Problémy s PC

Zpráva

Thrall · #1 Příspěvek od **Thrall** » 18 led 2011 17:56

Dobrý den
Mám problém.
V pravém horním rohu Internetu Exploreru v okýnku "vyhledávaní" ,mi pod čarou s nápisem "historie" zůstavá historie z jednoho dne ,ale z okolních dnů po vymazání historie už nezůstává . Zkoušel jsem vše: CCleaner,vymazaní index.dat pomocí Unlockeru ,ale nic ,pořád to tam je . Ani všeljaké testovaní na viry nic nenašlo .

RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Uživatel at 2011-01-18 17:55:05
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 50 GB (33%) free of 150 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:22, on 18.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Služba Google Update (gupdate1c9faffc1c539a5) (gupdate1c9faffc1c539a5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 6050 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll [2010-10-29 641016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-02 1241448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-02 1241448]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll [2010-10-29 641016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"G Data AntiVirus Tray Application"=C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [2010-10-29 995832]
"GDFirewallTray"=C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2010-10-29 1538040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files\lg_fwupdate\fwupdate.exe [2007-02-26 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3
"IDriverT"=3
"gusvc"=2
"gupdate1c9faffc1c539a5"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-07-08 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe"="\\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe"="C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe:*:Enabled:SEGA Rally"
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe"="C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe:*:Enabled:SEGA Rally"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Disabled:Garena"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 2 months======

2011-01-18 17:37:15 ----A---- C:\ComboFix.txt
2011-01-18 17:08:50 ----D---- C:\Program Files\Unlocker
2011-01-12 18:30:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-01 22:34:59 ----D---- C:\rsit
2010-12-30 20:03:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-12-25 10:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-12-25 10:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-12-25 10:45:15 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-12-25 10:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-12-24 22:16:23 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Windows Search
2010-12-24 22:12:16 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-12-24 22:12:15 ----D---- C:\WINDOWS\system32\winrm
2010-12-24 22:12:11 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-12-24 22:12:09 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-12-24 22:11:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-12-24 22:11:42 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-12-24 22:11:25 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Windows Desktop Search
2010-12-24 22:10:35 ----D---- C:\Program Files\Windows Desktop Search
2010-12-24 22:10:34 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-12-24 22:10:22 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-12-24 22:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-12-24 22:09:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-12-24 22:09:36 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-12-24 22:09:11 ----D---- C:\Program Files\Windows Media Connect 2
2010-12-24 22:09:03 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-12-24 22:08:04 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-12-24 22:07:27 ----D---- C:\WINDOWS\system32\LogFiles
2010-12-24 22:07:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-12-24 22:07:24 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-12-24 22:04:46 ----D---- C:\WINDOWS\system32\URTTEMP
2010-12-24 21:36:01 ----D---- C:\Program Files\Microsoft.NET
2010-12-24 21:27:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Apple Computer
2010-12-24 21:10:47 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Opera
2010-12-24 21:10:38 ----D---- C:\Program Files\Opera
2010-12-23 12:27:25 ----A---- C:\WINDOWS\system32\drivers\GRD.sys
2010-12-23 12:14:43 ----A---- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
2010-12-23 12:14:43 ----A---- C:\WINDOWS\system32\drivers\GDNdisIc.sys
2010-12-23 12:14:41 ----A---- C:\WINDOWS\system32\drivers\MiniIcpt.sys
2010-12-23 12:14:41 ----A---- C:\WINDOWS\system32\drivers\HookCentre.sys
2010-12-23 12:14:41 ----A---- C:\WINDOWS\system32\drivers\GDBehave.sys
2010-12-23 12:14:13 ----D---- C:\Program Files\G Data
2010-12-23 12:14:13 ----D---- C:\Program Files\Common Files\G Data
2010-12-23 12:14:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\G DATA
2010-12-23 12:13:55 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-12-23 11:40:29 ----D---- C:\WINDOWS\temp
2010-12-23 11:33:50 ----A---- C:\WINDOWS\zip.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\SWSC.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\SWREG.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\sed.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\PEV.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\NIRCMD.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\MBR.exe
2010-12-23 11:33:50 ----A---- C:\WINDOWS\grep.exe
2010-12-23 11:33:45 ----D---- C:\WINDOWS\ERDNT
2010-12-23 11:33:38 ----D---- C:\Qoobox
2010-12-15 18:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-15 18:07:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-15 18:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-15 18:06:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-15 18:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-15 18:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-15 18:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-07 01:20:15 ----D---- C:\Program Files\ScreenShots
2010-11-25 16:59:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-11-24 07:30:02 ----D---- C:\Program Files\World of Warcraft
2010-11-23 18:14:52 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-11-23 18:14:50 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-11-23 17:25:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ESET
2010-11-23 14:00:59 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 2 months======

