prosim o kontrolu logu, problemy se zvukem

[Zden!a]

Dobry den, prosim o kontrolu logu

Od jiste doby se objevily problemy s prehravanim jakychkoliv videi na internetu - konkretne se zvukem, at jiz na youtube, streamu atp. - zvuk je velmi ztlumeny, respektive jako by vychazel napr. z plechovky Pritom pri prehravani jakychkoliv souboru napr. ve wmp, bs playeru se neobjevi zadny problem, zvuk hraje, jak ma ....

Prikladam log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by rodina at 2010-12-23 20:19:00
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 70 GB (53%) free of 131 GB
Total RAM: 2047 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:21, on 23.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
H:\WINDOWS\system32\oodtray.exe
H:\Program Files\Zune\ZuneLauncher.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\WINDOWS\ATKKBService.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast5\avastUI.exe
H:\Program Files\ICQ6Toolbar\ICQ Service.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\uTorrent\utorrent.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\System32\svchost.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\oodag.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\PnkBstrB.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\ZuneBusEnum.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
H:\Program Files\Total Uninstall 4\Tu.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\rodina\Dokumenty\Downloads\RSIT.exe
H:\Program Files\trend micro\rodina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl8] "H:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "H:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [OM2_Monitor] "H:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [OODefragTray] H:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [Zune Launcher] "H:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] H:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "H:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OM2_Monitor] "H:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [uTorrent] "H:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E2E398A-5FAE-4314-A86D-520738E87E49}: NameServer = 213.180.32.2,213.180.33.225
O17 - HKLM\System\CS1\Services\Tcpip\..\{2E2E398A-5FAE-4314-A86D-520738E87E49}: NameServer = 213.180.32.2,213.180.33.225
O17 - HKLM\System\CS2\Services\Tcpip\..\{2E2E398A-5FAE-4314-A86D-520738E87E49}: NameServer = 213.180.32.2,213.180.33.225
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\System32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - H:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - H:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10818 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1708537768-839522115-1004Core.job
H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1708537768-839522115-1004UA.job
H:\WINDOWS\tasks\PCConfidential.job
H:\WINDOWS\tasks\RegPowerClean.job
H:\WINDOWS\tasks\RPCReminder.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - H:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"NvCplDaemon"=H:\WINDOWS\system32\NvCpl.dll [2008-11-12 13672448]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=H:\WINDOWS\system32\NvMcTray.dll [2008-11-12 86016]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
"RemoteControl8"=H:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=H:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"OM2_Monitor"=H:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2008-11-07 54576]
"OODefragTray"=H:\WINDOWS\system32\oodtray.exe [2009-04-08 2553088]
"Zune Launcher"=H:\Program Files\Zune\ZuneLauncher.exe [2009-09-04 158448]
"HP Software Update"=H:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"SunJavaUpdateSched"=H:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"amd_dc_opt"=H:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=H:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"OM2_Monitor"=H:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536]
"uTorrent"=H:\Program Files\uTorrent\utorrent.exe [2010-08-16 327472]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-12-20 135664]

H:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"H:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="H:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"H:\WINDOWS\system32\PnkBstrA.exe"="H:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"H:\WINDOWS\system32\PnkBstrB.exe"="H:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe"="H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"H:\Program Files\ICQ6.5\ICQ.exe"="H:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"H:\Program Files\uTorrent\utorrent.exe"="H:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"H:\QIP Infium JadrisPack\infium.exe"="H:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"H:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="H:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"H:\Program Files\ICQ7.2\ICQ.exe"="H:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"H:\Program Files\ICQ7.2\aolload.exe"="H:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe"="H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"H:\Program Files\ICQ7.2\ICQ.exe"="H:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"H:\Program Files\ICQ7.2\aolload.exe"="H:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-12-22 15:47:42 ----A---- H:\WINDOWS\system32\drivers\aswSP.sys
2010-12-22 15:47:42 ----A---- H:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-22 15:47:41 ----A---- H:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-22 15:47:40 ----A---- H:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-22 15:47:38 ----A---- H:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-22 15:47:38 ----A---- H:\WINDOWS\system32\drivers\aswmon.sys
2010-12-22 15:47:37 ----A---- H:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-22 15:47:22 ----A---- H:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 months======

2010-12-23 20:19:16 ----D---- H:\Documents and Settings\rodina\Data aplikací\uTorrent
2010-12-23 20:19:12 ----D---- H:\WINDOWS\Prefetch
2010-12-23 20:19:03 ----D---- H:\Program Files\Trend Micro
2010-12-23 20:19:02 ----AD---- H:\WINDOWS\temp
2010-12-23 18:18:38 ----A---- H:\WINDOWS\SchedLgU.Txt
2010-12-23 18:18:18 ----D---- H:\Documents and Settings\rodina\Data aplikací\vlc
2010-12-23 13:38:08 ----D---- H:\Documents and Settings\rodina\Data aplikací\dvdcss
2010-12-22 15:47:42 ----D---- H:\WINDOWS\system32\drivers
2010-12-22 15:47:36 ----HD---- H:\Config.Msi
2010-12-22 15:47:35 ----SHD---- H:\WINDOWS\Installer
2010-12-22 15:47:35 ----D---- H:\WINDOWS\WinSxS
2010-12-22 15:47:24 ----D---- H:\WINDOWS
2010-12-22 15:47:22 ----D---- H:\WINDOWS\system32
2010-12-22 15:47:16 ----D---- H:\Program Files\Alwil Software
2010-12-21 22:43:58 ----D---- H:\WINDOWS\system32\CatRoot2
2010-12-21 20:06:58 ----A---- H:\WINDOWS\NeroDigital.ini
2010-11-26 08:46:52 ----D---- H:\WINDOWS\system32\oodag

