VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jirka at 2010-10-29 10:42:45
Microsoft Windows 7 Ultimate
System drive C: has 87 GB (29%) free of 305 GB
Total RAM: 2047 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:42:52, on 29.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7905 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005c0
\??\C:\Windows\system32\conhost.exe
"taskhost.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:1628
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ae65a02f-f2fd-4086-b203-0289812e0f4f -SystemEventPortName:HostProcess-88b63cf0-7a7a-4fe4-a37d-b9ac31e809c4 -IoCancelEventPortName:HostProcess-13776e4b-3645-4fd8-9b58-cb06b52fa6b1 -NonStateChangingEventPortName:HostProcess-0277fe56-8e2b-46d4-9a03-3993bee04fe3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0a40047-244b-4088-8181-839139355fae
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ICQ7.2\ICQ.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Jirka\Desktop\Download\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe []
"NVIDIA driver monitor"=C:\Windows\nvsvc32.exe [2010-10-27 81920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"NVIDIA driver monitor"=C:\Windows\nvsvc32.exe [2010-10-27 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Jirka\Desktop\Download\P17535732.JPG-www.facebook.exe"="C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-29 10:42:45 ----D---- C:\rsit
2010-10-29 10:42:45 ----D---- C:\Program Files\trend micro
2010-10-28 09:45:10 ----SHD---- C:\ProgramData\DSS
2010-10-28 09:34:51 ----D---- C:\Program Files (x86)\Electronic Arts
2010-10-28 09:31:50 ----D---- C:\Windows\SYSWOW64\AGEIA
2010-10-28 09:31:50 ----D---- C:\Program Files (x86)\AGEIA Technologies
2010-10-27 15:13:53 ----D---- C:\Users\Jirka\AppData\Roaming\Avira
2010-10-27 14:58:04 ----RSH---- C:\Windows\nvsvc32.exe
2010-10-27 14:24:24 ----D---- C:\Program Files (x86)\Aliens Vs Predator
2010-10-24 13:59:32 ----D---- C:\Windows\system32\appmgmt
2010-10-24 13:44:51 ----A---- C:\Windows\SYSWOW64\unrar.dll
2010-10-24 13:44:51 ----A---- C:\Windows\avisplitter.ini
2010-10-24 13:44:49 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2010-10-24 13:44:49 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2010-10-24 13:44:49 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2010-10-24 13:44:49 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2010-10-24 13:44:49 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2010-10-24 13:44:46 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2010-10-24 13:35:43 ----A---- C:\Windows\iun6002.exe
2010-10-20 08:10:21 ----D---- C:\ProgramData\McAfee
2010-10-17 11:22:06 ----D---- C:\ProgramData\Codemasters
2010-10-17 11:17:09 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2010-10-17 11:17:09 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2010-10-17 11:17:08 ----D---- C:\Program Files (x86)\BRS
2010-10-17 11:17:07 ----D---- C:\Program Files (x86)\OpenAL
2010-10-17 11:17:07 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-10-17 11:17:07 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-10-17 11:17:07 ----A---- C:\Windows\system32\wrap_oal.dll
2010-10-17 11:17:07 ----A---- C:\Windows\system32\OpenAL32.dll
2010-10-17 11:17:04 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-10-17 11:17:04 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-10-17 11:17:04 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-10-17 11:17:04 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-10-17 11:17:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-10-17 11:17:03 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-10-17 11:17:02 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-10-17 11:17:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-10-17 11:17:02 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-10-17 11:17:02 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-10-17 11:17:02 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-10-17 11:17:02 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-10-17 11:17:01 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-10-17 11:17:01 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-10-17 11:17:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-10-17 11:17:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-10-17 11:17:01 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-10-17 11:17:01 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-10-17 11:17:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-10-17 11:17:01 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-10-17 11:17:00 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-10-17 11:17:00 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-10-17 11:17:00 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-10-17 11:16:59 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-10-17 11:16:59 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-10-17 11:16:59 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-10-17 11:16:58 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-10-17 11:16:58 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-10-17 11:16:58 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-10-17 11:16:58 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-10-17 11:16:58 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-10-17 11:16:57 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-10-17 11:16:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-10-17 11:16:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-10-17 11:16:56 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-10-17 11:16:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-10-17 11:16:56 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-10-17 11:16:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-10-17 11:16:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-10-17 11:16:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-10-17 11:16:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-10-17 11:16:55 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-10-17 11:16:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-10-17 11:16:55 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-10-17 11:16:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-10-17 11:16:55 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-10-17 11:16:55 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-10-17 11:16:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-10-17 11:16:55 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-10-17 11:16:54 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-10-17 11:16:54 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-10-17 11:16:53 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-10-17 11:16:52 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-10-17 11:16:52 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-10-17 11:16:52 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-10-17 11:16:52 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-10-17 11:16:52 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-10-17 11:16:51 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-10-17 11:16:51 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-10-17 11:16:51 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-10-17 11:16:50 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-10-17 11:16:50 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-10-17 11:16:49 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-10-17 11:16:49 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-10-17 11:16:48 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-10-17 11:16:48 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-10-17 11:16:47 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-10-17 11:16:47 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-10-17 11:16:47 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-10-17 11:16:44 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-10-17 11:10:39 ----D---- C:\Program Files (x86)\Codemasters
2010-10-12 10:02:35 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-10-12 10:02:35 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-10-12 10:01:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-10-12 10:01:56 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-10-12 10:01:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-10-12 10:01:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-10-12 10:01:54 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-10-12 10:01:54 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-10-12 10:01:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-10-12 10:01:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-10-12 10:01:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-10-12 10:01:51 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-10-12 10:01:51 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-10-12 10:01:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-10-12 10:01:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-10-12 09:54:38 ----D---- C:\Program Files (x86)\Capcom
2010-10-12 09:32:07 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-10-12 09:31:40 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-10-12 09:31:19 ----D---- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
2010-10-12 09:31:16 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-10-12 09:06:11 ----A---- C:\Windows\WORDPAD.INI
2010-10-09 20:12:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-10-09 15:04:55 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2010-10-09 15:04:15 ----D---- C:\Program Files (x86)\VideoLAN
2010-10-09 13:16:40 ----D---- C:\Program Files (x86)\uTorrent
2010-10-09 13:16:08 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent

======List of files/folders modified in the last 1 months======

2010-10-29 10:42:48 ----D---- C:\Windows\Temp
2010-10-29 10:42:45 ----RD---- C:\Program Files
2010-10-29 09:47:53 ----D---- C:\Windows\system32\config
2010-10-29 09:47:50 ----D---- C:\Windows\winsxs
2010-10-29 09:37:49 ----SHD---- C:\Windows\Installer
2010-10-29 09:37:48 ----HD---- C:\Config.Msi
2010-10-29 09:37:40 ----RD---- C:\Program Files (x86)
2010-10-29 09:37:40 ----D---- C:\Windows\SysWOW64
2010-10-29 09:37:31 ----SHD---- C:\System Volume Information
2010-10-29 09:36:36 ----HD---- C:\ProgramData
2010-10-29 09:21:03 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2010-10-28 20:10:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-28 20:10:02 ----D---- C:\Windows\system32\NDF
2010-10-28 09:34:19 ----RSD---- C:\Windows\assembly
2010-10-28 09:31:55 ----D---- C:\Windows
2010-10-28 09:31:41 ----D---- C:\Program Files (x86)\Common Files
2010-10-24 14:07:15 ----D---- C:\Windows\System32
2010-10-24 14:07:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-24 14:07:14 ----D---- C:\Windows\inf
2010-10-21 16:43:31 ----D---- C:\Windows\system32\catroot2
2010-10-18 21:23:51 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-10-14 12:08:30 ----D---- C:\Windows\Prefetch
2010-10-12 09:49:08 ----SD---- C:\ProgramData\Microsoft
2010-10-12 09:35:55 ----D---- C:\ProgramData\Adobe
2010-10-12 09:32:07 ----D---- C:\Windows\system32\drivers
2010-10-12 08:24:10 ----D---- C:\Program Files (x86)\Steam
2010-10-12 08:04:56 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-09-30 21:20:26 ----D---- C:\Users\Jirka\AppData\Roaming\TS3Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-12 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 81072]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 aseabgo0;aseabgo0; C:\Windows\system32\drivers\aseabgo0.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-09-26 75064]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-11-17 1353544]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-16 607048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