2011-01-18 17:55:13 ----D---- C:\Program Files\trend micro
2011-01-18 17:35:17 ----D---- C:\WINDOWS
2011-01-18 17:35:17 ----A---- C:\WINDOWS\system.ini
2011-01-18 17:33:22 ----D---- C:\WINDOWS\system32\drivers
2011-01-18 17:33:22 ----D---- C:\WINDOWS\system32
2011-01-18 17:33:22 ----D---- C:\WINDOWS\AppPatch
2011-01-18 17:33:21 ----D---- C:\Program Files\Common Files
2011-01-18 17:29:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-18 17:27:12 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-18 17:08:50 ----RD---- C:\Program Files
2011-01-16 19:21:44 ----D---- C:\WINDOWS\Prefetch
2011-01-14 19:01:26 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2011-01-14 18:58:18 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
2011-01-13 17:04:23 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic
2011-01-13 13:01:49 ----D---- C:\WINDOWS\Debug
2011-01-12 18:31:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 18:30:59 ----HD---- C:\WINDOWS\inf
2011-01-12 18:30:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 14:40:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-01 22:46:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-01 22:27:36 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-01 18:45:55 ----D---- C:\Program Files\ICQ6.5
2010-12-29 18:20:52 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-29 13:41:07 ----D---- C:\Program Files\World of Warcraft Model Viewer
2010-12-26 10:33:28 ----SHD---- C:\WINDOWS\Installer
2010-12-25 16:40:55 ----SD---- C:\WINDOWS\Tasks
2010-12-25 10:46:33 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-25 10:44:29 ----D---- C:\WINDOWS\Registration
2010-12-25 10:44:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-25 09:06:16 ----RSD---- C:\WINDOWS\assembly
2010-12-25 09:06:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-24 22:19:12 ----D---- C:\WINDOWS\system32\config
2010-12-24 22:19:05 ----D---- C:\WINDOWS\system
2010-12-24 22:19:05 ----D---- C:\Program Files\Google
2010-12-24 22:12:52 ----D---- C:\Program Files\Internet Explorer
2010-12-24 22:12:50 ----D---- C:\WINDOWS\ie8updates
2010-12-24 22:12:25 ----D---- C:\WINDOWS\Help
2010-12-24 22:12:15 ----D---- C:\WINDOWS\system32\wbem
2010-12-24 22:11:48 ----D---- C:\WINDOWS\security
2010-12-24 22:11:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-24 22:10:54 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-12-24 22:10:37 ----D---- C:\WINDOWS\system32\cs-cz
2010-12-24 22:09:22 ----A---- C:\WINDOWS\win.ini
2010-12-24 22:09:11 ----D---- C:\Program Files\Windows Media Player
2010-12-24 21:36:57 ----D---- C:\WINDOWS\WinSxS
2010-12-24 15:24:32 ----SHD---- C:\System Volume Information
2010-12-24 15:24:32 ----D---- C:\WINDOWS\system32\Restore
2010-12-23 21:01:10 ----D---- C:\WINDOWS\repair
2010-12-20 09:16:15 ----D---- C:\WINDOWS\Minidump
2010-12-15 18:04:15 ----D---- C:\Program Files\Outlook Express
2010-12-11 08:03:45 ----D---- C:\WINDOWS\Network Diagnostic
2010-11-24 09:47:00 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-11-24 07:29:59 ----D---- C:\ProgramData
2010-11-23 18:14:29 ----D---- C:\WINDOWS\system32\XPSViewer
2010-11-23 18:13:48 ----D---- C:\WINDOWS\system32\mui
2010-11-23 13:45:52 ----D---- C:\WINDOWS\Internet Logs
2010-11-21 17:57:52 ----D---- C:\Program Files\Warcraft III
2010-11-21 16:33:56 ----D---- C:\Program Files\Garena

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\WINDOWS\system32\drivers\GDBehave.sys [2010-12-23 33912]
R0 GDNdisIc;GDNdisIc; C:\WINDOWS\system32\drivers\GDNdisIc.sys [2010-12-23 29640]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\drivers\viamraid.sys [2009-06-25 104064]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2009-06-25 9216]
R1 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
R1 GRD;G Data Rootkit Detector Driver; \??\C:\WINDOWS\system32\drivers\GRD.sys []
R1 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-07-08 3257344]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-20 93696]
R3 catchme;catchme; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\catchme.sys []
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-07-08 573440]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-10-29 1098232]
R2 AVKService;G Data Scheduler; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [2010-10-29 411128]
R2 AVKWCtl;G Data Filesystem Monitor; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2010-10-29 1333776]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 GDFwSvc;G Data Personal Firewall; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2010-10-29 1610352]
R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2010-10-29 340984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9faffc1c539a5;Služba Google Update (gupdate1c9faffc1c539a5); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 19 led 2011 11:21

Hezké poledne

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-počítač se restartuje

Smažte cache Opery/Firefoxu bud ručně nebo ATF Cleanerem
http://www.slunecnice.cz/sw/atf-cleaner/

- v menu nahoře vyberte záložku Firefox / Opera a klikněte na ni
- zatrhněte Select All a pak klikněte na Empty Selected

pozor - přijdete o všechna hesla uložená ve FF /Opere!

- Na záložce main zaškrtněte All users temp a potvrdte Empty selected

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Thrall · #3 Příspěvek od **Thrall** » 19 led 2011 17:49

Vše jsem udělal a nepomohlo to.
MBAM nic nenašlo .

#4 Příspěvek od **motji** » 19 led 2011 18:33

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Thrall · #5 Příspěvek od **Thrall** » 20 led 2011 16:01

ComboFix 11-01-19.03 - Uživatel 20.01.2011 15:52:47.31.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1594 [GMT 1:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: G Data InternetSecurity 2011 *Disabled/Updated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: G Data Personal Firewall *Enabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-20 do 2011-01-20 )))))))))))))))))))))))))))))))
.