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; H:\WINDOWS\System32\Drivers\sptd.sys [2010-03-24 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; H:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 asuskbnt;Enhanced Display Driver Helper Service; H:\WINDOWS\system32\drivers\atkkbnt.sys [2007-10-23 11136]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 intelppm;Řadič procesoru Intel; H:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SbFw;SbFw; H:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 StarOpen;StarOpen; H:\WINDOWS\system32\drivers\StarOpen.sys [2009-07-07 5632]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\H:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;aswMon2; H:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; H:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-10 278728]
R2 fssfltr;FssFltr; H:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 lirsgt;lirsgt; H:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-10 25416]
R2 zumbus;Zune Bus Enumerator Driver; H:\WINDOWS\system32\DRIVERS\zumbus.sys [2009-09-02 40832]
R3 AmdLLD;AMD Low Level Device Driver; H:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; H:\WINDOWS\system32\drivers\asusgsb.sys [2007-10-23 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; H:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; H:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; H:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-11-12 6188320]
R3 pcouffin;VSO Software pcouffin; H:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-06 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; H:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; H:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; H:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; H:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Video3D;ASUS Video3D Service; H:\WINDOWS\System32\Drivers\Video3D32.sys [2007-10-23 10752]
R3 Wdf01000;Kernel Mode Driver Frameworks service; H:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 sbhips;Sunbelt HIPS Driver; H:\WINDOWS\system32\drivers\sbhips.sys []
S3 azi0fy7a;azi0fy7a; H:\WINDOWS\system32\drivers\azi0fy7a.sys []
S3 azr9vrvd;azr9vrvd; H:\WINDOWS\system32\drivers\azr9vrvd.sys []
S3 CCDECODE;Dekodér Closed Caption; H:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; H:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; H:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; H:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; H:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; H:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; H:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; H:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; H:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); H:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; H:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; H:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 StMp3Rec;Player Recovery Device Control Driver; H:\WINDOWS\System32\Drivers\StMp3Rec.sys [2007-06-15 19840]
S3 streamip;BDA IPSink; H:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; H:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; H:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; H:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WpdUsb;WpdUsb; H:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; H:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; H:\WINDOWS\ATKKBService.exe [2007-10-23 262144]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; H:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; H:\WINDOWS\system32\nvsvc32.exe [2008-11-12 163908]
R2 O&O Defrag;O&O Defrag; H:\WINDOWS\system32\oodag.exe [2009-04-08 1377536]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; H:\WINDOWS\system32\PnkBstrA.exe [2008-11-21 66872]
R2 PnkBstrB;PnkBstrB; H:\WINDOWS\system32\PnkBstrB.exe [2008-12-04 107832]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ZuneBusEnum;Zune Bus Enumerator; H:\WINDOWS\system32\ZuneBusEnum.exe [2009-09-04 58592]
R3 avast! Mail Scanner;avast! Mail Scanner; H:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; H:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny; H:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; H:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 ZuneNetworkSvc;Zune Network Sharing Service; H:\Program Files\Zune\ZuneNss.exe [2009-09-04 5893360]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; H:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2009-09-04 447216]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobré ranko

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Zden!a]

Zeptam se, je mozny, aby ten scan trval treba hodinu a pul?

[motji]

Vyjímečně ano , nechte ho maximálně 3 hodiny, pak když tak počítač restartujte a zkuste to v nouzovém režimu, nebo počkejte na mě.

[Zden!a]

dobra ....

[motji]

Jak to dopadlo?

[Zden!a]

Spatne ...ani po 3 hodinach v normalnim a ani v nouzovym rezimu scan neskoncil ...

[motji]

U jaké fáze skončil?

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde



Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[Zden!a]

U combofixu vse skoncilo u modre tabulky s textem.
Co se tyka programu gmer, tak ten jakmile spustim, tak prestane uplne reagovat, takze ani nemuzu dat log ....

OTL Extras logfile created on: 26.12.2010 10:14:53 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = H:\Documents and Settings\rodina\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive H: | 127,99 Gb Total Space | 78,68 Gb Free Space | 61,47% Space Free | Partition Type: NTFS
Drive I: | 337,77 Gb Total Space | 13,13 Gb Free Space | 3,89% Space Free | Partition Type: NTFS

