VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

problem? prosim o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=101560

Stránka 1 z 1

problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 19:12
od Andy23
Dobrý den,
Známý má problém s počítačem. Po načtení plochy windows se dostavuje freeze a modrá obrazovka s informací o chybě windows poté nasleduje restart a stále dokola. možná je to také tím, že má 3 antiviry najednou.. prosím o pomoc a přikládám log z HJT. Předem děkuji

Logfile of HijackThis v1.99.1
Scan saved at 20:06:05, on 30.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\IOI\IOI\ButtonMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Jimmy\Plocha\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.2.0.750\ssd.dll (file missing)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [ButtonMonitor] C:\Program Files\IOI\IOI\ButtonMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [ARC] "C:\DOCUME~1\Jimmy\LOCALS~1\Temp\tempalbert\MSASCul.exe"
O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\Temp\_ex-08.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: hamachi.lnk = D:\Hamachi\hamachi.exe
O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - %fystemRoot%\system32\svchost.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1c9c6d5bee85280) (gupdate1c9c6d5bee85280) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus - Unknown owner - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe" /s "Norton AntiVirus" /m "C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - %fystemroot%\system32\svchost.exe (file missing)

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 19:55
od motji
Hezký večer :)
:arrow: Nabootujte se do nouzového režimu (po restartu mačkejte F8 - nouzový režim.)

:arrow: Ponechte pouze jeden antivir.

:arrow: Dále se podívejte do složky C:\WINDOWS\minidump, zda jsou tam nějaké soubory. Pokud ano, pošlete je na http://www.leteckaposta.cz, link vložte zde.



:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 20:10
od Andy23
Nějak se mi podařilo dostat normálně do windows, problem s plochou uz neni, takze jsem odstranil antiviry a ponechal piuze jeden... udelal jsem mezitim i log z combo fixu..
ve slozce minidump nic neni..

ComboFix 10-05-29.05 - Jimmy 30.05.2010 20:44:24.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1594 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jimmy\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jimmy\Dokumenty\cc_20100530_202400.reg
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_npf


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-28 do 2010-05-30 )))))))))))))))))))))))))))))))
.

2010-05-30 18:39 . 2010-05-30 18:39 -------- d-----w- C:\found.004
2010-05-30 18:13 . 2010-05-30 18:13 -------- d-----w- c:\program files\CCleaner
2010-05-30 18:04 . 2010-05-30 18:04 -------- d-----w- c:\program files\Opera
2010-05-30 17:48 . 2010-05-30 17:49 -------- d-----w- C:\$WIN_NT$.~BT
2010-05-29 14:07 . 2010-05-29 14:07 -------- d-----w- c:\windows\Eurobattle.net
2010-05-29 14:04 . 2010-05-29 15:00 69267 ----a-w- c:\windows\War3Unin.dat
2010-05-29 14:04 . 2010-05-29 14:33 2829 ----a-w- c:\windows\War3Unin.pif
2010-05-29 14:04 . 2010-05-29 14:33 139264 ----a-w- c:\windows\War3Unin.exe
2010-05-21 16:36 . 2010-05-21 18:46 -------- d-----w- c:\windows\system32\NtmsData
2010-05-16 08:38 . 2010-05-16 08:38 -------- d-----w- c:\program files\Sega
2010-05-14 16:01 . 2010-05-30 18:21 -------- d-----w- c:\program files\Norton Security Scan

