falesny antivirus

Zpráva

Lmbzb · #1 Příspěvek od **Lmbzb** » 14 čer 2010 22:33

Dobrý den.
Na počítači se mi objevilo okno falešného antiviru. Pomocí Správce úloh jsem mu ukončil proces a provedl jsem obnovení systému. Po restartu se už neobjevil. Následně jsem prohledal počítač Avastem, ale některé soubory, které označil za infikované, se mu nepodařilo odstranit. Ty z nich, které se mi podařilo nalézt jsem smazal ručně. Zatím se infekce nijak neprojevuje, ale jistě jsem ji tímto způsobem nezničil úplně. Můžete to prosím prověřit?

Logfile of random's system information tool 1.07 (written by random/random)
Run by Milos Bilek at 2010-06-14 23:09:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (39%) free of 30 GB
Total RAM: 1023 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:09:44, on 14.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\stazene prog\prehravac\mplayerc.exe
D:\stazene prog\RSIT\RSIT.exe
C:\Program Files\trend micro\Milos Bilek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: IDL DicomEx Storage SCP - Unknown owner - C:\Program Files\ITT\IDL71\bin\bin.x86\idl_dicomexstorscp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 6262 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-23 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 98304]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2005-11-30 450560]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-23 148888]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI"
"C:\Program Files\MATLAB\R2007b\bin\win32\MATLAB.exe"="C:\Program Files\MATLAB\R2007b\bin\win32\MATLAB.exe:*:Enabled:MATLAB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-06-14 23:09:34 ----D---- C:\Program Files\trend micro
2010-06-14 23:09:33 ----D---- C:\rsit
2010-06-14 10:44:51 ----D---- C:\WINDOWS\system32\lowsec
2010-06-14 10:44:48 ----AH---- C:\WINDOWS\system32\sstusq.dll
2010-06-14 10:44:47 ----D---- C:\Documents and Settings\Milos Bilek\Data aplikací\4DA4BB5B15F109B5620AADBC000464B2
2010-06-10 21:53:29 ----DC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 21:53:16 ----DC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 15:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 15:41:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 15:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 15:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-05-26 15:21:50 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

======List of files/folders modified in the last 1 months======

2010-06-14 23:09:41 ----D---- C:\WINDOWS\Prefetch
2010-06-14 23:09:34 ----RD---- C:\Program Files
2010-06-14 22:31:55 ----D---- C:\WINDOWS\Temp
2010-06-14 17:19:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-14 15:54:19 ----D---- C:\WINDOWS
2010-06-14 15:47:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-14 15:45:02 ----HD---- C:\WINDOWS\inf
2010-06-14 14:46:00 ----D---- C:\Program Files\Mozilla Firefox
2010-06-14 14:13:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-14 14:12:49 ----RSD---- C:\WINDOWS\assembly
2010-06-14 13:49:51 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-14 13:45:52 ----D---- C:\WINDOWS\system32
2010-06-14 13:45:03 ----D---- C:\WINDOWS\system32\config
2010-06-14 13:44:40 ----D---- C:\WINDOWS\system32\wbem
2010-06-14 13:44:38 ----D---- C:\WINDOWS\Registration
2010-06-10 21:53:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 21:53:26 ----A---- C:\WINDOWS\imsins.BAK
2010-06-10 21:53:11 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 21:30:20 ----D---- C:\Program Files\Internet Explorer
2010-06-10 21:30:20 ----D---- C:\Config.Msi
2010-06-10 15:48:51 ----SHD---- C:\WINDOWS\Installer
2010-06-10 15:46:07 ----D---- C:\WINDOWS\ie8updates
2010-06-10 15:39:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-10 15:39:16 ----D---- C:\WINDOWS\WinSxS
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-11-29 18688]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2002-02-25 139776]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-10-24 907456]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SMC2862W;SMC2862W-G EZ Connect g 802.11g Wireless USB 2.0 Adapter Driver; C:\WINDOWS\system32\DRIVERS\2862WICB.sys [2004-09-10 381088]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-23 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-07 1029456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDL DicomEx Storage SCP;IDL DicomEx Storage SCP; C:\Program Files\ITT\IDL71\bin\bin.x86\idl_dicomexstorscp.exe [2009-04-21 57344]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 14 čer 2010 22:37

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
autochk.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Lmbzb · #3 Příspěvek od **Lmbzb** » 15 čer 2010 08:25

Děkuji za odpověď. Jak odinstaluji ty toolbary? V Přdat nebo odebrat programi nic s názvem "toolbar" není. Logy zde:

OTL logfile created on: 15.6.2010 9:00:25 - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Milos Bilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 561,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,43 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 11,78 Gb Free Space | 26,03% Space Free | Partition Type: NTFS
Drive E: | 2,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 425,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: INTEL
Current User Name: Milos Bilek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.14 23:45:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milos Bilek\Plocha\OTL.exe
PRC - [2010.03.07 23:37:23 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010.03.07 23:37:22 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.26 10:21:28 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2007.04.26 10:21:28 | 001,234,480 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2006.11.17 05:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.01.30 18:00:00 | 000,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
PRC - [2005.11.30 11:12:42 | 000,450,560 | ---- | M] (Seznam.cz a.s.) -- C:\Program Files\Seznam\Postak\Postak.exe

========== Modules (SafeList) ==========

MOD - [2010.06.14 23:45:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milos Bilek\Plocha\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.03.07 23:37:22 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.04.21 17:51:52 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ITT\IDL71\bin\bin.x86\idl_dicomexstorscp.exe -- (IDL DicomEx Storage SCP)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.04.26 10:21:28 | 001,234,480 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (SPF4)
SRV - [2007.03.26 14:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.03 16:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.04.26 10:21:34 | 000,072,624 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.04.26 10:21:30 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007.02.22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.11.29 01:43:25 | 000,018,688 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006.10.22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006.04.22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2004.09.10 18:59:00 | 000,381,088 | ---- | M] (SMC Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\2862WICB.sys -- (SMC2862W)
DRV - [2002.10.15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002.10.15 00:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001.10.24 11:58:46 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-583907252-1275210071-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-583907252-1275210071-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 D5 E1 05 4F E5 CA 01 [binary data]
IE - HKU\S-1-5-21-583907252-1275210071-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.ftp: "148.233.159.58"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "148.233.159.58"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "148.233.159.58"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.socks: "148.233.159.58"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "148.233.159.58"
FF - prefs.js..network.proxy.ssl_port: 80

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.04 12:42:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.04 12:42:33 | 000,000,000 | ---D | M]

[2009.06.04 08:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Mozilla\Extensions
[2010.06.14 13:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Mozilla\Firefox\Profiles\4d0c3ek1.default\extensions
[2009.09.03 09:43:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Milos Bilek\Data aplikací\Mozilla\Firefox\Profiles\4d0c3ek1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.13 15:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.21 11:43:47 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.21 11:43:47 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.21 11:43:47 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.21 11:43:47 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.21 11:43:47 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-583907252-1275210071-725345543-1003\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SMail] C:\Program Files\Seznam\Postak\Postak.exe (Seznam.cz a.s.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.113
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-583907252-1275210071-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.01 22:32:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.06.01 22:32:11 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.a3d - C:\WINDOWS\System32\a3d.dll (Aureal Semiconductor)
Drivers32: msacm.divxa - C:\WINDOWS\System32\divxa32.acm (build Pinky.cz)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ogg - C:\WINDOWS\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.vorbisenc - C:\WINDOWS\System32\vorbisenc.dll ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\WINDOWS\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\WINDOWS\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.divx - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.14 23:45:08 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milos Bilek\Plocha\OTL.exe
[2010.06.14 23:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.14 23:09:33 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.14 16:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milos Bilek\Plocha\vir
[2010.06.14 10:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lowsec
[2010.06.14 10:44:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milos Bilek\Data aplikací\4DA4BB5B15F109B5620AADBC000464B2
[2010.06.10 15:28:48 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.08 14:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milos Bilek\Plocha\Nová složka (3)
[2010.05.29 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milos Bilek\Plocha\skripta z astronomie
[2010.05.27 20:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milos Bilek\Plocha\Nová složka (2)
[2009.06.09 21:22:55 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\csnphv71.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.15 08:52:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.15 08:52:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.15 08:52:18 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.15 08:52:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.15 00:19:30 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\ntuser.dat
[2010.06.14 23:45:11 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milos Bilek\Plocha\OTL.exe
[2010.06.14 13:46:02 | 000,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.14 13:44:08 | 000,079,360 | -H-- | M] ($t@t1c_V()1D) -- C:\WINDOWS\System32\sstusq.dll
[2010.06.10 21:53:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.10 21:52:37 | 000,023,592 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Plocha\Origami CD Case.pdf
[2010.06.10 15:39:47 | 001,004,434 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.10 15:39:47 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.10 15:39:47 | 000,437,336 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.10 15:39:47 | 000,082,642 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.10 15:39:47 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.09 22:16:16 | 000,004,439 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\gnuplot_history
[2010.06.08 14:59:26 | 004,215,054 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Plocha\elementarni procesy.zip
[2010.06.07 22:23:35 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.06.05 14:53:54 | 000,221,571 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Plocha\0306208v1.pdf
[2010.06.03 21:07:48 | 000,009,084 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\gsview32.ini
[2010.06.02 13:57:09 | 000,000,519 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Local Settings\Data aplikací\DenoiseMyImageFree20.ini
[2010.05.29 22:08:02 | 018,694,077 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Plocha\skripta z astronomie.zip
[2010.05.26 21:11:54 | 000,001,318 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.14 10:44:48 | 000,079,360 | -H-- | C] ($t@t1c_V()1D) -- C:\WINDOWS\System32\sstusq.dll
[2010.06.10 21:52:54 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\Milos Bilek\ntuser.dat
[2010.06.10 21:52:37 | 000,023,592 | ---- | C] () -- C:\Documents and Settings\Milos Bilek\Plocha\Origami CD Case.pdf
[2010.06.08 14:59:26 | 004,215,054 | ---- | C] () -- C:\Documents and Settings\Milos Bilek\Plocha\elementarni procesy.zip
[2010.06.05 14:53:50 | 000,221,571 | ---- | C] () -- C:\Documents and Settings\Milos Bilek\Plocha\0306208v1.pdf
[2010.05.29 22:07:59 | 018,694,077 | ---- | C] () -- C:\Documents and Settings\Milos Bilek\Plocha\skripta z astronomie.zip
[2009.12.29 14:13:52 | 000,000,083 | ---- | C] () -- C:\WINDOWS\MRU.ini
[2009.10.28 21:58:53 | 000,001,838 | ---- | C] () -- C:\WINDOWS\iris.ini
[2009.06.28 13:42:07 | 000,012,480 | ---- | C] () -- C:\WINDOWS\System32\KL2N.DLL
[2009.06.28 13:42:07 | 000,008,968 | ---- | C] () -- C:\WINDOWS\System32\KL2DLL.DLL
[2009.06.28 13:42:07 | 000,007,440 | ---- | C] () -- C:\WINDOWS\System32\ppmon.dll
[2009.06.16 22:32:53 | 000,003,722 | ---- | C] () -- C:\WINDOWS\CSVOICE.INI
[2009.06.09 21:22:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dsnphv71.dll
[2009.06.09 21:22:56 | 000,015,584 | ---- | C] () -- C:\WINDOWS\snphv71.ini
[2009.06.09 21:22:55 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\snphv71.sys
[2009.06.09 21:22:55 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\vsnphv71.dll
[2009.06.05 21:00:59 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.06.05 19:29:58 | 000,000,434 | ---- | C] () -- C:\WINDOWS\w32dasm8.ini
[2009.06.04 22:16:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009.06.03 21:46:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009.06.03 21:46:19 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2009.06.03 21:46:19 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2009.06.03 21:07:19 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2009.06.02 23:33:36 | 000,000,573 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.02 23:29:10 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.06.02 12:31:27 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009.06.02 12:31:22 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2008.11.08 16:45:51 | 000,027,707 | ---- | C] () -- C:\WINDOWS\System32\Bvwvvg32.dll
[2006.10.22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003.07.16 13:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll

========== LOP Check ==========

[2010.02.10 21:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2010.01.30 23:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.06.03 22:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PanaVue
[2010.01.30 23:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.10.09 22:23:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
[2010.03.01 21:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Softland
[2010.06.14 13:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\4DA4BB5B15F109B5620AADBC000464B2
[2010.01.17 02:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Auriga Imaging
[2010.03.05 14:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\bibble
[2009.06.03 22:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Design Science
[2010.01.08 23:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\GrindEQ
[2009.08.07 17:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\HDRsoft
[2010.01.30 23:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Nokia
[2010.04.23 10:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Nokia Multimedia Player
[2010.01.30 23:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\PC Suite
[2009.11.27 23:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\SIMS
[2009.06.05 20:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\uTorrent
[2009.06.02 23:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Zoner
[2010.06.07 22:23:35 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2009.07.23 20:17:56 | 033,921,368 | ---- | M] () -- C:\Nokia_PC_Suite_7_1_30_9_cze_web.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.06.14 13:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\4DA4BB5B15F109B5620AADBC000464B2
[2009.06.07 17:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Adobe
[2010.01.17 02:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Auriga Imaging
[2010.03.05 14:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\bibble
[2009.06.03 22:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Design Science
[2010.01.08 23:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\GrindEQ
[2009.08.07 17:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\HDRsoft
[2009.06.05 19:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Help
[2009.06.01 22:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Identities
[2009.06.02 13:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Macromedia
[2009.06.12 19:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\MathWorks
[2010.01.03 23:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Media Player Classic
[2010.01.14 20:46:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft
[2009.06.04 08:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Mozilla
[2010.01.30 23:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Nokia
[2010.04.23 10:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Nokia Multimedia Player
[2010.01.30 23:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\PC Suite
[2009.11.27 23:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\SIMS
[2009.07.23 23:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Sun
[2009.06.05 20:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\uTorrent
[2009.06.01 23:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\WinRAR
[2009.06.02 23:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milos Bilek\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.06.03 21:22:27 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\bibble\XCrashReport.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_299E3E7EEF5C6700821D34.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_39823F4A04C97B002A2B95.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_58A6DD2EA9CBC5135C0705.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_617600778C53292ED41E9F.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_6FEFF9B68218417F98F549.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_95C2313D04659D9C7EDD34.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_A1CCB0195F5CDA05193AB8.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_BAEB20EFB8AA1BDA3DCC5C.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_CC7E73196D66E9BB59BCA2.exe
[2009.06.03 22:15:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_CFDE27BA9E06F9EE73E003.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_F1FB8C482ECFB68B25E17B.exe
[2009.06.03 22:15:42 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Milos Bilek\Data aplikací\Microsoft\Installer\{1161671B-4079-43FE-8F4F-FD48C0217B46}\_FC5ABAB7FF3E439CD5B22C.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[1999.10.02 10:24:46 | 000,017,408 | ---- | M] () MD5=1363337A5301619F00F8033835EF30E9 -- C:\Program Files\MATLAB\R2007b\sys\perl\win32\site\lib\auto\Win32\EventLog\EventLog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IDECHNDR.SYS >
[2002.10.15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) MD5=7D2B8BE9E89628663C1FB571F7C34062 -- C:\Program Files\Intel\Intel Application Accelerator\Driver\IdeChnDr.sys
[2002.10.15 00:00:00 | 000,101,431 | ---- | M] (Intel Corporation) MD5=7D2B8BE9E89628663C1FB571F7C34062 -- C:\WINDOWS\system32\drivers\IdeChnDr.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.06.02 00:20:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.06.02 00:20:04 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.06.02 00:20:04 | 000,454,656 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.14 13:46:02 | 000,149,992 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.06.15 08:52:18 | 000,088,566 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.14 13:44:08 | 000,079,360 | -H-- | M] ($t@t1c_V()1D) -- C:\WINDOWS\system32\sstusq.dll
[2010.06.15 08:52:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2009.06.03 21:22:27 | 000,000,000 | ---D | M](C:\Documents and Settings\Milo? Bílek\Data aplikací\bibble) -- C:\Documents and Settings\Milo Bílek\Data aplikací\bibble
< End of report >

Lmbzb · #4 Příspěvek od **Lmbzb** » 15 čer 2010 08:26

OTL Extras logfile created on: 14.6.2010 23:49:52 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Milos Bilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 565,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,47 Gb Free Space | 39,14% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 11,78 Gb Free Space | 26,03% Space Free | Partition Type: NTFS
Drive E: | 2,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 425,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: INTEL
Current User Name: Milos Bilek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-583907252-1275210071-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [JpegResamplerDir] -- "D:\zalohaSYSSTEM\Program Files\JPEG Resampler\JpegResampler.exe" "%1" (David Macek)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI -- (Sunbelt Software)
"C:\Program Files\MATLAB\R2007b\bin\win32\MATLAB.exe" = C:\Program Files\MATLAB\R2007b\bin\win32\MATLAB.exe:*:Enabled:MATLAB -- (The MathWorks Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{1161671B-4079-43FE-8F4F-FD48C0217B46}" = Panavue ImageAssembler 3.5.0 (Trial)
"{18435829-4E75-4CD1-9796-A62DBBAE2ED7}" = DeepSkyStacker
"{23484C5A-E7AE-4F59-B7DF-88D63BEF18F4}" = Meade LPI
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39D7AD56-BCF2-4A51-AAFB-3D0333ECF504}" = IDL 7.1
"{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1" = Virtual Moon Atlas Pro 5.0
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.02.10
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A}" = Borland Delphi 6
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BFD080F6-3BF0-40E1-9507-9CA969C35870}" = Sunbelt Personal Firewall
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Balíček ovladače systému Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AFPL Ghostscript 8.14" = AFPL Ghostscript 8.14
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AnyDVD" = AnyDVD
"avast!" = avast! Antivirus
"Bibble Pro" = Bibble Pro
"Cartes du Ciel" = Cartes du Ciel
"DenoiseMyImage_free" = DenoiseMyImage_free
"DesetiPrsty5" = DesetiPrsty5 5.2
"doPDF 6 printer_is1" = doPDF 6.2 printer
"DSMT6" = MathType 6
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"GrindEQ" = GrindEQ Math Utilities (remove only)
"GrindEQw2l" = GrindEQ Word-to-Latex (remove only)
"GSview 4.6" = GSview 4.6
"Hallo northern sky planetarium program_is1" = HNSKY 2.3.0L
"HijackThis" = HijackThis 2.0.2
"HP OrderReminder" = HP OrderReminder
"HP-LaserJet 1018" = LaserJet 1018
"ie8" = Windows Internet Explorer 8
"InstallShield_{39D7AD56-BCF2-4A51-AAFB-3D0333ECF504}" = IDL 7.1
"IrfanView" = IrfanView (remove only)
"MatlabR2007b" = MATLAB R2007b
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MiKTeX" = MiKTeX
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2Beta5
"Picture Window Pro 3.0" = Picture Window Pro 3.0
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"RegiStar" = RegiStar
"SMail" = Seznam Pošťák
"ST6UNST #1" = AIP for Windows
"STDU Viewer_is1" = STDU Viewer version 1.4.13.0
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass)
"Totalcmd" = Total Commander (Remove or Repair)
"VorbisCodec" = Ogg Vorbis ACM Codec
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-583907252-1275210071-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RegiStax 5" = RegiStax 5
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 14.6.2010 4:48:11 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Milos Bilek\Local Settings\Temporary Internet Files\Content.IE5\RZ2BP09W\info_48[2]
failed, 00000005.

Error - 14.6.2010 7:04:32 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

Error - 14.6.2010 7:34:35 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

Error - 14.6.2010 7:36:44 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

Error - 14.6.2010 7:46:14 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

Error - 14.6.2010 9:39:54 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 14.6.2010 9:54:00 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

Error - 14.6.2010 10:03:46 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 14.6.2010 10:03:55 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 14.6.2010 11:02:25 | Computer Name = INTEL | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart XMLException 27 - Could not load message.

[ Application Events ]
Error - 23.4.2010 4:14:01 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
xvid.dll, verze 0.0.0.0, adresa chyby 0x00048ec8.

Error - 23.4.2010 4:16:14 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace mplayerc.exe, verze 6.4.9.0, chybující modul xvid.ax,
verze 0.0.0.0, adresa chyby 0x0003d928.

Error - 23.4.2010 4:55:52 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
wmp.dll, verze 10.0.0.4074, adresa chyby 0x00004d8d.

Error - 28.4.2010 11:34:36 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.1.3726, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x390189f8.

Error - 29.4.2010 14:18:10 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
clvsd.ax, verze 3.5.0.1011, adresa chyby 0x00039caf.

Error - 2.5.2010 14:32:49 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ciel.exe, verze 0.2.7.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.5.2010 8:34:46 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.5.2010 17:17:14 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.5.2010 17:17:42 | Computer Name = INTEL | Source = Application Hang | ID = 1001
Description = Chybný blok 01880210

Error - 14.6.2010 4:45:02 | Computer Name = INTEL | Source = fFollower.exe | ID = 0
Description =

[ Application Events ]
Error - 23.4.2010 4:14:01 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
xvid.dll, verze 0.0.0.0, adresa chyby 0x00048ec8.

Error - 23.4.2010 4:16:14 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace mplayerc.exe, verze 6.4.9.0, chybující modul xvid.ax,
verze 0.0.0.0, adresa chyby 0x0003d928.

Error - 23.4.2010 4:55:52 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
wmp.dll, verze 10.0.0.4074, adresa chyby 0x00004d8d.

Error - 28.4.2010 11:34:36 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.1.3726, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x390189f8.

Error - 29.4.2010 14:18:10 | Computer Name = INTEL | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 10.0.0.3802, chybující modul
clvsd.ax, verze 3.5.0.1011, adresa chyby 0x00039caf.

Error - 2.5.2010 14:32:49 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ciel.exe, verze 0.2.7.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.5.2010 8:34:46 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.5.2010 17:17:14 | Computer Name = INTEL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.5.2010 17:17:42 | Computer Name = INTEL | Source = Application Hang | ID = 1001
Description = Chybný blok 01880210

Error - 14.6.2010 4:45:02 | Computer Name = INTEL | Source = fFollower.exe | ID = 0
Description =

[ System Events ]
Error - 14.6.2010 7:39:06 | Computer Name = INTEL | Source = Service Control Manager | ID = 7000
Description = Služba Zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.6.2010 7:39:51 | Computer Name = INTEL | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba modelu COM pro zápis na disk CD (IMAPI).

Error - 14.6.2010 7:39:52 | Computer Name = INTEL | Source = Service Control Manager | ID = 7000
Description = Služba Služba modelu COM pro zápis na disk CD (IMAPI) neuspěla při
spuštění v důsledku následující chyby: %%1053

Error - 14.6.2010 7:40:21 | Computer Name = INTEL | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
avast! Mail Scanner.

Error - 14.6.2010 7:40:23 | Computer Name = INTEL | Source = Service Control Manager | ID = 7000
Description = Služba avast! Mail Scanner neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.6.2010 7:40:55 | Computer Name = INTEL | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
avast! Mail Scanner.

Error - 14.6.2010 7:40:55 | Computer Name = INTEL | Source = Service Control Manager | ID = 7000
Description = Služba avast! Mail Scanner neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.6.2010 7:41:35 | Computer Name = INTEL | Source = Service Control Manager | ID = 7034
Description = Služba avast! Web Scanner byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.6.2010 9:45:16 | Computer Name = INTEL | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 88.102.164.83 pro síťovou kartu se síťovou
adresou 0010DCC99352 byla ukončena.

Error - 14.6.2010 9:46:20 | Computer Name = INTEL | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0010DCC99352
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#5 Příspěvek od **Caroprd111** » 15 čer 2010 12:47

Toolbar:
"SMail" = Seznam Pošťák

Obrázek

Doporučuji odinstalovat Ad-Aware.

Obrázek

Doporučuji odinstalovat µTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

Obrázek

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:Files
C:\WINDOWS\system32\lowsec
C:\WINDOWS\system32\sstusq.dll

:OTL
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Lmbzb · #6 Příspěvek od **Lmbzb** » 15 čer 2010 15:43

Odstranění zmíněných programů zvážím.

========== FILES ==========
C:\WINDOWS\system32\lowsec folder moved successfully.
C:\WINDOWS\system32\sstusq.dll moved successfully.
========== OTL ==========
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET113.tmp deleted successfully.
C:\WINDOWS\System32\SETBF.tmp deleted successfully.
C:\WINDOWS\System32\SETCB.tmp deleted successfully.
C:\WINDOWS\002690_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.

OTL by OldTimer - Version 3.2.6.0 log created on 06152010_162629

Při spuštění skriptu vyskočilo okno Avastu, že nalezl virus. Kliknul jsem na Žádná akce.

#7 Příspěvek od **Caroprd111** » 15 čer 2010 15:53

Kde přesně Avast virus nalezl

Lmbzb · #8 Příspěvek od **Lmbzb** » 15 čer 2010 15:56

To jsem si bohužel nepoznamenal. Stalo se to hned po spuštění skriptu.

#9 Příspěvek od **Caroprd111** » 15 čer 2010 16:02

Podívejte se do protokolů Avastu.

Lmbzb · #10 Příspěvek od **Lmbzb** » 15 čer 2010 16:10

Hláška Avastu:
Virus "Win32:Rootkit-gen[Rtk]" byl nalezen v souboru "C:\_OTL\MovedFiles\06152010162629\C_WINDOWS\system32\sstusq.dll"

#11 Příspěvek od **Caroprd111** » 15 čer 2010 16:12

To je karanténa OTL, tam je soubor neškodný a později ho smažeme. Jak se chová PC

Chcete prověřit PC na přítomnost rootkitů

Lmbzb · #12 Příspěvek od **Lmbzb** » 15 čer 2010 16:19

PC funguje v pohodě, jak jsem psal v prvním příspěvku. Na rootkity můžeme prověřit také, jste-li ochoten.

#13 Příspěvek od **Caroprd111** » 15 čer 2010 16:21

OK

Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

Lmbzb · #14 Příspěvek od **Lmbzb** » 15 čer 2010 16:30

Jak mám provést bod 1?

#15 Příspěvek od **Caroprd111** » 15 čer 2010 16:33

V "Přidat nebo odebrat programy" odinstalujete programy Alcohol 120%, Daemon Tools atp. Pokud takové programy nemáte nainstalované, tak pokračujte dalšími kroky.

VIRY.CZ

falesny antivirus

falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus

Re: falesny antivirus