2011-01-19 12:41 . 2011-01-19 12:43 -------- dc-h--w- c:\windows\ie8
2011-01-19 10:24 . 2011-01-19 10:24 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Lišta Centrum.cz Toolbar
2011-01-19 10:23 . 2010-07-23 02:08 14808 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-01-19 10:23 . 2010-07-23 02:08 718296 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-01-19 10:23 . 2011-01-19 10:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CentrumczToolbar
2011-01-19 10:23 . 2011-01-19 10:23 -------- d-----w- c:\program files\CentrumczToolbar
2011-01-18 16:08 . 2011-01-18 18:20 -------- d-----w- c:\program files\Unlocker
2010-12-30 19:03 . 2010-12-30 19:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivX
2010-12-28 15:19 . 2008-04-14 12:00 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-12-25 10:29 . 2010-12-26 10:07 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\ApplicationHistory
2010-12-25 07:09 . 2010-12-25 07:09 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2010-12-24 21:16 . 2010-12-24 21:16 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Windows Search
2010-12-24 21:12 . 2010-12-24 21:12 -------- d-----w- c:\windows\system32\winrm
2010-12-24 21:12 . 2010-12-24 21:12 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-12-24 21:11 . 2010-12-24 21:11 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Windows Desktop Search
2010-12-24 21:10 . 2010-12-25 09:46 -------- d-----w- c:\program files\Windows Desktop Search
2010-12-24 21:10 . 2010-12-24 21:10 -------- d-----w- c:\windows\system32\GroupPolicy
2010-12-24 21:09 . 2010-12-24 21:09 -------- d-----w- c:\program files\Windows Media Connect 2
2010-12-24 21:07 . 2010-12-24 21:08 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-12-24 21:07 . 2010-12-24 21:07 -------- d-----w- c:\windows\system32\LogFiles
2010-12-24 21:04 . 2010-12-24 21:04 -------- d-----w- c:\windows\system32\URTTEMP
2010-12-24 20:36 . 2010-12-24 20:36 -------- d-----w- c:\program files\Microsoft.NET
2010-12-24 20:27 . 2010-12-25 11:19 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Apple Computer
2010-12-24 20:27 . 2010-12-24 20:27 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Apple Computer
2010-12-24 20:26 . 2010-12-24 20:26 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Apple
2010-12-24 20:10 . 2010-12-24 20:10 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Opera
2010-12-24 20:10 . 2010-12-24 20:10 -------- d-----w- c:\program files\Opera
2010-12-24 14:26 . 2010-12-24 14:26 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\G DATA
2010-12-23 11:27 . 2010-12-23 11:27 69400 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-12-23 11:14 . 2010-09-28 00:44 137800 ----a-w- c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}\Components\AvkWebFilterFF.dll
2010-12-23 11:14 . 2010-12-23 11:14 51832 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-12-23 11:14 . 2010-12-23 11:14 29640 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2010-12-23 11:14 . 2010-12-23 11:14 62584 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-12-23 11:14 . 2010-12-23 11:14 39032 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2010-12-23 11:14 . 2010-12-23 11:14 33912 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-12-23 11:14 . 2010-12-29 14:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\G DATA
2010-12-23 11:14 . 2010-12-23 11:14 -------- d-----w- c:\program files\Common Files\G Data
2010-12-23 11:14 . 2010-12-23 11:14 -------- d-----w- c:\program files\G Data
2010-12-23 11:04 . 2010-12-23 11:04 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 17:09 . 2010-08-27 12:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-08-27 12:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-02 13:43 . 2010-12-02 13:42 4902596 ----a-w- c:\windows\REGBK00.ZIP
2010-11-18 18:15 . 2009-06-25 09:52 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2008-04-14 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-01-15 17:43 . 2009-01-15 17:43 1821008 ----a-w- c:\program files\instmsiw.exe
2009-01-15 17:43 . 2009-01-15 17:43 1707856 ----a-w- c:\program files\instmsia.exe
2009-01-15 17:43 . 2009-01-15 17:43 9296384 ----a-w- c:\program files\openofficeorg30.msi
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"G Data AntiVirus Tray Application"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2010-10-29 995832]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2010-10-29 1538040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
2007-02-26 08:40 249856 ----a-w- c:\program files\lg_fwupdate\fwupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-01-24 10:32 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=2 (0x2)
"gupdate1c9faffc1c539a5"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"\\\\macek\\storage\\Instalace\\!predinstalace\\Nero CZ a Power DVD\\CDS\\Nero\\Installation\\SetupX.exe"=
"c:\\Program Files\\SEGA\\SEGA Rally\\SEGA Rally.exe"=
"c:\\Program Files\\SEGA\\SEGA Rally\\SEGA Rally_SSE1.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [23.12.2010 12:14 33912]
R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [23.12.2010 12:14 29640]
R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [23.12.2010 12:14 62584]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [23.12.2010 12:27 69400]
R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [23.12.2010 12:14 39032]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [29.10.2010 10:49 1098232]
R2 AVKService;G Data Scheduler;c:\program files\G Data\InternetSecurity\AVK\AVKService.exe [29.10.2010 10:49 411128]
R2 AVKWCtl;G Data Filesystem Monitor;c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe [29.10.2010 1:01 1333776]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [23.12.2010 12:14 51832]
R3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [29.10.2010 1:19 1610352]
R3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [29.10.2010 0:17 340984]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate1c9faffc1c539a5;Služba Google Update (gupdate1c9faffc1c539a5);c:\program files\Google\Update\GoogleUpdate.exe [2.7.2009 11:27 133104]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 10:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
IE: Crawler Search - tbr:iemenu
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\bmnurbgq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://centrum.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: G Data WebFilter: {9AA46F4F-4DC7-4c06-97AF-5035170633FE} - c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\Crawler\Toolbar\firefox
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-20 15:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(604)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2792)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-01-20 15:58:59
ComboFix-quarantined-files.txt 2011-01-20 14:58
ComboFix2.txt 2011-01-19 17:30

Před spuštěním: Volných bajtů: 54 527 574 016
Po spuštění: Volných bajtů: 54 518 431 744

- - End Of File - - 369AB2BAF3130F2C25570BF9AE711AF9

#6 Příspěvek od **motji** » 20 led 2011 21:59

Změnilo se něco?