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-30 18:01 . 2009-05-03 00:54 -------- d-----w- c:\program files\BitComet
2010-05-29 13:59 . 2009-04-20 13:42 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-05-21 18:55 . 2009-04-27 01:16 -------- d-----w- c:\program files\DivX
2010-05-16 08:38 . 2009-04-20 13:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-21 22:21 . 2010-04-21 22:19 -------- d-----w- c:\program files\Winamp
2010-04-21 22:21 . 2010-04-21 22:21 -------- d-----w- c:\program files\Winamp Detect
2010-04-15 22:05 . 2009-04-27 01:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-15 09:30 . 2009-10-05 00:29 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-15 09:30 . 2009-10-05 00:28 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-15 09:25 . 2008-04-14 12:00 82260 ----a-w- c:\windows\system32\perfc005.dat
2010-04-15 09:25 . 2008-04-14 12:00 437230 ----a-w- c:\windows\system32\perfh005.dat
2010-04-02 18:27 . 2010-04-02 18:27 0 ----a-w- c:\windows\PowerReg.dat
2010-04-01 16:17 . 2010-04-01 16:17 -------- d-----w- c:\program files\Microsoft Games
2010-03-31 01:58 . 2009-10-08 10:16 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-03-31 01:58 . 2009-10-08 10:16 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-03-31 01:58 . 2009-10-08 10:16 44944 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-03-31 01:58 . 2009-10-08 10:16 133616 ------w- c:\windows\system32\pxafs.dll
2010-03-31 01:58 . 2009-10-08 10:16 125424 ------w- c:\windows\system32\pxinsi64.exe
2010-03-31 01:58 . 2009-10-08 10:16 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-03-10 22:22 . 2009-10-05 00:28 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-05-20 177464]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36 1258808 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-05-20 1258808]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-05-20 1258808]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-21 39408]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-03-02 1667584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"nwiz"="nwiz.exe" [2008-05-02 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-09-13 380928]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVD.exe" [2006-01-07 458752]
"ButtonMonitor"="c:\program files\IOI\IOI\ButtonMonitor.exe" [2007-01-30 53248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Jimmy\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - d:\hamachi\hamachi.exe [2009-12-12 625952]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
play2p.lnk - c:\program files\play2p\play2p.exe [2009-5-17 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"=
"d:\\Games\\assassins creed\\AssassinsCreed_Dx9.exe"=
"d:\\Games\\assassins creed\\AssassinsCreed_Dx10.exe"=
"d:\\Games\\assassins creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Games\\The Club\\Launcher.exe"=
"d:\\Games\\The Club\\TheClub.exe"=
"d:\\Games\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Games\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Games\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\play2p\\play2p.exe"=
"d:\\Games\\CS 1.6\\hl.exe"=
"d:\\Games\\Warcraft 3 + Battle.net + Addony\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\Jimmy\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"d:\\Games\\Command.And.Conquer.3.Kanes.Wrath.Full-Rip.Multi-6.Skullptura\\Command & Conquer 3 Kane's Wrath\\RetailExe\\1.2\\cnc3ep1.dat"=
"d:\\Downloads\\garena\\Garena.exe"=
"d:\\Games\\Warcraft III\\Warcraft III.exe"=
"d:\\Games\\Warcraft III\\War3.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19178:TCP"= 19178:TCP:BitComet 19178 TCP
"19178:UDP"= 19178:UDP:BitComet 19178 UDP

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.4.2009 14:01 717296]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [4.10.2009 22:50 115968]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6.10.2009 17:08 135336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.4.2009 21:53 222456]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [20.4.2009 22:16 238080]
S1 712d84b;712d84b;c:\windows\system32\drivers\712d84b.sys [20.9.2009 9:20 0]
S2 gupdate1c9c6d5bee85280;Služba Google Update (gupdate1c9c6d5bee85280);c:\program files\Google\Update\GoogleUpdate.exe [27.4.2009 3:16 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Jimmy\LOCALS~1\Temp\KLT63E.tmp --> c:\docume~1\Jimmy\LOCALS~1\Temp\KLT63E.tmp [?]
.
Obsah adresáře 'Naplánované úlohy'

2009-11-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-27 01:16]

2010-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-27 01:16]

2010-05-30 c:\windows\Tasks\User_Feed_Synchronization-{2533145C-3F0D-4C76-9BAD-AB48F818DA50}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-30 20:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys spws.sys >>UNKNOWN [0x89D7D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba90cf28
\Driver\ACPI -> ACPI.sys @ 0xba667cb8
\Driver\atapi -> prosync1.sys @ 0xbadae661
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 SendCompleteHandler -> NDIS.sys @ 0xba53dbb0
PacketIndicateHandler -> NDIS.sys @ 0xba52ca0d
SendHandler -> NDIS.sys @ 0xba540b40
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Jimmy\LOCALS~1\Temp\KLT63E.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1284227242-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:4a,cf,22,de,86,47,31,94,f9,2f,eb,0a,32,c7,04,a9,9e,71,dd,a8,e6,
09,24,19,53,cb,3e,da,d1,49,31,dd,f8,f6,b1,31,2b,79,43,e7,53,19,6e,53,e1,d6,\
"rkeysecu"=hex:25,2f,5d,25,48,1e,c9,6f,fb,91,0d,11,0e,ab,0d,6a
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1448)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\ATKKBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\0b6a3bc0d3b37a81d0a810f56d0eb2e3\update\update.exe
.
**************************************************************************
.
Celkový čas: 2010-05-30 20:56:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-30 18:56