Computer Name: POCITAC | User Name: rodina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\ICQ7.2\ICQ.exe" = H:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"H:\Program Files\ICQ7.2\aolload.exe" = H:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = H:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"H:\Program Files\ICQ6.5\ICQ.exe" = H:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"H:\Program Files\uTorrent\utorrent.exe" = H:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"H:\QIP Infium JadrisPack\infium.exe" = H:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium -- File not found
"H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = H:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = H:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"H:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = H:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"H:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = H:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = H:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = H:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"H:\Program Files\ICQ7.2\ICQ.exe" = H:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"H:\Program Files\ICQ7.2\aolload.exe" = H:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3143 Banner Remover 1.0
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 22
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Gamer OSD
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.106e
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = The Sims™ 3 Vytvořit Simíka
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9601039B-E012-42DA-9EF1-42E914734E1A}" = Windows Live Zabezpečení rodiny
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3A54A70-1CFA-4D79-ACD6-5AA2A98C212F}" = Samsung PC Studio 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E68C446D-D95A-4160-AC39-DE7062422985}" = OLYMPUS Master 2
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"µTorrent CZ_is1" = µTorrent CZ 1.7.7 (build 8179)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.45
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Image Grabber II" = Image Grabber II
"InstallShield_{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS Smart Doctor
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.7.8
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"QIP Infium JadrisPack 4.2.1" = QIP Infium JadrisPack 4.2.1
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"Total Uninstall 4_is1" = Total Uninstall 4.8.0
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.5
"VorbisCodec" = Ogg Vorbis ACM Codec
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zune" = Zune

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\TSS Instrument API\instruments\cmnsignalanalyzerfn.dll failed to register.
HRESULT -2147220473. Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\bfatautotuneui.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\rxbandfiltrespcompui.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\gsmgxkeyboardtestui.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\gsmgautotuneui.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\cmnfaultlogsettings.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\cmnmultiprommerfn.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 20.9.2010 8:13:08 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11904
Description = Product: Phoenix Service Software -- Error 1904.Module H:\Program
Files\Nokia\Phoenix\cmnmultiprommeramsui.dll failed to register. HRESULT -2147220473.
Contact your support personnel.

Error - 1.10.2010 4:42:45 | Computer Name = POCITAC | Source = MsiInstaller | ID = 11905
Description = Product: Phoenix Service Software -- Error 1905.Module H:\Program
Files\Nokia\Phoenix\gsmgautotuneui.dll failed to unregister. HRESULT -2147220472.
Contact your support personnel.

Error - 11.11.2010 16:49:14 | Computer Name = POCITAC | Source = Application Error | ID = 1000
Description = Chybující aplikace avast.setup, verze 4.8.0.0, chybující modul ntdll.dll,
verze 5.1.2600.5755, adresa chyby 0x00011689.

[ OSession Events ]
Error - 25.2.2009 10:45:17 | Computer Name = POCITAC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 24.12.2010 9:12:15 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 24.12.2010 14:34:03 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 24.12.2010 14:35:23 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 24.12.2010 14:35:23 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sbhips

Error - 25.12.2010 15:05:20 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 25.12.2010 15:06:41 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 25.12.2010 15:06:41 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sbhips

Error - 26.12.2010 4:42:19 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 26.12.2010 4:43:39 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 26.12.2010 4:43:39 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sbhips


< End of report >

[Zden!a]

OTL - 1. cast, musel jsem to rozpulit, protoze cely se to sem neveslo - moc znaku

OTL logfile created on: 26.12.2010 10:14:53 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = H:\Documents and Settings\rodina\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive H: | 127,99 Gb Total Space | 78,68 Gb Free Space | 61,47% Space Free | Partition Type: NTFS
Drive I: | 337,77 Gb Total Space | 13,13 Gb Free Space | 3,89% Space Free | Partition Type: NTFS

Computer Name: POCITAC | User Name: rodina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.26 09:58:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\rodina\Plocha\OTL.exe
PRC - [2010.12.09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.10.21 16:05:36 | 000,134,808 | ---- | M] (Google Inc.) -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- H:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- H:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.08.16 14:41:58 | 000,327,472 | ---- | M] (BitTorrent, Inc.) -- H:\Program Files\uTorrent\utorrent.exe
PRC - [2009.09.04 13:16:54 | 000,158,448 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009.09.04 13:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2009.04.08 00:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) -- H:\WINDOWS\system32\oodag.exe
PRC - [2009.04.08 00:39:50 | 002,553,088 | ---- | M] (O&O Software GmbH) -- H:\WINDOWS\system32\oodtray.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2008.03.20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- H:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2007.10.23 17:46:30 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) -- H:\WINDOWS\ATKKBService.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (SafeList) ==========

MOD - [2010.12.26 09:58:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\rodina\Plocha\OTL.exe
MOD - [2006.05.03 21:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - File not found [Auto | Stopped] -- H:\ComboFix\PEV.cfx -- (PEVSystemStart)
SRV - File not found [Disabled | Stopped] -- H:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- H:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- H:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- H:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.04.27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- H:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.09.04 13:17:00 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009.09.04 13:16:54 | 005,893,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009.09.04 13:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- H:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2009.04.08 00:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) [Auto | Running] -- H:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2009.02.06 17:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2007.10.23 17:46:30 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- H:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- H:\WINDOWS\System32\drivers\sbhips.sys -- (sbhips)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\WINDOWS\TEMP\catchme.sys -- (catchme)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- H:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- H:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- H:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.24 13:53:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.07.10 20:36:51 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.07.10 20:36:50 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.07.07 18:59:05 | 000,005,632 | ---- | M] () [File_System | System | Running] -- H:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.02.06 17:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008.11.12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.10.31 11:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.10.31 06:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.21 03:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.01 17:24:04 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- H:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2007.11.01 09:56:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\l151x86.sys -- (AtcL001)
DRV - [2007.10.23 17:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007.10.23 17:48:14 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D)
DRV - [2007.10.23 17:48:12 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.06.15 09:49:30 | 000,019,840 | R--- | M] (Generic) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2005.08.30 00:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005.08.30 00:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005.08.30 00:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 C8 74 7F 29 7C CA 01 [binary data]
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-436374069-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2010.10.18 16:10:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2010.11.26 08:50:58 | 000,000,000 | ---D | M]