Thrall · #7 Příspěvek od **Thrall** » 21 led 2011 13:43

Ne. ANi přeinstalace Internet exploreru nepomohla.

#8 Příspěvek od **motji** » 21 led 2011 13:45

Co Vám tam zůstává?

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Thrall · #9 Příspěvek od **Thrall** » 22 led 2011 19:45

OTL logfile created on: 22.1.2011 19:25:22 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 50,88 Gb Free Space | 34,73% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 278,23 Gb Free Space | 87,15% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.22 19:23:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
PRC - [2011.01.22 10:43:53 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.22 10:42:45 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.01.22 10:42:42 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.01.22 10:42:35 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.01.22 10:42:32 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.22 10:42:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.22 10:42:28 | 000,539,304 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2010.10.20 12:23:29 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011.01.22 19:23:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.01.22 10:43:53 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.22 10:42:45 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.01.22 10:42:35 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.01.22 10:42:32 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.22 10:42:28 | 000,539,304 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

========== Driver Services (SafeList) ==========

DRV - [2011.01.22 10:44:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.01.22 10:44:23 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.22 10:44:22 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.22 10:44:21 | 000,102,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2011.01.22 10:44:21 | 000,079,432 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2011.01.22 10:42:29 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.06.25 11:05:40 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2008.07.08 17:45:52 | 003,257,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.05.20 12:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001.08.17 21:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

OTL Extras logfile created on: 22.1.2011 19:25:22 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 50,88 Gb Free Space | 34,73% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 278,23 Gb Free Space | 87,15% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"\\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe" = \\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe" = C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe:*:Enabled:SEGA Rally -- (SEGA Publishing Europe LTD)
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe" = C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe:*:Enabled:SEGA Rally -- (SEGA Publishing Europe LTD)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Disabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D02558-42FB-5867-5AED-CE770F86BEF0}" = Catalyst Control Center Graphics Full New
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{09057AE5-C7C8-CFC7-52B8-1D3A64738D24}" = Catalyst Control Center Localization Japanese
"{1098AD6B-32E4-1E6E-56A8-E82049916198}" = CCC Help English
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{1496266C-F036-6443-84C7-23F6B2B5A604}" = CCC Help Danish
"{17592322-8F07-3162-5D2D-51AFE459A3B5}" = Skins
"{1AD473D7-7A47-5AEC-B45D-9B87414E7175}" = Digital Video Converter v1.5.0.20
"{1CB2E1B0-342E-9AED-077D-29DE893903F0}" = Catalyst Control Center Localization Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24547818-3B68-4B52-D187-9B3F2514906D}" = CCC Help Turkish
"{2E13A790-CE6E-FF70-3387-2EBA2636FA3A}" = CCC Help Chinese Traditional
"{2FA8CDDC-8C8A-7D2E-5853-B7A98536F0DE}" = CCC Help German
"{321DC8B7-9761-5128-62AB-4A7EA02172F8}" = Catalyst Control Center Localization Hungarian
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36EB58E0-9AAC-4ED4-7AF2-11F144001FF4}" = CCC Help French
"{37A32EE0-C283-0B85-4EC2-6AB385B6B20C}" = CCC Help Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CFC66CD-1B76-3ACE-2562-C2E375E93EBE}" = Catalyst Control Center Localization Norwegian
"{3D6B4A04-8AFA-AD66-E4DA-E25F555DF6F8}" = CCC Help Korean
"{3ED2807E-2EA7-D5D9-460C-2C575A8ADB8C}" = ccc-core-preinstall
"{41C6D48A-D786-FB59-3D7E-1359225958B2}" = Catalyst Control Center Localization Swedish
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4893A35F-0A23-48EC-8E74-24969244D6F2}" = Catalyst Control Center - Branding
"{4A05FF52-4AA8-4681-BC06-5EE7F812A441}" = SEGA Rally
"{4DF082C3-3756-88DF-D339-51054146B99D}" = CCC Help Thai
"{4E7E869B-0306-C17A-06F6-6EF452F6AE6A}" = Catalyst Control Center Localization Russian
"{5202E541-7DC0-B5B3-5971-51A45A02351F}" = CCC Help Norwegian
"{53445FB4-97C5-829C-13D8-D5C05D2AC053}" = CCC Help Spanish
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{559525A4-5A88-32D3-E96D-E1EFA4B51470}" = CCC Help Chinese Standard
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A6E66FB-DC7D-3664-ACBC-F9C714843D3B}" = Catalyst Control Center Localization French
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E8874AC-37E6-EEB4-5D7F-A549424FBEAD}" = CCC Help Greek
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61536EB5-D185-2AAD-1C6A-97B0A5CF613D}" = CCC Help Dutch
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{64890BCC-15C8-F6CB-BC01-6BF252498E57}" = Catalyst Control Center Localization Chinese Traditional
"{64B08B1F-4D3D-CB45-9482-FDC1251940B8}" = ccc-utility
"{650825DA-8938-6695-978D-FE5F982339AE}" = CCC Help Japanese
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A4AD7E-F2EA-0A98-3B0C-931E5216838B}" = Catalyst Control Center Localization Turkish
"{6EA35E01-493E-2419-D516-1F4AF13EA8E9}" = Catalyst Control Center Core Implementation
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{714ACFF3-B8A3-4AD6-937B-13C833D71029}" = Nero 7 Essentials
"{72D1CC28-17FB-C2D6-055B-0384F1524E99}" = CCC Help Hungarian
"{73ED8B7B-C58F-8750-3076-D5D6D9E9A717}" = Catalyst Control Center Localization Dutch
"{74133C77-0189-B9E0-CF6E-920A7B749791}" = CCC Help Russian
"{7B6A1B2E-ED88-39CC-82C9-D596E9220292}" = Catalyst Control Center Localization Italian
"{7C2BF5B2-40A5-9F36-286F-77225FDD37AD}" = Catalyst Control Center Localization Greek
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{946CBC1C-DA39-4575-2770-27FE85DB8B33}" = Catalyst Control Center Localization Korean
"{96F4E1FF-7E49-E81D-128C-322395C8A187}" = CCC Help Czech
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9F0F5015-EE82-FCD9-8EC3-81816B34BA44}" = Catalyst Control Center Localization Portuguese
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC9DC52E-D7F1-3912-122B-9A08333A81FB}" = Catalyst Control Center Graphics Light
"{B257B453-905B-2657-346A-4AEA01331059}" = Catalyst Control Center Localization Chinese Standard
"{B4CEDD55-FAEF-2E93-D766-AE63DC99D2A3}" = Catalyst Control Center Localization German
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B84167BE-BD2C-4932-A249-65520C5E8B21}" = World of Warcraft Model Viewer
"{BB840616-B72C-1208-7CEE-4F9899F2B441}" = CCC Help Italian
"{BD240450-D4C3-19A8-23C3-73B3EE550BE8}" = CCC Help Finnish
"{BD6CCED1-CFFC-9192-AE39-B78F8560F77F}" = ccc-core-static
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C44D53E7-3D08-87BA-B8EC-492EA17DFF5D}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE1DC67-E0C4-42F0-B93E-9E316C91AE1B}" = Catalyst Control Center Localization Danish
"{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}" = LightScribe System Software 1.12.29.2
"{D3C3CCB1-1379-75C5-A423-950AE0BD2E97}" = Catalyst Control Center Localization Czech
"{D6564A7C-5507-18E4-8CC8-A419D64ACB10}" = Catalyst Control Center Localization Spanish
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DFA6C4C3-1072-9193-6999-828924387535}" = CCC Help Polish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4B4646B-DAF1-DC1B-3CCA-37D926CA262A}" = Catalyst Control Center Localization Thai
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F146D563-CAFF-9FF7-FBF5-D0A452C2062F}" = Catalyst Control Center Localization Polish
"{FB834266-4A30-55F6-5D36-ADFB4AEECB87}" = CCC Help Portuguese
"7-Zip" = 7-Zip 4.65
"Acala 3GP Movies Free_is1" = Acala 3GP Movies Free 2.4.4
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Premium Security Suite
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"EADM" = EA Download Manager
"FormatFactory" = FormatFactory 2.20
"Fraps" = Fraps
"Garena" = Garena 2010
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{4A05FF52-4AA8-4681-BC06-5EE7F812A441}" = SEGA Rally
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nvu" = Nvu 1.0
"Opera 11.00.1156" = Opera 11.00
"Unlocker" = Unlocker 1.9.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.1.2011 12:06:14 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.1.2011 9:18:00 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 17.1.2011 13:49:45 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 18.1.2011 3:30:02 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 19.1.2011 2:32:36 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 19.1.2011 2:45:15 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 22.1.2011 6:01:29 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2011 6:01:36 | Computer Name = PC | Source = Application Hang | ID = 1001
Description = Chybný blok -2093078663