Před spuštěním: Volných bajtů: 42 936 807 424
Po spuštění: Volných bajtů: 42 859 974 656

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[Boot Loader]
Timeout=2
Default=c:\$win_nt$.~bt\BOOTSECT.DAT
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
c:\$win_nt$.~bt\BOOTSECT.DAT="Instalace systému Windows"

- - End Of File - - 75A0E60568174667ADE697FFE3F3C7C9

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 20:11
od Andy23
a zde prikladam log z OTL


OTL logfile created on: 30.5.2010 21:05:24 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Jimmy\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 39,68 Gb Free Space | 27,09% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 3,85 Gb Free Space | 1,20% Space Free | Partition Type: NTFS
Drive E: | 29,28 Gb Total Space | 28,75 Gb Free Space | 98,20% Space Free | Partition Type: FAT32
Drive F: | 574,51 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIMMY-4292F0F2A
Current User Name: Jimmy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.30 21:01:06 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jimmy\Plocha\OTL.exe
PRC - [2010.04.22 13:35:29 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.04.13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.03.02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.05.20 15:11:40 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2009.04.22 01:17:52 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.02.26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008.10.19 14:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.13 15:54:10 | 000,258,560 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


========== Modules (SafeList) ==========

MOD - [2010.05.30 21:01:06 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jimmy\Plocha\OTL.exe
MOD - [2009.05.20 15:11:06 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.07.11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.04.22 13:35:29 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.10.19 14:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.09.13 15:54:10 | 000,258,560 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010.03.01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.12.12 18:34:30 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.10.04 22:50:00 | 000,115,968 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv03.sys -- (prodrv03)
DRV - [2009.09.20 12:58:51 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\712d84b.sys -- (712d84b)
DRV - [2009.09.04 15:17:39 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.09.04 15:17:39 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.21 14:01:36 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.05.08 23:23:22 | 000,238,080 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.05.03 00:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.25 13:48:08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.03.25 13:48:06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008.02.14 16:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007.09.13 15:54:14 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007.09.13 15:54:14 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D)
DRV - [2007.09.13 15:54:12 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007.09.13 15:54:10 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2006.01.07 15:36:41 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2005.04.21 13:40:36 | 000,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005.02.11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.08.12 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.10.10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.10.10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.07
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {872A1C39-DF0B-4c8b-AD84-12BA24A3B781}:4.1.0.0
FF - prefs.js..extensions.enabledItems: {707db484-2428-402d-afb5-d85b387544c7}:2.0.1.10
FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:1.5.0.850
FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.4.0.4340
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2247187&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - HKLM\software\mozilla\Firefox\Extensions\\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}: C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar [2009.07.07 08:57:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.0.850\FF
FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009.04.20 22:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Extensions
[2009.09.07 12:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions
[2009.09.07 12:29:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.23 23:34:44 | 000,000,000 | ---D | M] (Mario Forever Toolbar) -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
[2009.05.03 02:54:27 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009.04.28 12:02:09 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.09.07 12:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\extensions\staged-xpis
[2009.04.27 16:09:10 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\searchplugins\conduit.xml
[2009.04.21 14:04:07 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\searchplugins\daemon-search.xml
[2009.03.01 13:02:44 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\searchplugins\icqplugin.xml
[2009.04.28 12:02:07 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla\Firefox\Profiles\qqw3351f.default\searchplugins\sweetim.xml
[2010.05.30 20:22:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.11.11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009.02.11 21:16:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.06.23 07:35:04 | 000,001,619 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\FFToolbar.xml

O1 HOSTS File: ([2010.05.30 20:52:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\Toolbar\WebBrowser: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files\IOI\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\play2p.lnk = C:\Program Files\play2p\play2p.exe (play2p.com)
O4 - Startup: C:\Documents and Settings\Jimmy\Nabídka Start\Programy\Po spuštění\hamachi.lnk = D:\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jimmy\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jimmy\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.20 15:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.04.14 14:00:00 | 000,000,112 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.20 20:49:00 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 30 Days ==========