Myslím si, že mám nějakého BOTa

Zdravim a pekny den preji

Ja si to nemyslim, ja to vim

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL.txt

OTL logfile created on: 29.10.2010 11:08:32 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Jirka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 85,10 Gb Free Space | 28,55% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2010.10.29 11:05:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
PRC - [2010.10.28 20:10:55 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.26 11:50:56 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.09.15 18:13:55 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.2\ICQ.exe
PRC - [2010.04.01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:32 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

========== Modules (SafeList) ==========

MOD - [2010.10.29 11:05:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009.11.17 10:12:18 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.26 11:50:56 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.09.16 07:10:21 | 000,607,048 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.04.01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.17 10:17:36 | 001,353,544 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.11.17 10:12:10 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.10.12 09:32:07 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.03.02 13:35:02 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.02.16 14:24:02 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.10.14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1379387603-2685475807-1095684888-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.09.16 08:58:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.28 20:10:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.28 20:10:56 | 000,000,000 | ---D | M]

[2010.09.15 18:23:35 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla\Extensions
[2010.10.28 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\caranskd.default\extensions
[2010.09.16 07:18:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\caranskd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.15 18:23:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.03.27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.07.23 02:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.23 02:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.23 02:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.23 02:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.23 02:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.09.21 12:51:47 | 000,001,278 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1379387603-2685475807-1095684888-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKU\S-1-5-21-1379387603-2685475807-1095684888-1001..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2010.10.29 11:05:37 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2010.10.29 10:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.10.29 10:42:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.28 09:45:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2010.10.28 09:45:10 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\EA Games
[2010.10.28 09:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010.10.28 09:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010.10.28 09:31:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2010.10.28 09:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.10.27 15:13:53 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Avira
[2010.10.27 14:44:43 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\AliensVsPredator
[2010.10.27 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aliens Vs Predator
[2010.10.24 13:59:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.10.24 13:44:50 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2010.10.24 13:44:49 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2010.10.24 13:44:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2010.10.24 13:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2010.10.24 13:35:43 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

========== Files - Modified Within 7 Days ==========

[2010.10.29 11:05:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2010.10.29 08:56:38 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.29 08:56:38 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.29 08:49:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.29 08:49:02 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.28 11:42:39 | 003,764,899 | ---- | M] () -- C:\Users\Jirka\Desktop\whispere_web.psd
[2010.10.27 14:58:04 | 000,081,920 | RHS- | M] () -- C:\Windows\nvsvc32.exe
[2010.10.24 17:46:26 | 000,000,132 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2010.10.24 14:07:15 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.24 14:07:15 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.10.24 14:07:15 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.24 14:07:15 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.10.24 14:07:15 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.24 13:34:52 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

========== Files Created - No Company Name ==========

[2010.10.27 14:58:04 | 000,081,920 | RHS- | C] () -- C:\Windows\nvsvc32.exe
[2010.10.24 13:44:51 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.10.24 13:44:51 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.10.24 13:44:49 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.10.24 13:44:49 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.10.24 13:44:49 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.10.22 20:18:55 | 003,764,899 | ---- | C] () -- C:\Users\Jirka\Desktop\whispere_web.psd
[2010.10.12 09:06:11 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.09.23 08:13:51 | 000,000,132 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2010.09.20 20:29:35 | 000,000,132 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\Adobe Formát Targa CS5 – předvolby
[2010.09.20 17:28:03 | 000,000,132 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2010.10.12 09:36:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
[2010.09.23 11:44:50 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\FileZilla
[2010.10.29 09:21:03 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ICQ
[2010.09.22 11:58:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.09.30 21:20:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TS3Client
[2010.09.16 07:10:10 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TuneUp Software
[2010.10.29 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\uTorrent
[2010.10.23 21:34:00 | 000,000,000 | ---D | M] -- C:\Users\Krepelkovi\AppData\Roaming\ICQ
[2010.09.17 17:24:18 | 000,000,000 | ---D | M] -- C:\Users\Krepelkovi\AppData\Roaming\TuneUp Software
[2009.07.14 07:08:49 | 000,032,156 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- File not found
"NVIDIA driver monitor" = C:\Windows\nvsvc32.exe -- [2010.10.27 14:58:04 | 000,081,920 | RHS- | M] ()

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2009.09.11 17:22:34 | 000,592,208 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.09.29 16:12:11 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2010.09.22 11:58:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe Mini Bridge CS5
[2010.09.20 19:52:01 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Ahead
[2010.10.27 15:13:53 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Avira
[2010.10.12 09:36:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
[2010.09.23 11:44:50 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\FileZilla
[2010.10.29 09:21:03 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ICQ
[2010.09.15 17:10:08 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Identities
[2010.09.15 18:46:43 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Media Center Programs
[2010.09.20 10:44:22 | 000,000,000 | --SD | M] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2010.09.15 18:23:35 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla
[2010.09.22 11:58:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.09.30 21:20:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TS3Client
[2010.09.16 07:10:10 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TuneUp Software
[2010.10.29 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\uTorrent
[2010.10.09 15:38:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\vlc
[2010.09.16 06:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.09.16 08:19:10 | 000,038,784 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.09.16 08:22:11 | 000,010,134 | R--- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< End of report >

Extras.txt

OTL Extras logfile created on: 29.10.2010 11:08:32 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Jirka\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 85,10 Gb Free Space | 28,55% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1379387603-2685475807-1095684888-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Jirka\Desktop\Download\P17535732.JPG-www.facebook.exe" = C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
"C:\Users\Jirka\Desktop\Download\P17535732.JPG-www.facebook.exe" = C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UDK-b7e65bb2-375a-432a-800d-b3182d495dcc" = Unreal Development Kit: 2010-08
"UDK-d4c83f2b-aa09-462c-b549-5a2469989f85" = Unreal Development Kit: 2010-09
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.3.4
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Steam App 13140" = America's Army 3
"TuneUp Utilities" = TuneUp Utilities
"uTorrent" = µTorrent
"Vietcong" = Vietcong
"VLC media player" = VLC media player 1.1.4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1379387603-2685475807-1095684888-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bc3d19583e42009e" = TS3 Admin

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.10.2010 12:16:04 | Computer Name = Jirka-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 7.10.2010 2:01:27 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 1.9.2.3909 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e54 Čas spuštění: 01cb65e1c0ca8e69 Čas ukončení: 6 Cesta k aplikaci: C:\Program Files
(x86)\Mozilla Firefox\firefox.exe ID hlášení:

Error - 24.10.2010 7:56:31 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program avscan.exe verze 10.0.3.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e2c Čas spuštění: 01cb7372786f2d75 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Avira\AntiVir Desktop\avscan.exe ID hlášení: bd262b18-df65-11df-b4ba-001d92d91baa

Error - 27.10.2010 8:24:39 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SimPack.exe, verze: 0.0.0.0, časové razítko:
0x49a9a89f Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0002e23e ID chybujícího procesu:
0x854 Čas spuštění chybující aplikace: 0x01cb75d1e41d8b81 Cesta k chybující aplikaci:
C:\Users\Jirka\AppData\Local\Temp\SimPack.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 2ae134a1-e1c5-11df-9115-001d92d91baa

Error - 27.10.2010 8:24:43 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SimPack.exe, verze: 0.0.0.0, časové razítko:
0x49a9a89f Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0002e23e ID chybujícího procesu:
0xb20 Čas spuštění chybující aplikace: 0x01cb75d1ee38af3e Cesta k chybující aplikaci:
C:\Users\Jirka\AppData\Local\Temp\SimPack.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 2cc210e9-e1c5-11df-9115-001d92d91baa

Error - 27.10.2010 9:00:29 | Computer Name = Jirka-PC | Source = VSS | ID = 8194
Description =

Error - 27.10.2010 14:59:56 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nvsvc32.exe, verze: 0.0.0.0, časové razítko:
0x4cbce365 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x0003b5a0 ID chybujícího procesu:
0xa14 Čas spuštění chybující aplikace: 0x01cb7606f8b6b129 Cesta k chybující aplikaci:
C:\Windows\nvsvc32.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 6322c24d-e1fc-11df-8bf7-001d92d91baa

Error - 28.10.2010 1:12:47 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nvsvc32.exe, verze: 0.0.0.0, časové razítko:
0x4cbce365 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x00034208 ID chybujícího procesu:
0xa6c Čas spuštění chybující aplikace: 0x01cb765e8ca57328 Cesta k chybující aplikaci:
C:\Windows\nvsvc32.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 007a2f7d-e252-11df-b39a-001d92d91baa

Error - 28.10.2010 12:40:39 | Computer Name = Jirka-PC | Source = VSS | ID = 8194
Description =

Error - 29.10.2010 4:10:42 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: nvsvc32.exe, verze: 0.0.0.0, časové razítko:
0x4cbce365 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdb3b Kód výjimky: 0xc0000005 Posun chyby: 0x00033100 ID chybujícího procesu:
0x994 Čas spuštění chybující aplikace: 0x01cb773d1785c038 Cesta k chybující aplikaci:
C:\Windows\nvsvc32.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 05a62195-e334-11df-87f9-001d92d91baa

[ System Events ]
Error - 2.10.2010 5:09:58 | Computer Name = Jirka-PC | Source = NetBT | ID = 4300
Description = Ovladač nelze vytvořit.

Error - 2.10.2010 5:16:10 | Computer Name = Jirka-PC | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 2.10.2010 12:15:45 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 3.10.2010 15:41:37 | Computer Name = Jirka-PC | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 12.10.2010 1:45:10 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 12.10.2010 1:45:13 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 12.10.2010 1:45:15 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 24.10.2010 7:38:37 | Computer Name = Jirka-PC | Source = DCOM | ID = 10010
Description =

Error - 28.10.2010 3:29:46 | Computer Name = Jirka-PC | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 28.10.2010 3:38:52 | Computer Name = Jirka-PC | Source = VDS Basic Provider | ID = 33554433
Description =

< End of report >

Nize uvedene upravy hosts souboru mate umysle, pripadne proc

eX1 píše:O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

Nemám, ale jsem grafik takže mám to trochu upraveny, ale klidně pokud nějak toto vadí můžu to odstranit.

Upravene tak, aby nebylo mozno zjistit ze pouzivate nelegalni produkty, ze

Provedte krok dle navodu kolegy

pitimir píše:Stiahni ToolBar S&D. Zavri vsetky spustene prehliadace a spust program. Vyber jazyk - v pripade anglictiny stlac E -> Enter. Vyskoci na teba okno, po jeho odkliknuti sa dostanes do dalsieho menu. V nom stlac 2 -> Enter. Pockaj, kym sa neskonci scan a posli vytvoreny log.

Když stisknu 2 a pak ENTER tak se to vypne a žádný scan se neudělá.

Podle mě bude problém s v tom že to pod Windows 7 Ultimate 64bit nejede.

vyosek píše: Upravene tak, aby nebylo mozno zjistit ze pouzivate nelegalni produkty, ze

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Ano je to nelegalni software, proto je pravděpodobně ta uprava těch DNS.

Ale myslím si že v tomto problém není. Adobe bych z toho vynechal, protože mě to hlásí problém s botama ne s crackama

CKScanner vám ukáže jen cracky.

Vzhledem k tomu, ze pouzivate nelegalni SW Obrázek

se nedivim, ze jste navstevnikem naseho fora

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek

.

Odinstalujte veskery nelegalni SW a smazte cracky

Dejte log z CK Scanneru

Na PC s nelegalnimi programy jsou opravy a mazani haveti vetsinou zbytecne, jelikoz neni jiste zda bude vsechno fungovat a navic jsou zcela jiste nekde otevrene zadni vratka, takze se havet muze vracet

Ten boot program se Vam tak klidne mohl dostat i pres nejaky crack k adobe, az splnite vyse uvedene body, budu pokracovat...

Windows Defender mi hlasí:
\Win32/IRCbot.gen
\system32\nvsvc32.exe

CKScanner nic.

EDIT: Zajímavé je, že se mi to dostalo až ted nedávno, ale adobe mám už asi 3 měsíce.

Provedte kroky co jsem psal a pak budem pokracovat...Cim dele to budete protahovat, tim hure pro Vas a havet se bude pekne po PC sirit a mozne jit system pekne i do kytek

Dokud neodstranite nelegal SW a cracky a neuvidim log z CKS odmitam pokracovat

Havet nemusi byt aktivni hned, muze i vyckavat aby bylo slozitejsi zjistit, s cim se do PC dostala...Ja jsem Vam postup dal, az jej splnite, pujdeme dale...

A prosim needitujte sve prispevky, nemusim si toho vsimnou...

VIRY.CZ

Prosím najdete problem

Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem

Re: Prosím najdete problem