[2010.10.18 16:10:58 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Mozilla\Extensions
[2010.12.23 21:04:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Mozilla\Firefox\Profiles\vjz1diuz.default\extensions
[2010.12.19 09:52:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- H:\Documents and Settings\rodina\Data aplikací\Mozilla\Firefox\Profiles\vjz1diuz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.23 21:04:37 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\rodina\Data aplikací\Mozilla\Firefox\Profiles\vjz1diuz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Mozilla\Firefox\Profiles\vjz1diuz.default\searchplugins\icqplugin.xml
[2010.10.18 16:10:46 | 000,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions
[2010.09.14 22:10:37 | 000,000,638 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.14 22:10:37 | 000,001,687 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.14 22:10:37 | 000,001,367 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.14 22:10:37 | 000,000,654 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.14 22:10:37 | 000,001,179 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.12.23 21:51:48 | 000,316,539 | R--- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10886 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - H:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [amd_dc_opt] H:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast5] H:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OM2_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [OODefragTray] H:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] H:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] H:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [Zune Launcher] H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-436374069-1708537768-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-436374069-1708537768-839522115-1004..\Run: [OM2_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-436374069-1708537768-839522115-1004..\Run: [uTorrent] H:\Program Files\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-1708537768-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: H:\Documents and Settings\rodina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\rodina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - H:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - H:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - H:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll File not found

Drivers32: msacm.ac3acm - H:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - divxa32.acm File not found
Drivers32: msacm.iac2 - H:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - H:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - H:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - H:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - H:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - H:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - H:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.asv2 - H:\WINDOWS\System32\ASUSASV2.DLL ()
Drivers32: vidc.cvid - H:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIV3 - DivXc32.dll File not found
Drivers32: VIDC.DIV4 - H:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: VIDC.FFDS - H:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - H:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - H:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - H:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - H:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - H:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - H:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - H:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - H:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - H:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - H:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)

========== Files/Folders - Created Within 30 Days ==========

[2010.12.26 09:58:52 | 000,602,624 | ---- | C] (OldTimer Tools) -- H:\Documents and Settings\rodina\Plocha\OTL.exe
[2010.12.24 14:12:31 | 000,000,000 | --SD | C] -- H:\ComboFix
[2010.12.24 08:54:06 | 000,212,480 | ---- | C] (SteelWerX) -- H:\WINDOWS\SWXCACLS.exe
[2010.12.24 08:54:06 | 000,161,792 | ---- | C] (SteelWerX) -- H:\WINDOWS\SWREG.exe
[2010.12.24 08:54:06 | 000,136,704 | ---- | C] (SteelWerX) -- H:\WINDOWS\SWSC.exe
[2010.12.24 08:54:06 | 000,031,232 | ---- | C] (NirSoft) -- H:\WINDOWS\NIRCMD.exe
[2010.12.24 08:54:00 | 000,000,000 | ---D | C] -- H:\WINDOWS\ERDNT
[2010.12.24 08:53:55 | 000,000,000 | ---D | C] -- H:\Qoobox
[2010.12.23 21:04:14 | 000,000,000 | ---D | C] -- H:\Program Files\ICQ7.2
[2010.12.22 15:47:42 | 000,165,584 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswSP.sys
[2010.12.22 15:47:42 | 000,017,744 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.12.22 15:47:41 | 000,023,376 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswRdr.sys
[2010.12.22 15:47:40 | 000,046,672 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswTdi.sys
[2010.12.22 15:47:38 | 000,100,176 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswmon2.sys
[2010.12.22 15:47:38 | 000,094,544 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aswmon.sys
[2010.12.22 15:47:37 | 000,028,880 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\drivers\aavmker4.sys
[2010.12.22 15:47:24 | 000,038,848 | ---- | C] (AVAST Software) -- H:\WINDOWS\avastSS.scr
[2010.12.22 15:47:22 | 000,167,592 | ---- | C] (AVAST Software) -- H:\WINDOWS\System32\aswBoot.exe
[2009.02.02 14:09:57 | 000,047,360 | ---- | C] (VSO Software) -- H:\Documents and Settings\rodina\Data aplikací\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010.12.26 10:10:03 | 000,001,030 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1708537768-839522115-1004UA.job
[2010.12.26 09:58:53 | 000,602,624 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\rodina\Plocha\OTL.exe
[2010.12.26 09:45:31 | 000,196,608 | ---- | M] () -- H:\WINDOWS\System32\drivers\nStandard.bin
[2010.12.26 09:44:16 | 000,196,554 | ---- | M] () -- H:\WINDOWS\System32\nvapps.xml
[2010.12.26 09:44:11 | 000,000,434 | ---- | M] () -- H:\WINDOWS\tasks\RegPowerClean.job
[2010.12.26 09:44:11 | 000,000,420 | ---- | M] () -- H:\WINDOWS\tasks\RPCReminder.job
[2010.12.26 09:44:11 | 000,000,416 | ---- | M] () -- H:\WINDOWS\tasks\PCConfidential.job
[2010.12.26 09:42:02 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2010.12.26 09:42:00 | 001,888,683 | ---- | M] () -- H:\WINDOWS\System32\oodbs.lor
[2010.12.25 22:18:14 | 000,000,663 | ---- | M] () -- H:\Documents and Settings\rodina\Data aplikací\vso_ts_preview.xml
[2010.12.25 20:04:58 | 000,002,422 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2010.12.24 11:41:37 | 000,032,256 | ---- | M] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.24 11:23:02 | 010,126,090 | ---- | M] () -- H:\Documents and Settings\rodina\Dokumenty\YouTube - Helloween - Power 1996.flv
[2010.12.24 08:48:19 | 003,998,057 | R--- | M] () -- H:\Documents and Settings\rodina\Plocha\ComboFix.exe
[2010.12.23 21:51:48 | 000,316,539 | R--- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts
[2010.12.23 21:04:47 | 000,001,487 | ---- | M] () -- H:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.12.23 17:10:00 | 000,000,978 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1708537768-839522115-1004Core.job
[2010.12.22 15:47:43 | 000,001,700 | ---- | M] () -- H:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.12.22 15:47:39 | 000,002,553 | ---- | M] () -- H:\WINDOWS\System32\CONFIG.NT
[2010.12.21 20:06:58 | 000,000,069 | ---- | M] () -- H:\WINDOWS\NeroDigital.ini
[2010.12.15 18:10:57 | 000,002,266 | ---- | M] () -- H:\Documents and Settings\rodina\Plocha\Google Chrome.lnk
[2010.11.30 18:58:35 | 000,000,116 | ---- | M] () -- H:\Documents and Settings\rodina\default.pls