[2010.05.30 21:01:06 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jimmy\Plocha\OTL.exe
[2010.05.30 20:56:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.05.30 20:53:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.05.30 20:43:38 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.05.30 20:41:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.30 20:41:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.30 20:41:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.30 20:41:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.05.30 20:41:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.30 20:39:51 | 000,000,000 | ---D | C] -- C:\found.004
[2010.05.30 20:36:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.30 20:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Data aplikací\Avira
[2010.05.30 20:15:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jimmy\Recent
[2010.05.30 20:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.30 20:13:04 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Jimmy\Plocha\ccsetup231.exe
[2010.05.30 20:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Plocha\hijackthis
[2010.05.30 20:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.05.30 19:48:35 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2010.05.29 16:07:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Eurobattle.net
[2010.05.29 16:04:42 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010.05.24 15:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Dokumenty\NHL09
[2010.05.21 18:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.05.19 00:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Plocha\diablo-3-tapety
[2010.05.16 21:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Plocha\WOLF 3D game
[2010.05.16 21:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jimmy\Plocha\dyna-blaster
[2010.05.16 10:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Sega
[2010.05.14 18:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.30 21:05:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.30 21:01:06 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jimmy\Plocha\OTL.exe
[2010.05.30 20:53:41 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2533145C-3F0D-4C76-9BAD-AB48F818DA50}.job
[2010.05.30 20:52:41 | 000,000,170 | ---- | M] () -- C:\ASWL2K.ini
[2010.05.30 20:52:24 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.30 20:52:06 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.30 20:52:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.30 20:51:47 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.30 20:51:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.30 20:51:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.30 20:51:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.30 20:49:09 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Jimmy\NTUSER.DAT
[2010.05.30 20:49:09 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jimmy\ntuser.ini
[2010.05.30 20:43:42 | 000,000,324 | RHS- | M] () -- C:\boot.ini
[2010.05.30 20:36:15 | 003,700,932 | R--- | M] () -- C:\Documents and Settings\Jimmy\Plocha\ComboFix.exe
[2010.05.30 20:28:49 | 000,104,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.30 20:13:45 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\CCleaner.lnk
[2010.05.30 20:13:05 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Jimmy\Plocha\ccsetup231.exe
[2010.05.30 20:05:29 | 000,212,849 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\hijackthis.zip
[2010.05.30 20:04:32 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.05.30 19:49:26 | 000,000,253 | ---- | M] () -- C:\Boot.bak
[2010.05.29 17:00:54 | 000,069,267 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010.05.29 16:33:34 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\Frozen Throne.lnk
[2010.05.29 16:33:27 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010.05.29 16:33:26 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010.05.29 16:08:02 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\euroloader.lnk
[2010.05.29 16:04:45 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\Warcraft III.lnk
[2010.05.29 15:59:16 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[2010.05.29 15:55:42 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.27 21:52:13 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\Garena.lnk
[2010.05.21 20:55:07 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\DivX Movies.lnk
[2010.05.21 20:55:01 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Player.lnk
[2010.05.21 20:54:41 | 000,000,860 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Converter.lnk
[2010.05.19 17:06:07 | 003,186,908 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Data aplikací\IconCache.db
[2010.05.16 20:57:50 | 001,050,670 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\WOLF 3D game.rar
[2010.05.16 20:54:45 | 000,736,179 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\dyna-blaster.rar
[2010.05.15 19:11:13 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Jimmy\Plocha\Zástupce (2) - Wow.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.30 20:43:39 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.05.30 20:41:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.30 20:41:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.30 20:41:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.05.30 20:41:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.30 20:41:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.05.30 20:36:15 | 003,700,932 | R--- | C] () -- C:\Documents and Settings\Jimmy\Plocha\ComboFix.exe
[2010.05.30 20:13:45 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\CCleaner.lnk
[2010.05.30 20:05:29 | 000,212,849 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\hijackthis.zip
[2010.05.30 19:49:26 | 000,000,253 | ---- | C] () -- C:\Boot.bak
[2010.05.30 19:48:49 | 000,459,327 | R--- | C] () -- C:\txtsetup.sif
[2010.05.30 19:48:49 | 000,261,328 | R--- | C] () -- C:\$LDR$
[2010.05.29 16:33:34 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\Frozen Throne.lnk
[2010.05.29 16:08:02 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\euroloader.lnk
[2010.05.29 16:04:45 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\Warcraft III.lnk
[2010.05.29 16:04:43 | 000,069,267 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2010.05.29 16:04:42 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2010.05.27 21:52:13 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\Garena.lnk
[2010.05.21 20:55:07 | 000,001,479 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\DivX Movies.lnk
[2010.05.21 20:55:01 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Player.lnk
[2010.05.21 20:54:41 | 000,000,860 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Converter.lnk
[2010.05.16 20:57:47 | 001,050,670 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\WOLF 3D game.rar
[2010.05.16 20:54:45 | 000,736,179 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\dyna-blaster.rar
[2010.05.15 19:11:31 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Jimmy\Plocha\Zástupce (2) - Wow.lnk
[2010.03.23 23:59:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010.03.10 23:57:52 | 000,000,259 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.10.25 02:22:11 | 000,000,046 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2009.10.05 02:29:08 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.09.20 09:20:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\712d84b.sys
[2009.09.11 14:52:56 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2009.09.11 14:51:51 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.09.04 15:17:39 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.09.04 15:17:39 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.08.10 17:02:11 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2009.08.10 17:02:07 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.07.02 23:16:14 | 000,000,469 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.04.21 20:41:21 | 000,000,398 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.04.21 14:01:36 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.04.20 20:50:46 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.20 20:50:29 | 000,031,577 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.20 20:50:28 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.20 15:42:19 | 000,643,142 | ---- | C] () -- C:\WINDOWS\aticlocklib.dll
[2009.04.20 15:42:19 | 000,110,592 | ---- | C] () -- C:\WINDOWS\R5ClkLib.dll
[2009.04.20 15:42:18 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009.04.20 15:42:16 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.20 15:42:16 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.20 15:42:16 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2009.04.20 15:42:16 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2009.04.20 15:42:16 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2009.04.20 15:42:16 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2009.04.20 15:42:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2009.04.20 15:42:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2009.04.20 15:42:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2009.04.20 15:42:15 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.09.16 19:07:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.09.16 19:07:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.09.16 19:07:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.09.16 19:07:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.09.16 19:07:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2004.07.29 20:17:19 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll

========== LOP Check ==========

[2009.09.20 16:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\11099844
[2009.11.19 00:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2009.04.21 14:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.09.11 14:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DVD X Studios
[2009.06.07 12:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2009.04.20 21:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.09.30 14:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.04.28 12:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.09.06 12:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tages
[2009.08.12 15:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.07.07 08:57:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F94ED97F-1871-47C6-87A8-69513EF3C279}
[2009.08.06 16:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\2K Sports
[2009.11.23 00:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BitTorrent
[2009.06.30 18:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer
[2009.05.01 01:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer Pro
[2009.09.30 02:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\com.imeem.DesktopUploader.6C3F108F466C0F04F30B58747CAA4DF34281133B.1
[2010.03.02 00:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Command & Conquer 3 Kane's Wrath
[2009.04.21 14:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools
[2009.04.21 20:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools Lite
[2009.06.27 11:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools Pro
[2009.04.20 21:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\ESET
[2010.03.29 22:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\GameRanger
[2010.05.24 00:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\ICQ
[2009.06.07 00:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Leadertech
[2009.06.18 14:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\MobMapUpdater
[2010.02.10 12:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Opera
[2009.07.23 18:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\play2p
[2009.08.12 15:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Ubisoft
[2010.05.30 20:53:41 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2533145C-3F0D-4C76-9BAD-AB48F818DA50}.job

