Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu,akutní,děkuji

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

kontrola logu,akutní,děkuji

#1 Příspěvek od rEvoluce »

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 1:46:33, on 20.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tenda\W302P\UI.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Programs\hj\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60308
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [DXTempFolder] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\system32\DirectX\DX16.tmp\"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Tenda W302P.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3352582281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E93E9DF0-3E59-4331-A269-F1E077C66F00} (GameTap Web Plugin) - http://cnn-5.vo.llnwd.net/c1/static/cli ... plugin.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe

--
End of file - 10189 bytes
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#2 Příspěvek od rEvoluce »

Dobrý den,
práce na mém PC je skoro nemožná. Pořád se mi přepínaj okna (pomalu to vypadá, jako bych měl zapadlou klávesu, ale klávesnice je fyzicky vpořádku). Označim si okno a to se mi za chvíli samo "odoznačí". Napsat někam login a heslo je pětiminutový porod. Nechápu co se děje.
Program jsem projel Mwavem a našel nějaký bordel, který jsem postupně odstranil, teď se jen bojim, že jsem odstranil nějaký důležitý soft.
Prosím mrkněte na log, zda tam vážně není vir.
Začalo to s problémy se síťovou kartou, ta ikdyž nově nainstalovaná, neprojevovala žádnou aktivitu. Při reinstalaci po mě pc žádalo soubor rt2860.sys, což jsem si na netu našel že je nějaký malware. proto jsem to projel Mwavem a SUperagentem a teď si už nevím rady :boxed:

Děkuji za prohlídku logu a případné nápady.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: kontrola logu,akutní,děkuji

#3 Příspěvek od motji »

Dobré ránko, poprosím o tento log

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#4 Příspěvek od rEvoluce »

OTL logfile created on: 20.9.2010 10:05:51 - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 364,00 Mb Available Physical Memory | 36,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 14,45 Gb Free Space | 6,20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 3,73 Gb Total Space | 2,69 Gb Free Space | 72,31% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAVEL-1EF2D5810
Current User Name: Pavel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.20 09:56:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
PRC - [2010.08.10 09:03:08 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.08.10 09:03:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.02.22 16:21:02 | 000,759,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\a205f34be6fb5c81ebeb1c8f0bf8ff44\update\update.exe
PRC - [2010.01.29 14:27:10 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.01.29 14:26:49 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2008.10.16 17:22:24 | 002,121,728 | ---- | M] () -- C:\Program Files\Tenda\W302P\UI.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.03.30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005.10.18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe


========== Modules (SafeList) ==========

MOD - [2010.09.20 09:56:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
MOD - [2010.02.02 22:10:24 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.01.29 14:26:49 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.03.30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005.10.18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.02.02 22:10:23 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.01.29 14:27:16 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.01.29 14:27:16 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2008.07.29 11:52:46 | 000,679,680 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008.06.16 11:12:30 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008.06.16 11:12:30 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006.06.28 10:25:24 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.04.24 11:52:28 | 000,100,736 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.03.22 08:24:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.03.22 08:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.02.16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2006.02.08 10:26:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005.10.18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005.10.16 03:15:41 | 000,027,171 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005.03.09 08:53:00 | 000,036,352 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004.08.22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2003.02.18 10:08:04 | 000,017,504 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-839522115-179605362-2147188803-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2009.06.02 17:40:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.10 09:03:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.08 15:08:09 | 000,000,000 | ---D | M]

[2010.08.06 01:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Extensions
[2010.09.20 01:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\zhss4xqw.default\extensions
[2010.08.29 14:24:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\zhss4xqw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.29 14:24:52 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\zhss4xqw.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.09.20 01:49:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.08.20 15:21:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.10 09:03:26 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.10 09:03:27 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.10 09:03:27 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.10 09:03:27 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.10 09:03:28 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.11.26 22:11:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-839522115-179605362-2147188803-1004\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda W302P.lnk = C:\Program Files\Tenda\W302P\UI.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-179605362-2147188803-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-839522115-179605362-2147188803-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3352582281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E93E9DF0-3E59-4331-A269-F1E077C66F00} http://cnn-5.vo.llnwd.net/c1/static/cli ... plugin.cab (GameTap Web Plugin)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.27 19:58:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)

========== Files/Folders - Created Within 30 Days ==========

[2010.09.20 10:05:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.09.20 10:02:34 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.09.20 00:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Tenda
[2010.09.20 00:23:03 | 000,073,216 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2010.09.20 00:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.09.17 22:08:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.09.17 22:08:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.09.17 22:08:36 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.09.17 22:08:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.09.17 22:08:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.09.17 22:08:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.09.17 22:08:14 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.09.17 22:08:00 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.09.17 21:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\Moje Spore výtvory
[2010.09.17 21:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\SPORE
[2010.09.17 21:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010.09.03 11:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\Objednávka-soubory
[2010.09.02 23:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu2-soubory
[2010.09.02 23:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu-soubory
[2010.09.02 22:35:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeAndy-soubory
[2010.09.02 21:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HF Designer 2.7
[2010.09.02 21:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\HF Designer 2.7
[2010.03.11 13:10:30 | 000,017,504 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt680x.sys
[2008.11.09 16:36:13 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008.11.09 16:36:13 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.20 10:01:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.20 10:00:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.20 10:00:20 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.09.20 10:00:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.20 09:56:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.09.20 01:50:12 | 022,544,384 | ---- | M] () -- C:\Documents and Settings\Pavel\ntuser.dat
[2010.09.20 01:39:43 | 000,000,000 | ---- | M] () -- C:\23990098.$$$
[2010.09.20 01:27:15 | 006,936,585 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.09.20 01:22:12 | 000,000,050 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.09.20 00:32:41 | 000,000,485 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda W302P.lnk
[2010.09.20 00:32:41 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Tenda W302P.lnk
[2010.09.20 00:23:03 | 000,073,216 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2010.09.20 00:22:27 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.09.17 21:54:18 | 000,001,862 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SPORE™.lnk
[2010.09.17 21:43:58 | 000,202,752 | ---- | M] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.08 15:08:10 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.09.06 20:25:32 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.09.03 11:38:38 | 000,055,121 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\mdbu.bin
[2010.09.03 11:38:27 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\Objednávka.psc
[2010.09.03 11:06:11 | 000,004,667 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu.pcf
[2010.09.03 10:54:21 | 000,004,046 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeAndy.pcf
[2010.09.02 23:17:26 | 000,004,378 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu2.pcf
[2010.09.02 17:25:31 | 000,572,094 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\subarachnoideal space.bmp
[2010.09.02 12:18:57 | 001,057,999 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\cirkulace moku.pdf
[2010.09.02 12:18:44 | 010,379,776 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\cns.ppt
[2010.09.02 12:09:53 | 006,632,960 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\06neuroinfekce.ppt
[2010.09.02 01:27:39 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Pavel\ntuser.ini
[2010.09.01 23:53:21 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\Jak sbalit ženu.doc
[2010.09.01 17:16:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.31 19:32:52 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Funkční reklama.doc
[2010.08.31 09:30:13 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Pavel\Dokumenty\Přerušení studia.doc
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#5 Příspěvek od rEvoluce »

========== Files Created - No Company Name ==========

[2010.09.20 01:26:11 | 006,936,585 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.09.20 00:32:41 | 000,000,485 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda W302P.lnk
[2010.09.20 00:32:41 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Tenda W302P.lnk
[2010.09.20 00:22:27 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.09.17 21:54:18 | 000,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SPORE™.lnk
[2010.09.03 11:38:27 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\Objednávka.psc
[2010.09.02 23:18:47 | 000,055,121 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\mdbu.bin
[2010.09.02 23:17:26 | 000,004,378 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu2.pcf
[2010.09.02 23:07:25 | 000,004,667 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu.pcf
[2010.09.02 22:35:57 | 000,004,046 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeAndy.pcf
[2010.09.02 17:25:31 | 000,572,094 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\subarachnoideal space.bmp
[2010.09.02 12:18:57 | 001,057,999 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\cirkulace moku.pdf
[2010.09.02 12:18:44 | 010,379,776 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\cns.ppt
[2010.09.02 12:11:03 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.09.02 12:09:53 | 006,632,960 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\06neuroinfekce.ppt
[2010.09.01 23:53:11 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\Jak sbalit ženu.doc
[2010.08.31 19:32:51 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\Funkční reklama.doc
[2010.05.13 13:23:56 | 000,000,043 | ---- | C] () -- C:\WINDOWS\GSWIN32.INI
[2010.05.02 11:08:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.02 11:08:05 | 003,297,280 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010.05.02 11:07:59 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.02 11:07:58 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.02 11:07:57 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.02 11:07:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.04.23 21:15:01 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010.04.19 00:14:54 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010.04.19 00:14:54 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010.03.11 14:34:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2010.03.11 14:30:52 | 000,000,184 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2010.03.11 13:10:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2010.03.11 13:10:42 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2010.03.11 13:10:31 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2Nusd.dll
[2010.03.11 13:10:30 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll
[2010.03.11 13:10:30 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\MKScannerSetting.ini
[2009.08.20 16:47:55 | 000,000,238 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009.08.17 17:40:43 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.8.64739.471_XP_Vista_x32.INI
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.02.02 13:26:23 | 000,002,719 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.01.17 14:53:56 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\PnkBstrK.sys
[2008.11.27 13:24:58 | 000,001,295 | ---- | C] () -- C:\WINDOWS\CITP_SearchHistory.INI
[2008.11.22 20:00:41 | 000,001,016 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.19 12:03:22 | 000,000,023 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.09.18 11:03:25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008.07.09 09:35:37 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.07.09 07:21:13 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2008.05.02 15:23:35 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.03.24 23:50:01 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\burnaware.ini
[2008.01.18 17:36:20 | 000,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007.11.20 21:53:18 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\fusioncache.dat
[2007.07.02 23:15:17 | 000,077,312 | ---- | C] () -- C:\WINDOWS\ua2.dll
[2007.02.23 12:47:35 | 000,000,041 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2007.02.23 12:46:49 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2007.01.03 00:15:37 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2007.01.01 18:03:02 | 000,029,536 | ---- | C] () -- C:\WINDOWS\System32\Dib.drv
[2006.12.13 19:53:47 | 000,001,358 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2006.11.12 16:38:22 | 000,000,744 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.11.02 04:18:19 | 000,202,752 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.02 03:50:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.27 21:11:00 | 000,000,223 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.10.27 20:27:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2006.10.27 20:27:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2006.10.27 20:27:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2006.10.27 20:27:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2006.10.27 20:27:56 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2006.10.27 20:27:56 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2006.10.27 20:27:55 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2006.10.27 20:27:55 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2006.10.27 20:27:55 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2006.10.27 20:27:55 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2006.03.09 09:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.03.09 09:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004.08.22 18:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.06.14 16:00:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2002.10.05 02:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002.10.05 02:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 02:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010.05.09 17:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\3DWA_L
[2010.03.10 22:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.02 21:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HF Designer 2.7
[2010.07.11 20:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.11 13:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2008.12.22 18:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.09.20 00:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2007.11.21 18:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\River Past G5
[2010.04.19 00:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SafeNet Sentinel
[2010.04.19 00:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SPSS
[2009.08.18 11:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.17 14:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.06.02 17:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008.03.20 12:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Any Video Converter
[2007.08.04 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Atari
[2008.12.14 17:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Audacity
[2010.03.20 22:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\avidemux
[2007.11.12 18:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AVSMedia
[2007.07.30 12:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Canon
[2008.11.29 14:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ChessBase
[2010.05.23 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Docx2Rtf
[2008.07.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Firaxis Games
[2007.02.21 22:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\GeoVid
[2008.12.29 22:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\gtk-2.0
[2010.09.02 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Happy Foto
[2010.08.11 23:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2007.06.25 14:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2007.02.10 18:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2008.09.23 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Inkscape
[2007.12.21 22:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Jpeg Resampler
[2009.12.20 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\LangSoft
[2007.08.04 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2010.07.21 20:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\MockFlow
[2008.12.24 10:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\My Games
[2010.05.23 12:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\NwDocx
[2010.05.16 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Opera
[2010.05.13 13:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\pdfforge
[2008.03.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\PDM
[2007.11.21 18:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\River Past G5
[2010.05.13 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Search Settings
[2010.09.17 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SPORE
[2010.04.11 22:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teeworlds
[2007.11.19 20:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\URUSoft
[2010.09.01 21:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2007.08.30 13:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Video DVD Maker FREE
[2008.10.25 18:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ViStart
[2009.02.14 12:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2008.03.25 23:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Vso
[2010.05.07 22:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WordToPDF

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[7 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.04.19 00:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.21 20:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Adobe
[2006.11.29 00:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AdobeUM
[2008.02.28 02:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Ahead
[2008.03.20 12:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Any Video Converter
[2009.06.02 17:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Apple Computer
[2007.08.04 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Atari
[2008.12.14 17:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Audacity
[2010.03.20 22:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\avidemux
[2007.11.12 18:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AVSMedia
[2007.07.30 12:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Canon
[2008.11.29 14:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ChessBase
[2008.09.10 17:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Creative
[2008.11.13 22:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\DivX
[2010.05.23 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Docx2Rtf
[2008.07.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Firaxis Games
[2007.02.21 22:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\GeoVid
[2008.12.29 22:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\gtk-2.0
[2010.09.02 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Happy Foto
[2006.11.12 19:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Help
[2010.08.11 23:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2007.06.25 14:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2007.02.10 18:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2006.10.27 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Identities
[2008.09.23 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Inkscape
[2007.07.29 21:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\InstallShield
[2007.12.21 22:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Jpeg Resampler
[2009.12.20 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\LangSoft
[2006.11.14 15:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Lavasoft
[2007.08.04 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2006.11.02 12:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia
[2010.05.30 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Media Player Classic
[2010.08.29 12:40:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft
[2006.11.12 16:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft Web Folders
[2010.07.21 20:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\MockFlow
[2010.08.06 01:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla
[2008.12.24 10:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\My Games
[2010.05.23 12:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\NwDocx
[2010.05.16 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Opera
[2010.05.13 13:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\pdfforge
[2008.03.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\PDM
[2008.09.19 12:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Real
[2007.11.21 18:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\River Past G5
[2010.05.13 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Search Settings
[2008.04.11 22:20:18 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SecuROM
[2010.09.06 20:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Skype
[2010.09.06 20:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\skypePM
[2010.09.17 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SPORE
[2006.12.17 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Sun
[2007.07.11 21:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SUPERAntiSpyware.com
[2010.04.11 22:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teeworlds
[2009.09.16 10:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\U3
[2007.11.19 20:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\URUSoft
[2010.09.01 21:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2007.08.30 13:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Video DVD Maker FREE
[2008.10.25 18:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ViStart
[2009.02.14 12:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2008.03.25 23:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Vso
[2008.06.15 23:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WinRAR
[2010.05.07 22:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WordToPDF
[2010.07.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2010.07.21 20:09:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.02.28 19:24:30 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_18be6784.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_294823.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_2cd672ae.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_4ae13d6c.exe
[2010.03.13 11:08:53 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{12BA5DFC-4BE2-4F07-BE38-5BDC50789B35}\_25a91088.exe
[2010.03.13 11:08:54 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{12BA5DFC-4BE2-4F07-BE38-5BDC50789B35}\_443593f.exe
[2007.07.11 21:13:28 | 000,029,696 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
[2007.07.11 21:13:28 | 000,018,944 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
[2007.07.11 21:13:28 | 000,065,024 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
[2006.05.23 18:05:50 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\U3\temp\cleanup.exe


< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[1999.04.27 11:20:00 | 000,024,710 | ---- | M] () MD5=D55232B17C8B8A80F074DCC3D524C1DB -- C:\Documents and Settings\Pavel\Dokumenty\USB ZÁLOHA\Nová složka\CDROM.SYS

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.04.24 11:52:28 | 000,100,736 | R--- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.10.27 21:34:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.10.27 21:34:05 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.10.27 21:34:05 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.09.20 00:23:03 | 000,073,216 | ---- | M] (Prevx) -- C:\WINDOWS\system32\drivers\pxrts.sys

< %systemroot%\system32\*.* /3 >
[2010.09.20 10:00:20 | 000,276,202 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.09.20 10:01:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 319 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
< End of report >
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#6 Příspěvek od rEvoluce »

========== Files Created - No Company Name ==========

[2010.09.20 01:26:11 | 006,936,585 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.09.20 00:32:41 | 000,000,485 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda W302P.lnk
[2010.09.20 00:32:41 | 000,000,473 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Tenda W302P.lnk
[2010.09.20 00:22:27 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.09.17 21:54:18 | 000,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SPORE™.lnk
[2010.09.03 11:38:27 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\Objednávka.psc
[2010.09.02 23:18:47 | 000,055,121 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\mdbu.bin
[2010.09.02 23:17:26 | 000,004,378 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu2.pcf
[2010.09.02 23:07:25 | 000,004,667 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeRitu.pcf
[2010.09.02 22:35:57 | 000,004,046 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\FotokolážeAndy.pcf
[2010.09.02 17:25:31 | 000,572,094 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\subarachnoideal space.bmp
[2010.09.02 12:18:57 | 001,057,999 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\cirkulace moku.pdf
[2010.09.02 12:18:44 | 010,379,776 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\cns.ppt
[2010.09.02 12:11:03 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.09.02 12:09:53 | 006,632,960 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\06neuroinfekce.ppt
[2010.09.01 23:53:11 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Pavel\Dokumenty\Jak sbalit ženu.doc
[2010.08.31 19:32:51 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\Funkční reklama.doc
[2010.05.13 13:23:56 | 000,000,043 | ---- | C] () -- C:\WINDOWS\GSWIN32.INI
[2010.05.02 11:08:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.02 11:08:05 | 003,297,280 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010.05.02 11:07:59 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.02 11:07:58 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.02 11:07:57 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.02 11:07:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.04.23 21:15:01 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010.04.19 00:14:54 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2010.04.19 00:14:54 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2010.03.11 14:34:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2010.03.11 14:30:52 | 000,000,184 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2010.03.11 13:10:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2010.03.11 13:10:42 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2010.03.11 13:10:31 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2Nusd.dll
[2010.03.11 13:10:30 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll
[2010.03.11 13:10:30 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\MKScannerSetting.ini
[2009.08.20 16:47:55 | 000,000,238 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009.08.17 17:40:43 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.8.64739.471_XP_Vista_x32.INI
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.02.02 13:26:23 | 000,002,719 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.01.17 14:53:56 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\PnkBstrK.sys
[2008.11.27 13:24:58 | 000,001,295 | ---- | C] () -- C:\WINDOWS\CITP_SearchHistory.INI
[2008.11.22 20:00:41 | 000,001,016 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.19 12:03:22 | 000,000,023 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.09.18 11:03:25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008.07.09 09:35:37 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.07.09 07:21:13 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2008.05.02 15:23:35 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.03.24 23:50:01 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\Pavel\Data aplikací\burnaware.ini
[2008.01.18 17:36:20 | 000,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007.11.20 21:53:18 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\fusioncache.dat
[2007.07.02 23:15:17 | 000,077,312 | ---- | C] () -- C:\WINDOWS\ua2.dll
[2007.02.23 12:47:35 | 000,000,041 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2007.02.23 12:46:49 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2007.01.03 00:15:37 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2007.01.01 18:03:02 | 000,029,536 | ---- | C] () -- C:\WINDOWS\System32\Dib.drv
[2006.12.13 19:53:47 | 000,001,358 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2006.11.12 16:38:22 | 000,000,744 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.11.02 04:18:19 | 000,202,752 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.02 03:50:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.27 21:11:00 | 000,000,223 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.10.27 20:27:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2006.10.27 20:27:56 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2006.10.27 20:27:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2006.10.27 20:27:56 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2006.10.27 20:27:56 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2006.10.27 20:27:56 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2006.10.27 20:27:55 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2006.10.27 20:27:55 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2006.10.27 20:27:55 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2006.10.27 20:27:55 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2006.03.09 09:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.03.09 09:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004.08.22 18:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.06.14 16:00:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2002.10.05 02:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002.10.05 02:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 02:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010.05.09 17:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\3DWA_L
[2010.03.10 22:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.02 21:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HF Designer 2.7
[2010.07.11 20:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.11 13:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2008.12.22 18:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.09.20 00:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2007.11.21 18:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\River Past G5
[2010.04.19 00:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SafeNet Sentinel
[2010.04.19 00:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SPSS
[2009.08.18 11:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.17 14:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.06.02 17:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008.03.20 12:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Any Video Converter
[2007.08.04 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Atari
[2008.12.14 17:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Audacity
[2010.03.20 22:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\avidemux
[2007.11.12 18:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AVSMedia
[2007.07.30 12:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Canon
[2008.11.29 14:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ChessBase
[2010.05.23 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Docx2Rtf
[2008.07.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Firaxis Games
[2007.02.21 22:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\GeoVid
[2008.12.29 22:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\gtk-2.0
[2010.09.02 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Happy Foto
[2010.08.11 23:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2007.06.25 14:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2007.02.10 18:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2008.09.23 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Inkscape
[2007.12.21 22:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Jpeg Resampler
[2009.12.20 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\LangSoft
[2007.08.04 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2010.07.21 20:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\MockFlow
[2008.12.24 10:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\My Games
[2010.05.23 12:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\NwDocx
[2010.05.16 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Opera
[2010.05.13 13:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\pdfforge
[2008.03.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\PDM
[2007.11.21 18:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\River Past G5
[2010.05.13 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Search Settings
[2010.09.17 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SPORE
[2010.04.11 22:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teeworlds
[2007.11.19 20:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\URUSoft
[2010.09.01 21:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2007.08.30 13:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Video DVD Maker FREE
[2008.10.25 18:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ViStart
[2009.02.14 12:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2008.03.25 23:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Vso
[2010.05.07 22:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WordToPDF

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[7 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.04.19 00:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPSS

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.21 20:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Adobe
[2006.11.29 00:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AdobeUM
[2008.02.28 02:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Ahead
[2008.03.20 12:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Any Video Converter
[2009.06.02 17:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Apple Computer
[2007.08.04 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Atari
[2008.12.14 17:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Audacity
[2010.03.20 22:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\avidemux
[2007.11.12 18:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AVSMedia
[2007.07.30 12:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Canon
[2008.11.29 14:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ChessBase
[2008.09.10 17:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Creative
[2008.11.13 22:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\DivX
[2010.05.23 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Docx2Rtf
[2008.07.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Firaxis Games
[2007.02.21 22:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\GeoVid
[2008.12.29 22:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\gtk-2.0
[2010.09.02 21:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Happy Foto
[2006.11.12 19:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Help
[2010.08.11 23:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2007.06.25 14:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2007.02.10 18:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2006.10.27 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Identities
[2008.09.23 21:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Inkscape
[2007.07.29 21:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\InstallShield
[2007.12.21 22:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Jpeg Resampler
[2009.12.20 14:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\LangSoft
[2006.11.14 15:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Lavasoft
[2007.08.04 13:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2006.11.02 12:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia
[2010.05.30 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Media Player Classic
[2010.08.29 12:40:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft
[2006.11.12 16:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft Web Folders
[2010.07.21 20:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\MockFlow
[2010.08.06 01:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla
[2008.12.24 10:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\My Games
[2010.05.23 12:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\NwDocx
[2010.05.16 18:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Opera
[2010.05.13 13:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\pdfforge
[2008.03.21 20:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\PDM
[2008.09.19 12:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Real
[2007.11.21 18:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\River Past G5
[2010.05.13 13:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Search Settings
[2008.04.11 22:20:18 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SecuROM
[2010.09.06 20:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Skype
[2010.09.06 20:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\skypePM
[2010.09.17 21:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SPORE
[2006.12.17 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Sun
[2007.07.11 21:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SUPERAntiSpyware.com
[2010.04.11 22:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teeworlds
[2009.09.16 10:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\U3
[2007.11.19 20:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\URUSoft
[2010.09.01 21:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2007.08.30 13:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Video DVD Maker FREE
[2008.10.25 18:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ViStart
[2009.02.14 12:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2008.03.25 23:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Vso
[2008.06.15 23:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WinRAR
[2010.05.07 22:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WordToPDF
[2010.07.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2010.07.21 20:09:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.02.28 19:24:30 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_18be6784.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_294823.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_2cd672ae.exe
[2009.02.28 19:24:30 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{00153C4F-4AB0-4AD5-9561-DDFFC074D558}\_4ae13d6c.exe
[2010.03.13 11:08:53 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{12BA5DFC-4BE2-4F07-BE38-5BDC50789B35}\_25a91088.exe
[2010.03.13 11:08:54 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{12BA5DFC-4BE2-4F07-BE38-5BDC50789B35}\_443593f.exe
[2007.07.11 21:13:28 | 000,029,696 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
[2007.07.11 21:13:28 | 000,018,944 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
[2007.07.11 21:13:28 | 000,065,024 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
[2006.05.23 18:05:50 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\U3\temp\cleanup.exe


< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[1999.04.27 11:20:00 | 000,024,710 | ---- | M] () MD5=D55232B17C8B8A80F074DCC3D524C1DB -- C:\Documents and Settings\Pavel\Dokumenty\USB ZÁLOHA\Nová složka\CDROM.SYS

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.24 17:45:40 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.04.24 11:52:28 | 000,100,736 | R--- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.10.27 21:34:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.10.27 21:34:05 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.10.27 21:34:05 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.09.20 00:23:03 | 000,073,216 | ---- | M] (Prevx) -- C:\WINDOWS\system32\drivers\pxrts.sys

< %systemroot%\system32\*.* /3 >
[2010.09.20 10:00:20 | 000,276,202 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.09.20 10:01:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 319 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
< End of report >
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#7 Příspěvek od rEvoluce »

Ještě se chci zeptat zda toto není nějaká pochybná stránka: http://spywaredlls.prevx.com/RRCEAG4384 ... 0.SYS.html ? Instaloval jsem si jejich čistič na pc. Ale až potom co začaly problémy
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: kontrola logu,akutní,děkuji

#8 Příspěvek od motji »

Jak se ten čistič jmenuje?

:arrow: tyto soubory znáte?
C:\Documents and Settings\All Users\Plocha\SPORE™.lnk
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda W302P.lnk

arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 319 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Pavel\Data aplikací\Search Settings
C:\Documents and Settings\Pavel\Data aplikací\pdfforge

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde :)


:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#9 Příspěvek od rEvoluce »

Spore je hra a Tenda je název síťové karty.
Program se jmenoval Prevx 3.0
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#10 Příspěvek od rEvoluce »

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET4E.tmp moved successfully.
C:\WINDOWS\system32\SET53.tmp moved successfully.
C:\WINDOWS\system32\SETA1.tmp moved successfully.
C:\WINDOWS\system32\setb0.tmp moved successfully.
C:\WINDOWS\002725_.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\NV11241184.TMP folder moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP316.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP428.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI17.tmp moved successfully.
C:\WINDOWS\Installer\MSI1ED.tmp moved successfully.
C:\WINDOWS\Installer\MSI3A.tmp moved successfully.
C:\WINDOWS\Installer\MSI43.tmp moved successfully.
C:\WINDOWS\Installer\MSIAE.tmp moved successfully.
C:\WINDOWS\Installer\MSIB4.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD7C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD7D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD7E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD7F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD80.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD81.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD82.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD83.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD84.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD85.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD86.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD87.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD88.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD89.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD8F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD90.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD91.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD92.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD93.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD94.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD95.tmp moved successfully.
C:\WINDOWS\system32\spool\PRINTERS\TcpA.tmp moved successfully.
C:\WINDOWS\system32\spool\PRINTERS\TcpB.tmp moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\Search Settings\kb130\temp folder moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\Search Settings\kb130 folder moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\pdfforge\temp folder moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\pdfforge\res folder moved successfully.
C:\Documents and Settings\Pavel\Data aplikací\pdfforge folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Pavel
->Temp folder emptied: 104213945 bytes
->Temporary Internet Files folder emptied: 33394652 bytes
->Java cache emptied: 29292293 bytes
->FireFox cache emptied: 99723376 bytes
->Opera cache emptied: 86023761 bytes
->Flash cache emptied: 184763 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1422446 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 53569082 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 8636383 bytes

Total Files Cleaned = 397,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Pavel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.14.0 log created on 09202010_183532

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#11 Příspěvek od rEvoluce »

Nevím čím to je, ale PC se přestalo chovat divně, už na něm můžu v pohodě i psát:). Přes to budu rád, když se na výsledky skenu MBAM mrknete, už skenuji.... děkuji
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#12 Příspěvek od rEvoluce »

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4656

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

20.9.2010 20:35:09
mbam-log-2010-09-20 (20-35-09).txt

Typ skenu: Úplný sken (C:\|G:\|)
Skenované objekty: 317851
Uplynulý čas: 1 hodina(y), 47 minuta(y), 22 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b922d405-6d13-4a2b-ae89-08a030da4402} (Adware.WidgiToolbar) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Program Files\pdfforge Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> No action taken.
C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll (Adware.WidgiToolbar) -> No action taken.
C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Adware.WidgiToolbar) -> No action taken.
C:\Program Files\BSplayer Pro\bsplayer.exe (Malware.Packer.Gen) -> No action taken.
C:\System Volume Information\_restore{11277968-DC73-4FE7-A7C3-17F1E72DD5FD}\RP839\A0135283.exe (Adware.Craagle) -> No action taken.
G:\Images\Adobe\Adobe CS3 - Premium\CS3 Design Premium.exe (Trojan.Agent) -> No action taken.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: kontrola logu,akutní,děkuji

#13 Příspěvek od motji »

V mbamu vše smažte.

:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
rEvoluce
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 18 zář 2008 12:24

Re: kontrola logu,akutní,děkuji

#14 Příspěvek od rEvoluce »

Comofix proběhl a něco odstranil. PC je v pořádku, teď jen bojuji s grafickou kartou, když mám zapnutou hru, tak mě z ní něco pořád vyhazuje, ale to snad bude jen ovladač.
Chcete sem ještě jednou hodit nějaký log?
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: kontrola logu,akutní,děkuji

#15 Příspěvek od motji »

Log z combofixu, co jste dělal, bych prosila :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“