========== Files Created - No Company Name ==========

[2010.12.24 11:23:02 | 010,126,090 | ---- | C] () -- H:\Documents and Settings\rodina\Dokumenty\YouTube - Helloween - Power 1996.flv
[2010.12.24 08:54:06 | 000,256,512 | ---- | C] () -- H:\WINDOWS\PEV.exe
[2010.12.24 08:54:06 | 000,098,816 | ---- | C] () -- H:\WINDOWS\sed.exe
[2010.12.24 08:54:06 | 000,089,088 | ---- | C] () -- H:\WINDOWS\MBR.exe
[2010.12.24 08:54:06 | 000,080,412 | ---- | C] () -- H:\WINDOWS\grep.exe
[2010.12.24 08:54:06 | 000,068,096 | ---- | C] () -- H:\WINDOWS\zip.exe
[2010.12.24 08:48:09 | 003,998,057 | R--- | C] () -- H:\Documents and Settings\rodina\Plocha\ComboFix.exe
[2010.12.23 21:04:47 | 000,001,487 | ---- | C] () -- H:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.12.22 15:47:43 | 000,001,700 | ---- | C] () -- H:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.11.21 20:16:26 | 000,000,832 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (5).nast
[2010.11.21 20:15:31 | 000,000,494 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (5).err
[2010.11.21 20:15:20 | 000,000,832 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\mlyn.nast
[2010.11.21 20:14:57 | 000,000,046 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\mlyn.err
[2010.11.21 18:29:30 | 000,001,096 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (4).nast
[2010.11.21 18:29:25 | 000,000,905 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (4).err
[2010.11.21 18:26:07 | 000,000,832 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (3).nast
[2010.11.21 18:25:53 | 000,000,046 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (3).err
[2010.11.21 18:25:40 | 000,000,792 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (2).nast
[2010.11.21 18:25:37 | 000,000,046 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (2).err
[2010.11.18 20:29:39 | 000,000,038 | ---- | C] () -- H:\WINDOWS\avisplitter.ini
[2010.11.18 20:29:37 | 002,931,712 | ---- | C] () -- H:\WINDOWS\System32\x264vfw.dll
[2010.11.18 20:29:28 | 000,790,528 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll
[2010.11.18 20:29:28 | 000,134,144 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll
[2010.11.18 20:29:27 | 000,108,032 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll
[2010.11.18 17:26:28 | 000,000,792 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (1).nast
[2010.11.18 17:26:23 | 000,000,046 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader (1).err
[2010.11.17 17:52:56 | 000,000,792 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader.nast
[2010.11.17 17:52:43 | 000,000,046 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\SRDownloader.err
[2010.08.07 19:13:28 | 000,005,000 | ---- | C] () -- H:\Documents and Settings\All Users\Data aplikací\xqkcebzs.dik
[2010.08.07 19:13:26 | 000,004,886 | ---- | C] () -- H:\Documents and Settings\All Users\Data aplikací\kgkketov.ixb
[2010.03.24 13:53:15 | 000,691,696 | ---- | C] () -- H:\WINDOWS\System32\drivers\sptd.sys
[2010.01.05 16:09:04 | 000,005,435 | ---- | C] () -- H:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.09.28 06:49:11 | 000,000,067 | ---- | C] () -- H:\WINDOWS\DVDRegionFree.INI
[2009.07.12 12:38:41 | 000,000,518 | ---- | C] () -- H:\WINDOWS\wininit.ini
[2009.07.10 20:36:51 | 000,278,728 | ---- | C] () -- H:\WINDOWS\System32\drivers\atksgt.sys
[2009.07.10 20:36:50 | 000,025,416 | ---- | C] () -- H:\WINDOWS\System32\drivers\lirsgt.sys
[2009.07.07 19:08:32 | 000,000,000 | ---- | C] () -- H:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2009.07.07 18:52:38 | 000,005,632 | ---- | C] () -- H:\WINDOWS\System32\drivers\StarOpen.sys
[2009.05.23 14:49:32 | 000,000,056 | ---- | C] () -- H:\WINDOWS\videotoaudio.ini
[2009.03.21 18:02:41 | 000,000,151 | ---- | C] () -- H:\WINDOWS\PhotoSnapViewer.INI
[2009.02.05 11:24:33 | 000,000,663 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\vso_ts_preview.xml
[2009.02.02 14:10:07 | 000,000,034 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\pcouffin.log
[2009.02.02 14:09:57 | 000,087,608 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\inst.exe
[2009.02.02 14:09:57 | 000,007,887 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\pcouffin.cat
[2009.02.02 14:09:57 | 000,001,144 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\pcouffin.inf
[2008.12.23 22:53:31 | 000,000,000 | ---- | C] () -- H:\WINDOWS\oodcnt.INI
[2008.11.21 09:17:13 | 000,022,328 | ---- | C] () -- H:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.11.21 09:17:13 | 000,022,328 | ---- | C] () -- H:\Documents and Settings\rodina\Data aplikací\PnkBstrK.sys
[2008.11.14 11:57:42 | 000,008,192 | R--- | C] () -- H:\WINDOWS\System32\drivers\ASACPI.sys
[2008.11.13 21:29:37 | 000,046,592 | ---- | C] () -- H:\WINDOWS\System32\asfrench.dll
[2008.11.13 21:29:37 | 000,046,080 | ---- | C] () -- H:\WINDOWS\System32\asrussian.dll
[2008.11.13 21:29:37 | 000,046,080 | ---- | C] () -- H:\WINDOWS\System32\asgerman.dll
[2008.11.13 21:29:37 | 000,046,080 | ---- | C] () -- H:\WINDOWS\System32\aseng.dll
[2008.11.13 21:29:37 | 000,045,568 | ---- | C] () -- H:\WINDOWS\System32\askorean.dll
[2008.11.13 21:29:37 | 000,045,568 | ---- | C] () -- H:\WINDOWS\System32\asjapan.dll
[2008.11.13 21:29:37 | 000,045,568 | ---- | C] () -- H:\WINDOWS\System32\aschs.dll
[2008.11.13 21:29:37 | 000,000,018 | ---- | C] () -- H:\WINDOWS\System32\atkid.ini
[2008.11.13 21:29:34 | 000,045,568 | ---- | C] () -- H:\WINDOWS\System32\ASCHT.dll
[2008.11.03 15:55:48 | 000,000,069 | ---- | C] () -- H:\WINDOWS\NeroDigital.ini
[2008.10.31 13:23:04 | 000,002,339 | ---- | C] () -- H:\WINDOWS\wincmd.ini
[2008.10.31 13:03:04 | 000,032,256 | ---- | C] () -- H:\Documents and Settings\rodina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.16 22:16:31 | 000,000,390 | ---- | C] () -- H:\WINDOWS\ODBC.INI
[2008.10.12 17:36:51 | 000,004,265 | ---- | C] () -- H:\WINDOWS\ODBCINST.INI
[2008.01.03 15:26:00 | 001,703,936 | ---- | C] () -- H:\WINDOWS\System32\nvwdmcpl.dll
[2008.01.03 15:26:00 | 001,486,848 | ---- | C] () -- H:\WINDOWS\System32\nview.dll
[2008.01.03 15:26:00 | 001,019,904 | ---- | C] () -- H:\WINDOWS\System32\nvwimg.dll
[2008.01.03 15:26:00 | 000,466,944 | ---- | C] () -- H:\WINDOWS\System32\nvshell.dll
[2008.01.03 15:26:00 | 000,286,720 | ---- | C] () -- H:\WINDOWS\System32\nvnt4cpl.dll
[2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- H:\WINDOWS\System32\ASUSASV2.DLL
[2003.09.30 10:47:39 | 000,165,376 | ---- | C] () -- H:\WINDOWS\System32\unrar.dll
[2003.09.30 10:47:39 | 000,092,672 | ---- | C] () -- H:\WINDOWS\System32\vorbis.dll
[2003.09.30 10:47:39 | 000,021,504 | ---- | C] () -- H:\WINDOWS\System32\ogg.dll
[2002.04.04 08:43:24 | 000,001,268 | ---- | C] () -- H:\WINDOWS\System32\OEMINFO.INI
[2001.08.29 13:11:40 | 000,398,848 | R--- | C] () -- H:\WINDOWS\System32\DK2WIN32.DLL

========== LOP Check ==========

[Zden!a]

Zbytek OTL:

[2010.10.18 16:17:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.11.07 13:27:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2010.03.24 13:52:42 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2008.12.24 21:01:57 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\DriverScanner
[2010.12.23 21:04:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.07.13 09:28:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.29 14:17:48 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\iolo
[2009.07.10 20:08:30 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Martau
[2010.07.13 09:34:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.07.13 09:39:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.12.04 08:58:05 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Temp
[2009.02.06 11:18:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.01.29 14:19:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Data aplikací\iolo
[2008.10.16 21:49:29 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\BSplayer
[2008.12.04 14:25:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\BSplayer Pro
[2008.10.16 21:36:54 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.31 12:01:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\DAEMON Tools
[2010.03.24 14:19:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\DAEMON Tools Lite
[2009.12.18 13:02:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\EurekaLog
[2010.12.23 21:12:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\ICQ
[2009.01.29 14:19:14 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\iolo
[2009.01.16 14:24:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Kingston
[2010.07.13 09:39:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\PC Suite
[2009.07.07 19:09:13 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Samsung
[2008.12.24 21:01:57 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Uniblue
[2010.12.26 10:17:15 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\uTorrent
[2010.12.25 22:18:15 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Vso
[2009.07.31 13:52:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Vlastník\Data aplikací\ICQ
[2009.01.16 08:35:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Vlastník\Data aplikací\uTorrent
[2010.12.26 09:44:11 | 000,000,416 | ---- | M] () -- H:\WINDOWS\Tasks\PCConfidential.job
[2010.12.26 09:44:11 | 000,000,434 | ---- | M] () -- H:\WINDOWS\Tasks\RegPowerClean.job
[2010.12.26 09:44:11 | 000,000,420 | ---- | M] () -- H:\WINDOWS\Tasks\RPCReminder.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG)
"OM2_Monitor" = "H:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart -- [2008.11.07 12:50:28 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.)
"uTorrent" = "H:\Program Files\uTorrent\utorrent.exe" -- [2010.08.16 14:41:58 | 000,327,472 | ---- | M] (BitTorrent, Inc.)
"ctfmon.exe" = H:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "H:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2009.12.20 11:50:35 | 000,135,664 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.10.16 22:04:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Adobe
[2009.02.02 14:25:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Ahead
[2008.10.16 21:49:29 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\BSplayer
[2008.12.04 14:25:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\BSplayer Pro
[2008.10.16 21:36:54 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.12.05 07:54:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\CyberLink
[2008.10.31 12:01:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\DAEMON Tools
[2010.03.24 14:19:12 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\DAEMON Tools Lite
[2010.12.24 12:02:10 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\dvdcss
[2009.12.18 13:02:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\EurekaLog
[2008.10.16 15:58:11 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Google
[2010.01.05 16:18:48 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\HP
[2010.07.21 16:32:04 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\HpUpdate
[2010.12.23 21:12:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\ICQ
[2008.10.12 16:03:08 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Identities
[2009.01.29 14:19:14 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\iolo
[2009.01.16 14:24:51 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Kingston
[2008.10.13 16:48:07 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Macromedia
[2008.11.07 07:35:08 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Malwarebytes
[2008.12.04 16:41:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Media Player Classic
[2010.07.18 13:58:28 | 000,000,000 | --SD | M] -- H:\Documents and Settings\rodina\Data aplikací\Microsoft
[2010.10.18 16:10:58 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Mozilla
[2008.12.08 12:10:20 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Nero
[2010.07.13 09:39:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\PC Suite
[2009.07.07 19:09:13 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Samsung
[2008.11.21 09:22:12 | 000,000,000 | RH-D | M] -- H:\Documents and Settings\rodina\Data aplikací\SecuROM
[2009.02.28 19:51:53 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\skypePM
[2009.08.14 20:30:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Sun
[2008.12.24 21:01:57 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Uniblue
[2010.12.26 10:17:15 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\uTorrent
[2010.12.26 09:50:23 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\vlc
[2010.12.25 22:18:15 | 000,000,000 | ---D | M] -- H:\Documents and Settings\rodina\Data aplikací\Vso

< %APPDATA%\*.exe /s >
[2009.02.06 09:56:06 | 000,087,608 | ---- | M] () -- H:\Documents and Settings\rodina\Data aplikací\inst.exe
[2008.05.19 12:04:49 | 007,767,064 | ---- | M] (iolo technologies, LLC ) -- H:\Documents and Settings\rodina\Data aplikací\iolo\Installers\SearchAndRecover.exe
[2009.01.16 14:09:40 | 000,937,782 | ---- | M] ( ) -- H:\Documents and Settings\rodina\Data aplikací\Kingston\SecureTraveler.exe
[2008.06.11 21:33:56 | 001,839,104 | -H-- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Kingston\SecureTravelerA.exe
[2008.07.17 23:02:16 | 003,231,744 | -H-- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Kingston\SecureTravelerB.exe
[2008.07.15 23:34:50 | 000,143,360 | ---- | M] (Kingston) -- H:\Documents and Settings\rodina\Data aplikací\Kingston\SecureTravelerDaemon.exe
[2008.06.11 21:33:56 | 001,839,104 | -H-- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Kingston\tmp\SecureTravelerA.exe
[2008.07.17 23:02:16 | 003,231,744 | -H-- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Kingston\tmp\SecureTravelerB.exe
[2008.07.15 23:34:50 | 000,143,360 | ---- | M] (Kingston) -- H:\Documents and Settings\rodina\Data aplikací\Kingston\tmp\SecureTravelerDaemon.exe
[2010.03.24 14:07:55 | 000,010,134 | R--- | M] () -- H:\Documents and Settings\rodina\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- H:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- H:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- H:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- H:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- H:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- H:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- H:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- H:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- H:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- H:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- H:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- H:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- H:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- H:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- H:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- H:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- H:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- H:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- H:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.10.16 20:47:20 | 023,890,583 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- H:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- H:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- H:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- H:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- H:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- H:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- H:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- H:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- H:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- H:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- H:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- H:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- H:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- H:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- H:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- H:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- H:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- H:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- H:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- H:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- H:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- H:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- H:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- H:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- H:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.24 13:53:15 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- H:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.10.12 17:35:24 | 000,094,208 | ---- | M] () -- H:\WINDOWS\system32\config\default.sav
[2008.10.12 17:35:24 | 000,610,304 | ---- | M] () -- H:\WINDOWS\system32\config\software.sav
[2008.10.12 17:35:24 | 000,430,080 | ---- | M] () -- H:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.12.26 09:44:16 | 000,196,554 | ---- | M] () -- H:\WINDOWS\system32\nvapps.xml
[2010.12.26 09:42:00 | 001,888,683 | ---- | M] () -- H:\WINDOWS\system32\oodbs.lor
[2010.12.25 20:04:58 | 000,002,422 | ---- | M] () -- H:\WINDOWS\system32\wpa.dbl