========== Purity Check ==========



========== Custom Scans ==========

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 20:12
od Andy23
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.04.22 01:17:52 | 000,039,408 | ---- | M] (Google Inc.)
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- [2009.09.03 23:17:14 | 003,342,336 | ---- | M] (Electronic Arts)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2009.08.13 03:31:24 | 382,880,024 | ---- | M] () -- C:\WoW-3.0.1.8874-to-3.0.2.9056-enUS-patch.exe
[2009.08.13 02:32:22 | 021,689,232 | ---- | M] () -- C:\WoW-3.0.2.9056-to-3.0.3.9183-enUS-patch.exe
[2009.08.13 02:37:34 | 053,902,344 | ---- | M] () -- C:\WoW-3.0.3.9183-to-3.0.8.9464-enUS-patch.exe
[2009.08.13 02:29:56 | 007,088,248 | ---- | M] () -- C:\WoW-3.0.8.9464-to-3.0.8.9506-enUS-patch.exe
[2009.08.13 02:31:08 | 010,895,616 | ---- | M] () -- C:\WoW-3.0.8.9506-to-3.0.9.9551-enUS-patch.exe
[2009.08.13 02:31:26 | 008,396,120 | ---- | M] () -- C:\WoW-3.1.0.9767-to-3.1.1.9806-enUS-patch.exe
[2009.08.13 02:31:17 | 007,357,544 | ---- | M] () -- C:\WoW-3.1.1.9806-to-3.1.1.9835-enUS-patch.exe
[2009.08.13 02:33:54 | 015,561,000 | ---- | M] () -- C:\WoW-3.1.1.9835-to-3.1.2.9901-enUS-patch.exe
[2009.08.13 02:33:09 | 007,389,184 | ---- | M] () -- C:\WoW-3.1.2.9901-to-3.1.3.9947-enUS-patch.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.08.06 16:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\2K Sports
[2009.09.30 02:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Adobe
[2009.04.22 20:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Ahead
[2009.05.19 08:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Apple Computer
[2010.05.30 20:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Avira
[2009.11.23 00:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BitTorrent
[2009.06.30 18:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer
[2009.05.01 01:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer Pro
[2009.09.30 02:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\com.imeem.DesktopUploader.6C3F108F466C0F04F30B58747CAA4DF34281133B.1
[2010.03.02 00:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Command & Conquer 3 Kane's Wrath
[2009.04.21 14:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools
[2009.04.21 20:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools Lite
[2009.06.27 11:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DAEMON Tools Pro
[2010.04.17 03:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\DivX
[2009.04.20 21:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\ESET
[2010.03.29 22:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\GameRanger
[2009.04.22 05:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Google
[2010.05.30 20:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Hamachi
[2010.05.24 00:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\ICQ
[2009.04.20 15:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Identities
[2009.08.12 15:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\InstallShield
[2009.06.07 00:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Leadertech
[2009.04.20 15:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Macromedia
[2010.05.24 02:09:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Microsoft
[2009.06.18 14:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\MobMapUpdater
[2009.04.20 16:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Motive
[2009.04.20 21:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Mozilla
[2010.02.10 12:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Opera
[2009.07.23 18:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\play2p
[2009.06.01 17:41:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\SecuROM
[2010.03.24 00:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Skype
[2010.03.23 21:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\skypePM
[2009.08.12 15:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Ubisoft
[2009.07.29 00:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Ventrilo
[2010.04.22 01:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\Winamp
[2009.04.20 21:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jimmy\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2010.04.26 23:30:16 | 001,216,176 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Jimmy\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2009.09.30 02:13:35 | 000,038,208 | ---- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.05.16 16:59:44 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ARPPRODUCTICON.exe
[2009.05.16 16:59:44 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ButtonMonitor.exe1_1706882910EE4581BDC8C53C483694A3.exe
[2009.05.16 16:59:44 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Microsoft\Installer\{17068829-10EE-4581-BDC8-C53C483694A3}\ButtonMonitor.exe_1706882910EE4581BDC8C53C483694A3.exe
[2010.04.02 20:27:43 | 000,053,248 | R--- | M] () -- C:\Documents and Settings\Jimmy\Data aplikací\Microsoft\Installer\{9AA761E6-CA51-4FF2-A552-D51638BF0595}\_F522ED7EA612_4117_B86D_78467DE01E30.exe


< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,481,792 | R--- | M] (Microsoft Corporation) MD5=0B7569ECA93964A39BEDCF763E78E22A -- C:\$WIN_NT$.~BT\system32\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.04.21 14:01:36 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.04.20 17:03:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.20 17:03:19 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.20 17:03:19 | 000,507,904 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.05.30 20:28:49 | 000,104,624 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.05.30 20:52:06 | 000,000,104 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.05.30 20:51:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >




OTL Extras logfile created on: 30.5.2010 21:05:24 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Documents and Settings\Jimmy\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 39,68 Gb Free Space | 27,09% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 3,85 Gb Free Space | 1,20% Space Free | Partition Type: NTFS
Drive E: | 29,28 Gb Total Space | 28,75 Gb Free Space | 98,20% Space Free | Partition Type: FAT32
Drive F: | 574,51 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIMMY-4292F0F2A
Current User Name: Jimmy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
"19178:TCP" = 19178:TCP:*:Enabled:BitComet 19178 TCP
"19178:UDP" = 19178:UDP:*:Enabled:BitComet 19178 UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe" = C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe:*:Enabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH)
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe" = C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe:*:Enabled:Sacred 2 -- (Ascaron Entertainment GmbH)
"C:\Program Files\Activision\Prototype\prototypef.exe" = C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM) -- (Activision)
"D:\Games\assassins creed\AssassinsCreed_Dx9.exe" = D:\Games\assassins creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"D:\Games\assassins creed\AssassinsCreed_Dx10.exe" = D:\Games\assassins creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"D:\Games\assassins creed\AssassinsCreed_Launcher.exe" = D:\Games\assassins creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"D:\Games\The Club\Launcher.exe" = D:\Games\The Club\Launcher.exe:*:Enabled:The Club Launcher -- (Bizarre Creations)
"D:\Games\The Club\TheClub.exe" = D:\Games\The Club\TheClub.exe:*:Enabled:The Club -- (Bizarre Creations)
"D:\Games\Far Cry 2\bin\FarCry2.exe" = D:\Games\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment)
"D:\Games\Far Cry 2\bin\FC2Launcher.exe" = D:\Games\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft)
"D:\Games\Far Cry 2\bin\FC2Editor.exe" = D:\Games\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\play2p\play2p.exe" = C:\Program Files\play2p\play2p.exe:*:Disabled:play2p -- (play2p.com)
"D:\Games\CS 1.6\hl.exe" = D:\Games\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Games\Warcraft 3 + Battle.net + Addony\Warcraft III\Warcraft III.exe" = D:\Games\Warcraft 3 + Battle.net + Addony\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Documents and Settings\Jimmy\Data aplikací\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\Jimmy\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies)
"D:\Games\Command.And.Conquer.3.Kanes.Wrath.Full-Rip.Multi-6.Skullptura\Command & Conquer 3 Kane's Wrath\RetailExe\1.2\cnc3ep1.dat" = D:\Games\Command.And.Conquer.3.Kanes.Wrath.Full-Rip.Multi-6.Skullptura\Command & Conquer 3 Kane's Wrath\RetailExe\1.2\cnc3ep1.dat:*:Enabled:Command & Conquer(tm) 3: Kane's Wrath -- (Electronic Arts Inc.)
"D:\Downloads\garena\Garena.exe" = D:\Downloads\garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"D:\Games\Warcraft III\Warcraft III.exe" = D:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"D:\Games\Warcraft III\War3.exe" = D:\Games\Warcraft III\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}" = Lineage II
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{12C85315-0989-4C28-8956-33458F464DD6}" = The Chronicles of Riddick - Assault on Dark Athena
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Sync
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"{1B602410-D983-4947-98FE-EE749073D15E}" = GamingHarbor Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Gamer OSD
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F8EF7B0-354D-40A8-8B08-07DE06C7D899}" = Playboy The Mansion - Private Party
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{5695B707-C5A9-4EF4-9534-31A798683362}" = The Club
"{58D4AE57-ACDE-4A07-9BBD-34B15D54526C}" = Playboy - The Mansion
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65A9FFB6-E734-424C-BDFE-DF20B36808D3}_is1" = "Ascension to the Throne" (Remove Only)
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{689838DE-8467-45AE-A7FF-087B7C0E48C6}" = WWE RAW
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E5BC38E-F22B-4197-00A2-CD8E58EF139D}" = TOTAL CLUB MANAGER 2005
"{708B7143-D316-459C-9CD1-BA41DFF521E5}" = Deal or No Deal - Secret Vault Games
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{835DEF6B-850B-4DB8-A798-EBD8C5112D25}_is1" = Foosball Maniac 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA761E6-CA51-4FF2-A552-D51638BF0595}" = Battle Realms
"{9F39E542-91FD-4E7B-B87B-C690090D39D6}_is1" = Left 4 Dead
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.76
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E2729A36-33EB-4094-9759-2C7A666DE296}" = Etherlords
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}" = SweetIM for Messenger 2.7
"{F0207194-35B9-4476-B02E-395EE52B5960}" = ASUS nVidia Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F354FE7E-783D-6880-F7DB-C61197C799E3}" = imeem Uploader
"{F68A7F48-9F26-4FB1-A7C2-DF3C0F2D849C}" = Crazy Taxi
"4StoryCZ_is1" = 4Story 1.5
"7 Wonders II_is1" = 7 Wonders II
"7007 slots" = 7007 slots
"AB9ED296-6C42-4191-A802-3C7FD58C7622" = play2p
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"AnyDVD" = AnyDVD
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Battle.net" = Battle.net
"BitComet" = BitComet 1.10
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Collab" = Collab
"com.imeem.DesktopUploader.6C3F108F466C0F04F30B58747CAA4DF34281133B.1" = imeem Uploader
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CSI-3 Dimensions of Murder" = CSI-3 Dimensions of Murder 1.0
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"Czech Racer_is1" = Czech Racer 1.0
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DancingSativaMp3_is1" = CombatVetsWebMp3V2.5.1.exe
"Diablo" = Diablo
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.1.4
"DVD X Player 5.3 Professional_is1" = DVD X Player 5.3 Professional
"EADM" = EA Download Manager
"EAX Unified" = EAX Unified
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"Eurobattle.net1.24b" = Eurobattle.net
"FL Studio 8" = FL Studio 8
"Fraps" = Fraps (remove only)
"Free Easy Burner_is1" = Free Easy Burner V 3.0
"Free YouTube Downloader Converter" = Free YouTube Downloader Converter
"GameParkClient_is1" = GamePark
"GamingHarbor Toolbar" = GamingHarbor Toolbar
"Garena" = Garena 2010
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.3.0
"Hellfire" = Hellfire
"Heroes of Might and Magic II" = Heroes of Might and Magic II
"HijackThis" = HijackThis 1.99.1
"Chaser" = Chaser
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{5695B707-C5A9-4EF4-9534-31A798683362}" = The Club
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Mafia Game" = Mafia Game
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobMap_is1" = MobMap 1.30
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NokiaFREE Unlock Codes Calculator" = NokiaFREE Unlock Codes Calculator
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PacSteamT" = PacSteamT
"ParadiseCasino - Czech" = ParadiseCasino - Czech
"ParadisePoker" = ParadisePoker
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"Sacred_is1" = Sacred
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Sierra Utilities" = Sierra Utilities
"Slave Zero" = Slave Zero
"Toxic Biohazard" = Toxic Biohazard
"UT2004" = Unreal Tournament 2004
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"xvid" = XviD MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1547161642-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"GameRanger" = GameRanger
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 20:27
od motji
Jak to ted vypadá s počítačem?
Garenu používáte?