Error - 22.1.2011 6:02:07 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2011 6:02:12 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 22.1.2011 5:47:50 | Computer Name = PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby GDScan
s argumenty za účelem spuštění serveru: {244F96DF-80AE-45D3-968B-A53D71271177}

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDMNICPT\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby G Data AntiVirus Proxy, ale tato akce selhala kvůli následující
chybě: %%1058

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDNDISIC\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDTDIINTERCEPTOR\0000 se již v systému nenachází,
přestože nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_HOOKCENTRE\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:58:37 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 22.1.2011 6:04:50 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 22.1.2011 10:28:22 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 00E04CCB3DB0
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.1.2011 11:01:47 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 00E04CCB3DB0
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#10 Příspěvek od **motji** » 22 led 2011 21:36

ten první log není celý

, a přijde mi že máte nějaký nabořený systém

Zkoušel jste označit si řádek té historie - klik pravým tlačítkem myši - nemáte tam možnost smazat?

Thrall · #11 Příspěvek od **Thrall** » 23 led 2011 12:57

OTL logfile created on: 22.1.2011 19:25:22 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 50,88 Gb Free Space | 34,73% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 278,23 Gb Free Space | 87,15% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.22 19:23:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
PRC - [2011.01.22 10:43:53 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.22 10:42:45 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.01.22 10:42:42 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.01.22 10:42:35 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.01.22 10:42:32 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.22 10:42:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.22 10:42:28 | 000,539,304 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2010.10.20 12:23:29 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011.01.22 19:23:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.01.22 10:43:53 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.22 10:42:45 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.01.22 10:42:35 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.01.22 10:42:32 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.22 10:42:28 | 000,539,304 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

========== Driver Services (SafeList) ==========

DRV - [2011.01.22 10:44:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.01.22 10:44:23 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.22 10:44:22 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.22 10:44:21 | 000,102,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2011.01.22 10:44:21 | 000,079,432 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2011.01.22 10:42:29 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.06.25 11:05:40 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2008.07.08 17:45:52 | 003,257,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.05.20 12:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001.08.17 21:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://centrum.cz"
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10271.164
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010.09.05 17:56:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.19 11:23:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.19 11:23:42 | 000,000,000 | ---D | M]