========== Alternate Data Streams ==========

@Alternate Data Stream - 256068 bytes -> H:\WINDOWS\temp:temp
@Alternate Data Stream - 164 bytes -> H:\WINDOWS\temp:{769C9123-FE05-97DA-812B-3247783B80AE}
@Alternate Data Stream - 115 bytes -> H:\Documents and Settings\All Users\Data aplikací\Temp:DF462FF6
@Alternate Data Stream - 109 bytes -> H:\Documents and Settings\All Users\Data aplikací\Temp:D1B5B4F1

< End of report >

[motji]

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 256068 bytes -> H:\WINDOWS\temp:temp
@Alternate Data Stream - 164 bytes -> H:\WINDOWS\temp:{769C9123-FE05-97DA-812B-3247783B80AE}
@Alternate Data Stream - 115 bytes -> H:\Documents and Settings\All Users\Data aplikací\Temp:DF462FF6
@Alternate Data Stream - 109 bytes -> H:\Documents and Settings\All Users\Data aplikací\Temp:D1B5B4F1

:files
H:\WINDOWS\system32\*.tmp.dll /s
H:\WINDOWS\system32\SET*.tmp /s
H:\WINDOWS\*.tmp /s

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde



Zkuste to s combofixem ještě jednou, ale trochu jinak. Tou modrou obrazovkou s písmem jste myslel obrazovku programu combofixu, ne BSOD?


Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný

Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com

Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr

Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif

-spusťte ho a nechejte pracovat. Sám se ukončí.

- Ted nerestartujte počítač!

Spustte přejmenovaný combofix na vánoce.com



Pokud opět nepujde, napište, něco vymyslím

[Zden!a]

Zdravim

Zde log z OTL:


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Unable to delete ADS H:\WINDOWS\temp:temp .
Unable to delete ADS H:\WINDOWS\temp:{769C9123-FE05-97DA-812B-3247783B80AE} .
Unable to delete ADS H:\Documents and Settings\All Users\Data aplikací\Temp:DF462FF6 .
Unable to delete ADS H:\Documents and Settings\All Users\Data aplikací\Temp:D1B5B4F1 .
========== FILES ==========
File\Folder H:\WINDOWS\system32\*.tmp.dll not found.
File\Folder H:\WINDOWS\system32\SET*.tmp not found.
H:\WINDOWS\temp\DIO17A.tmp moved successfully.
H:\WINDOWS\temp\DIO17B.tmp moved successfully.
H:\WINDOWS\temp\MAR2.tmp moved successfully.
H:\WINDOWS\temp\MAR3.tmp moved successfully.
H:\WINDOWS\temp\MAR4.tmp moved successfully.
H:\WINDOWS\temp\MAR5.tmp moved successfully.
H:\WINDOWS\temp\MAR6.tmp moved successfully.
H:\WINDOWS\temp\MAR7.tmp moved successfully.
H:\WINDOWS\temp\~DF521F.tmp moved successfully.
========== COMMANDS ==========
H:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: rodina
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 757944 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 159701077 bytes
->Flash cache emptied: 965 bytes

User: Vlastník
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 605246 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 154,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: rodina
->Flash cache emptied: 0 bytes

User: Vlastník
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.18.0 log created on 12272010_202224

Files\Folders moved on Reboot...
H:\Documents and Settings\rodina\Local Settings\Temporary Internet Files\Content.Word\~WRS{36D27C88-C646-4EE9-8434-97F4F1B9157C}.tmp moved successfully.
H:\Documents and Settings\rodina\Local Settings\Temporary Internet Files\Content.Word\~WRS{684917FA-3562-46BF-A5F0-D1ADB3166ED2}.tmp moved successfully.
H:\Documents and Settings\rodina\Local Settings\Temporary Internet Files\Content.Word\~WRS{7687BAA0-3E80-45CE-88E3-9E0FB7CAF727}.tmp moved successfully.
File\Folder H:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

Jeste zkusim tedy combo, ale moc mu neverim ... vcera bezel kolem 1hodiny a stale nic... uvidime, necham ho max. tedy 3 hodky a dam vedet

[motji]

Zkuste ho v nouzovém režimu, přejmenovaný. Běžel hodinu - dělal něco nebo nic?

[Zden!a]

Tak jsem zkusil combo (prejmenovany) - v normalnim rezimu jsem ho nechal 3 hodiny a opet nic ... vytvori bod obnoveni, naskocim modra tabulka ... probiha scan, ale ani po 3 h. nic ... zda se mi, ze program proste nepracuje, nescanuje ...

Zkusil jsem ho tedy v nouzovem rezimu (prejmenovany) a vysledek stejny