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 21:26
od Andy23
Počítač už se tedy zdá být v pořádku, akorát při zapnutí se musí mačkat F1 ( něco ve smyslu master HDD 3 not detected) což se dříve nemuselo... garenu používá..

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4156

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

30.5.2010 22:25:56
mbam-log-2010-05-30 (22-25-56).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|G:\|)
Skenované objekty: 283623
Uplynulý čas: 47 minuta(y), 4 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 35
Infikované hodnoty registru: 4
Infikované datové položky registru: 0
Infikované složky: 18
Infikované soubory: 106

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{872a1c39-df0b-4c8b-ad84-12ba24a3b781} (Adware.DoubleD) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Documents and Settings\All Users\Data aplikací\11099844 (Rogue.Multiple) -> No action taken.
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730 (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome\locale (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\searchplugins (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750 (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Jimmy\Nabídka Start\Programy\Total Security (Rogue.TotalSecurity) -> No action taken.

Infikované soubory:
C:\Downloads\Monopoly.1.0.406.Portable\Monopoly.1.0.406.Portable\Monopoly 1.0.406 Portable\GameuxInstallHelper.dll (Malware.Packer.Gen) -> No action taken.
D:\Downloads\BattleRealmsNOCD.exe (Trojan.Bancos) -> No action taken.
D:\Games\Warcraft 3 + Battle.net + Addony\GHostOne\WardenBNLS\.svn\text-base\BNLS.exe.svn-base (Spyware.Passwords) -> No action taken.
D:\Games\Warcraft 3 + Battle.net + Addony\GHostOne\WardenBNLS\.svn\text-base\WardenUpdater.exe.svn-base (Spyware.Passwords) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\11099844\11099844 (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\11099844\pc11099844ins (Rogue.Multiple) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\gdiplus.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\mfc80.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\SkinCrafterDll.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbasst.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\default1.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Cursor.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Glitter.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Recipe.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Ringtone.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Screensaver.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\pixel.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\profile.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components\DDAutoComplete.js (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components\SmileyCore.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components\TBFFHelper.js (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\About.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Recipe.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Ringtone.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Screensaver.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\eacore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Jimmy\Nabídka Start\Programy\Total Security\Total Security 2009.lnk (Rogue.TotalSecurity) -> No action taken.
C:\Documents and Settings\Jimmy\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.

Re: problem? prosim o kontrolu logu

Napsal: 30 kvě 2010 21:31
od motji
Co našel mbam, smažte.
A ten problém s tím bootování se stal až po použití combofixu?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz