\WINDOWS\system32\java.exe
2010-05-04 02:58:34 ----D---- L:\Program Files\Java

======List of files/folders modified in the last 1 months======

2010-05-29 00:34:16 ----D---- L:\WINDOWS\Temp
2010-05-28 12:53:36 ----D---- L:\WINDOWS\Prefetch
2010-05-28 12:52:05 ----D---- L:\WINDOWS\system32
2010-05-28 12:50:23 ----D---- L:\WINDOWS\system32\CatRoot2
2010-05-28 12:50:23 ----A---- L:\WINDOWS\SchedLgU.Txt
2010-05-28 12:39:27 ----D---- L:\Documents and Settings\Pita\Data aplikací\Skype
2010-05-28 12:04:52 ----D---- L:\Documents and Settings\Pita\Data aplikací\skypePM
2010-05-28 10:38:21 ----D---- L:\WINDOWS\system32\drivers
2010-05-28 10:36:56 ----SHD---- L:\WINDOWS\Installer
2010-05-28 10:36:55 ----D---- L:\WINDOWS\WinSxS
2010-05-28 10:36:27 ----RD---- L:\Program Files
2010-05-26 21:37:39 ----SHD---- L:\System Volume Information
2010-05-26 21:37:33 ----SHD---- L:\RECYCLER
2010-05-26 21:21:15 ----D---- L:\Program Files\Messenger
2010-05-25 21:12:00 ----A---- L:\WINDOWS\system32\msvcsv60.dll
2010-05-25 20:38:33 ----A---- L:\WINDOWS\system32\ssprs.dll
2010-05-25 20:38:33 ----A---- L:\WINDOWS\system32\lsprst7.dll
2010-05-25 15:34:48 ----HD---- L:\WINDOWS\inf
2010-05-25 13:07:19 ----A---- L:\WINDOWS\win.ini
2010-05-25 13:07:19 ----A---- L:\WINDOWS\system.ini
2010-05-25 13:05:53 ----D---- L:\WINDOWS
2010-05-19 00:25:23 ----D---- L:\Documents and Settings\Pita\Data aplikací\gtk-2.0
2010-05-16 16:34:19 ----D---- L:\Program Files\Native Instruments
2010-05-14 06:08:57 ----SD---- L:\WINDOWS\Tasks
2010-05-04 02:58:58 ----D---- L:\Program Files\Common Files
2010-05-04 02:58:37 ----A---- L:\WINDOWS\system32\deploytk.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; L:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 AsIO;AsIO; L:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 aswSP;aswSP; L:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; L:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 intelppm;Řadič procesoru Intel; L:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 KLIF;KLIF; L:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; L:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aswFsBlk;aswFsBlk; L:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;aswMon2; L:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R3 Arp1394;Protokol 1394 ARP Client; L:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 aswRdr;aswRdr; L:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; L:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; L:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; L:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); L:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 MTsensor;ATK0110 ACPI UTILITY; L:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; L:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; L:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; L:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; L:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; L:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; L:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 awmlyfbn;awmlyfbn; L:\WINDOWS\system32\drivers\awmlyfbn.sys []
S3 MA_CMIDI;%EVOL_USB.SvcDesc%; L:\WINDOWS\system32\drivers\ma_cmidi.sys [2005-06-14 21888]
S3 pgusbmme;usb-audio.de MME-Adapter; L:\WINDOWS\system32\drivers\pgusbmm3.sys [2007-09-19 32768]
S3 usbaudio;Ovladač zvukové karty USB (WDM); L:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; L:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 uw500usb;usb-audio.de driver for Yamaha UW500; L:\WINDOWS\System32\Drivers\uw500usb.sys [2007-09-19 340992]
S4 IntelIde;IntelIde; L:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; L:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; L:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 avast! Antivirus;avast! Antivirus; L:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 JavaQuickStarterService;Java Quick Starter; L:\Program Files\Java\jre6\bin\jqs.exe [2010-05-04 153376]
R2 vsmon;TrueVector Internet Monitor; L:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 avast! Mail Scanner;avast! Mail Scanner; L:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; L:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 ATI Smart;ATI Smart; L:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 MA_CMIDI_InstallerService;M-Audio CMIDI Installer; L:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe []
S3 aspnet_state;ASP.NET State Service; L:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; L:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]

-----------------EOF-----------------

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\common files\native instruments\shared content\sounds\fm7\beam cracker bass.ksd
c:\program files\common files\native instruments\shared content\sounds\fm7\cracklephone.ksd
c:\program files\common files\native instruments\shared content\sounds\massive\crackle carl.ksd
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle (glitch demo).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle2 (glitch demo).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle3 (glitch demo).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle4 (glitch demo).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle5 (glitch demo).cl3
scanner sequence 3.ED.11
----- EOF -----

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
SRV - File not found [Auto | Stopped] -- -- (MA_CMIDI_InstallerService)
[3 L:\WINDOWS\*.tmp files -> L:\WINDOWS\*.tmp -> ]
[1 L:\WINDOWS\System32\*.tmp files -> L:\WINDOWS\System32\*.tmp -> ]
[2007.09.16 19:07:12 | 000,065,404 | -HS- | M] () -- L:\ejpyypm.exe

:Files
C:\dhuy.exe
C:\ejpyypm.exe
C:\posrt.exe
C:\sjeu.exe
E:\ejpyypm.exe
G:\ejpyypm.exe

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

All processes killed
========== OTL ==========
Service MA_CMIDI_InstallerService stopped successfully!
Service MA_CMIDI_InstallerService deleted successfully!
L:\WINDOWS\SET3.tmp deleted successfully.
L:\WINDOWS\SET4.tmp deleted successfully.
L:\WINDOWS\SET8.tmp deleted successfully.
L:\WINDOWS\System32\CONFIG.TMP deleted successfully.
L:\ejpyypm.exe moved successfully.
========== FILES ==========
C:\dhuy.exe moved successfully.
C:\ejpyypm.exe moved successfully.
C:\posrt.exe moved successfully.
C:\sjeu.exe moved successfully.
E:\ejpyypm.exe moved successfully.
G:\ejpyypm.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 725555 bytes

User: Pita
->Temp folder emptied: 530334898 bytes
->Temporary Internet Files folder emptied: 6683376 bytes
->Java cache emptied: 120105 bytes
->Opera cache emptied: 57192943 bytes
->Flash cache emptied: 26930 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12711 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 39350 bytes

Total Files Cleaned = 568,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pita
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.5.0 log created on 05292010_144048

Files\Folders moved on Reboot...
L:\Documents and Settings\Pita\Local Settings\Temp\~DF7163.tmp moved successfully.
File\Folder L:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
L:\WINDOWS\temp\ZLT063dd.TMP moved successfully.
L:\WINDOWS\temp\ZLT063e1.TMP moved successfully.

Registry entries deleted on Reboot...

Jak to vypadá s PC

Dobrý ...všechno vypadá ok se mi zdá

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Dejte nový log z RSIT.

VIRY.CZ

zonealarm hlásí trojana

zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana

Re: zonealarm hlásí trojana