[2009.06.30 14:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions
[2011.01.19 20:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\bmnurbgq.default\extensions
[2009.07.02 10:48:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\bmnurbgq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.19 11:24:12 | 000,001,331 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\bmnurbgq.default\searchplugins\crawlersrch.xml
[2011.01.22 10:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.05 17:56:02 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170633FE}
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.07.23 01:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.23 01:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.23 01:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.23 01:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.23 01:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.01 22:27:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)

========== Files/Folders - Created Within 30 Days ==========

[2011.01.22 19:23:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2011.01.22 13:56:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.22 10:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Avira
[2011.01.22 10:50:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
[2011.01.22 10:50:36 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.01.22 10:50:36 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.01.22 10:50:36 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.01.22 10:50:36 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.01.22 10:50:36 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.01.22 10:50:35 | 000,102,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwot.sys
[2011.01.22 10:50:35 | 000,079,432 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwim.sys
[2011.01.22 10:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.01.22 10:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.01.22 10:46:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.21 18:46:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Uživatel\Recent
[2011.01.19 18:23:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.19 18:23:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.19 18:23:42 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.19 18:23:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.19 18:23:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.19 13:41:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.19 11:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
[2011.01.19 11:24:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Lišta Centrum.cz Toolbar
[2011.01.18 17:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011.01.18 17:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Unlocker
[2010.12.30 20:03:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2010.12.28 16:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Plocha\Last Strike-Dělnický rock
[2010.12.25 11:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\ApplicationHistory
[2010.12.25 08:09:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Adobe
[2010.12.24 22:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Search
[2010.12.24 22:12:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010.12.24 22:12:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010.12.24 22:12:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010.12.24 22:11:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Desktop Search
[2010.12.24 22:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010.12.24 22:10:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010.12.24 22:09:37 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.12.24 22:09:11 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010.12.24 22:07:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010.12.24 22:07:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010.12.24 22:04:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010.12.24 21:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.12.24 21:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Apple Computer
[2010.12.24 21:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Apple Computer
[2010.12.24 21:26:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Apple
[2010.12.24 21:10:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Opera
[2010.12.24 21:10:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Opera
[2010.12.24 21:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2009.01.15 18:43:58 | 001,821,008 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
[2009.01.15 18:43:58 | 001,707,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe

========== Files - Modified Within 30 Days ==========

[2011.01.22 19:23:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2011.01.22 13:41:42 | 000,081,408 | ---- | M] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.22 11:04:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.22 10:50:49 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2011.01.22 10:44:24 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.01.22 10:44:23 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.01.22 10:44:23 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.01.22 10:44:22 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.01.22 10:44:21 | 000,102,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwot.sys
[2011.01.22 10:44:21 | 000,079,432 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwim.sys
[2011.01.22 10:44:21 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.01.22 10:39:52 | 000,825,064 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\avira_premium_security_suite.exe
[2011.01.21 18:48:12 | 004,158,883 | R--- | M] () -- C:\Documents and Settings\Uživatel\Plocha\ComboFix.exe
[2011.01.20 19:19:26 | 000,167,282 | ---- | M] () -- C:\Documents and Settings\Uživatel\Dokumenty\UPS1.xps
[2011.01.20 19:18:21 | 000,167,280 | ---- | M] () -- C:\Documents and Settings\Uživatel\Dokumenty\UPS.xps
[2011.01.19 13:58:50 | 000,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.19 11:23:45 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.01.18 20:45:38 | 000,901,632 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Wolfgang.Amadeus.Mozart.doc
[2011.01.18 17:08:50 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Start Unlocker.lnk
[2011.01.02 16:53:51 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\World of Warcraft.lnk
[2011.01.01 22:45:18 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.01.01 22:27:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.12.29 18:20:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.28 16:18:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.25 11:29:36 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\fusioncache.dat
[2010.12.25 10:44:10 | 000,510,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.12.25 10:44:10 | 000,480,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.25 10:44:10 | 000,107,312 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.12.25 10:44:10 | 000,084,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.24 22:20:16 | 000,000,187 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2010.12.24 22:09:27 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.12.24 22:09:27 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.12.24 22:07:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.12.24 21:27:59 | 000,016,788 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.12.24 21:10:44 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk

========== Files Created - No Company Name ==========

[2011.01.22 10:50:49 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2011.01.22 10:39:50 | 000,825,064 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\avira_premium_security_suite.exe
[2011.01.20 19:33:44 | 000,070,544 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.01.20 19:19:25 | 000,167,282 | ---- | C] () -- C:\Documents and Settings\Uživatel\Dokumenty\UPS1.xps
[2011.01.20 19:17:20 | 000,167,280 | ---- | C] () -- C:\Documents and Settings\Uživatel\Dokumenty\UPS.xps
[2011.01.19 18:23:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.19 18:23:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.19 18:23:42 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.19 18:23:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.19 18:23:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.19 18:20:42 | 004,158,883 | R--- | C] () -- C:\Documents and Settings\Uživatel\Plocha\ComboFix.exe
[2011.01.19 11:23:45 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.01.18 20:22:05 | 000,901,632 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\Wolfgang.Amadeus.Mozart.doc
[2011.01.18 17:12:31 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\Start Unlocker.lnk
[2010.12.27 19:25:21 | 000,677,166 | ---- | C] () -- C:\Documents and Settings\Uživatel\Dokumenty\vánoce_09_narozeniny_10 014.jpg
[2010.12.25 11:29:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\fusioncache.dat
[2010.12.24 22:10:53 | 000,001,795 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Search.lnk
[2010.12.24 22:07:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.12.24 21:27:59 | 000,016,788 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.12.24 21:10:44 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2010.12.24 21:10:44 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.03.13 19:03:44 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2009.07.05 11:11:39 | 000,062,232 | R--- | C] () -- C:\WINDOWS\System32\GameuxInstallHelper.dll
[2009.06.25 21:27:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.06.25 16:09:29 | 000,081,408 | ---- | C] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.25 14:21:34 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.06.25 14:21:32 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.06.25 14:21:32 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.06.25 14:21:31 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.06.25 14:21:29 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.06.25 13:45:20 | 000,000,265 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009.06.25 13:39:56 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009.06.25 13:39:55 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009.06.25 13:39:55 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009.06.25 13:39:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009.06.25 13:39:54 | 000,121,329 | ---- | C] () -- C:\WINDOWS\Cmuda.ini
[2009.06.25 13:39:54 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009.06.25 12:47:53 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.06.25 11:18:48 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.01.15 18:47:52 | 112,634,569 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2009.01.15 18:43:56 | 009,296,384 | ---- | C] () -- C:\Program Files\openofficeorg30.msi
[2009.01.15 18:43:56 | 000,000,336 | ---- | C] () -- C:\Program Files\setup.ini
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2006.02.09 09:53:28 | 000,043,014 | ---- | C] () -- C:\WINDOWS\php.ini
[2006.01.11 17:15:20 | 001,069,056 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2001.01.12 10:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2010.11.06 09:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.11.06 09:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2010.10.06 14:16:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.08.24 13:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.08.15 10:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2011.01.22 10:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\G DATA
[2009.07.05 11:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.11.06 09:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2009.10.03 10:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.10.06 14:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVG10
[2010.09.05 18:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\CheckPoint
[2009.08.24 13:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools Lite
[2010.11.23 17:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ESET
[2010.10.02 13:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\gtk-2.0
[2010.09.17 20:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
[2009.08.16 14:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Nvu
[2010.02.24 18:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org
[2010.12.24 21:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Opera
[2010.12.24 22:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Desktop Search
[2010.12.24 22:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Search

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.25 17:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Adobe
[2009.07.05 11:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ahead
[2010.12.25 12:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Apple Computer
[2009.06.25 12:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ATI
[2010.10.06 14:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVG10
[2011.01.22 10:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Avira
[2010.09.05 18:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\CheckPoint
[2010.01.30 18:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\CyberLink
[2009.08.24 13:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools Lite
[2010.11.23 17:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ESET
[2009.07.02 11:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Google
[2010.10.02 13:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\gtk-2.0
[2010.09.17 20:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
[2009.06.25 10:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Identities
[2009.06.25 16:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Macromedia
[2010.08.27 13:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2011.01.22 13:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic
[2010.09.05 17:13:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
[2009.06.30 14:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
[2009.08.16 14:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Nvu
[2010.02.24 18:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org
[2010.12.24 21:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Opera
[2011.01.22 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Skype
[2011.01.22 12:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
[2010.12.24 22:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Desktop Search
[2010.12.24 22:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Windows Search
[2009.09.12 13:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.06.25 11:19:06 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2009.07.06 16:51:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2004.03.29 15:45:36 | 000,073,600 | ---- | M] (VIA Technologies inc,.ltd) MD5=65864ABA65EEE06EA586009301834E43 -- C:\WINDOWS\OemDir\viamraid.sys
[2004.03.29 15:45:36 | 000,073,600 | ---- | M] (VIA Technologies inc,.ltd) MD5=65864ABA65EEE06EA586009301834E43 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\viamraid.sys
[2009.06.25 11:05:41 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.06.25 12:41:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.06.25 12:41:12 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.06.25 12:41:12 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< %systemroot%\system32\drivers\*.sys /3 >
[2011.01.22 10:44:21 | 000,079,432 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avfwim.sys
[2011.01.22 10:44:21 | 000,102,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avfwot.sys
[2011.01.22 10:44:21 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntdd.sys
[2011.01.22 10:44:22 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys
[2011.01.22 10:44:23 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntmgr.sys
[2011.01.22 10:44:23 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys
[2011.01.22 10:44:24 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

< %systemroot%\system32\*.* /3 >

< End of report >

Tady ,pardon. Jak nabořený ? Nestrašte mě ... Jinak vymazat to opravdu nejde i když kliknu na ikonku červeného křížku nic . Asi se stala nějaká chyba a někam se to uložilo kam nemá . Jako když si Internet Explorer uložil špatnou ikoconku vašeho webu a měl jsem u adresy ikonku Centrum.cz . Problem je že můžu odinstalovat jenom Internet explorer 8 ale zakladni ne .Je videt ze je to ta chyba jak rikam protoze u Mozzili nebo Opery to nedela.

Thrall · #12 Příspěvek od **Thrall** » 23 led 2011 13:00

OTL Extras logfile created on: 22.1.2011 19:25:22 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 50,88 Gb Free Space | 34,73% Space Free | Partition Type: NTFS
Drive D: | 319,27 Gb Total Space | 278,23 Gb Free Space | 87,15% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"\\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe" = \\macek\storage\Instalace\!predinstalace\Nero CZ a Power DVD\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe" = C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe:*:Enabled:SEGA Rally -- (SEGA Publishing Europe LTD)
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe" = C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe:*:Enabled:SEGA Rally -- (SEGA Publishing Europe LTD)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- ()
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Disabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D02558-42FB-5867-5AED-CE770F86BEF0}" = Catalyst Control Center Graphics Full New
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{09057AE5-C7C8-CFC7-52B8-1D3A64738D24}" = Catalyst Control Center Localization Japanese
"{1098AD6B-32E4-1E6E-56A8-E82049916198}" = CCC Help English
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{1496266C-F036-6443-84C7-23F6B2B5A604}" = CCC Help Danish
"{17592322-8F07-3162-5D2D-51AFE459A3B5}" = Skins
"{1AD473D7-7A47-5AEC-B45D-9B87414E7175}" = Digital Video Converter v1.5.0.20
"{1CB2E1B0-342E-9AED-077D-29DE893903F0}" = Catalyst Control Center Localization Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24547818-3B68-4B52-D187-9B3F2514906D}" = CCC Help Turkish
"{2E13A790-CE6E-FF70-3387-2EBA2636FA3A}" = CCC Help Chinese Traditional
"{2FA8CDDC-8C8A-7D2E-5853-B7A98536F0DE}" = CCC Help German
"{321DC8B7-9761-5128-62AB-4A7EA02172F8}" = Catalyst Control Center Localization Hungarian
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36EB58E0-9AAC-4ED4-7AF2-11F144001FF4}" = CCC Help French
"{37A32EE0-C283-0B85-4EC2-6AB385B6B20C}" = CCC Help Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CFC66CD-1B76-3ACE-2562-C2E375E93EBE}" = Catalyst Control Center Localization Norwegian
"{3D6B4A04-8AFA-AD66-E4DA-E25F555DF6F8}" = CCC Help Korean
"{3ED2807E-2EA7-D5D9-460C-2C575A8ADB8C}" = ccc-core-preinstall
"{41C6D48A-D786-FB59-3D7E-1359225958B2}" = Catalyst Control Center Localization Swedish
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4893A35F-0A23-48EC-8E74-24969244D6F2}" = Catalyst Control Center - Branding
"{4A05FF52-4AA8-4681-BC06-5EE7F812A441}" = SEGA Rally
"{4DF082C3-3756-88DF-D339-51054146B99D}" = CCC Help Thai
"{4E7E869B-0306-C17A-06F6-6EF452F6AE6A}" = Catalyst Control Center Localization Russian
"{5202E541-7DC0-B5B3-5971-51A45A02351F}" = CCC Help Norwegian
"{53445FB4-97C5-829C-13D8-D5C05D2AC053}" = CCC Help Spanish
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{559525A4-5A88-32D3-E96D-E1EFA4B51470}" = CCC Help Chinese Standard
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A6E66FB-DC7D-3664-ACBC-F9C714843D3B}" = Catalyst Control Center Localization French
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E8874AC-37E6-EEB4-5D7F-A549424FBEAD}" = CCC Help Greek
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61536EB5-D185-2AAD-1C6A-97B0A5CF613D}" = CCC Help Dutch
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{64890BCC-15C8-F6CB-BC01-6BF252498E57}" = Catalyst Control Center Localization Chinese Traditional
"{64B08B1F-4D3D-CB45-9482-FDC1251940B8}" = ccc-utility
"{650825DA-8938-6695-978D-FE5F982339AE}" = CCC Help Japanese
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A4AD7E-F2EA-0A98-3B0C-931E5216838B}" = Catalyst Control Center Localization Turkish
"{6EA35E01-493E-2419-D516-1F4AF13EA8E9}" = Catalyst Control Center Core Implementation
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{714ACFF3-B8A3-4AD6-937B-13C833D71029}" = Nero 7 Essentials
"{72D1CC28-17FB-C2D6-055B-0384F1524E99}" = CCC Help Hungarian
"{73ED8B7B-C58F-8750-3076-D5D6D9E9A717}" = Catalyst Control Center Localization Dutch
"{74133C77-0189-B9E0-CF6E-920A7B749791}" = CCC Help Russian
"{7B6A1B2E-ED88-39CC-82C9-D596E9220292}" = Catalyst Control Center Localization Italian
"{7C2BF5B2-40A5-9F36-286F-77225FDD37AD}" = Catalyst Control Center Localization Greek
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{946CBC1C-DA39-4575-2770-27FE85DB8B33}" = Catalyst Control Center Localization Korean
"{96F4E1FF-7E49-E81D-128C-322395C8A187}" = CCC Help Czech
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9F0F5015-EE82-FCD9-8EC3-81816B34BA44}" = Catalyst Control Center Localization Portuguese
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC9DC52E-D7F1-3912-122B-9A08333A81FB}" = Catalyst Control Center Graphics Light
"{B257B453-905B-2657-346A-4AEA01331059}" = Catalyst Control Center Localization Chinese Standard
"{B4CEDD55-FAEF-2E93-D766-AE63DC99D2A3}" = Catalyst Control Center Localization German
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B84167BE-BD2C-4932-A249-65520C5E8B21}" = World of Warcraft Model Viewer
"{BB840616-B72C-1208-7CEE-4F9899F2B441}" = CCC Help Italian
"{BD240450-D4C3-19A8-23C3-73B3EE550BE8}" = CCC Help Finnish
"{BD6CCED1-CFFC-9192-AE39-B78F8560F77F}" = ccc-core-static
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C44D53E7-3D08-87BA-B8EC-492EA17DFF5D}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE1DC67-E0C4-42F0-B93E-9E316C91AE1B}" = Catalyst Control Center Localization Danish
"{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}" = LightScribe System Software 1.12.29.2
"{D3C3CCB1-1379-75C5-A423-950AE0BD2E97}" = Catalyst Control Center Localization Czech
"{D6564A7C-5507-18E4-8CC8-A419D64ACB10}" = Catalyst Control Center Localization Spanish
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DFA6C4C3-1072-9193-6999-828924387535}" = CCC Help Polish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4B4646B-DAF1-DC1B-3CCA-37D926CA262A}" = Catalyst Control Center Localization Thai
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F146D563-CAFF-9FF7-FBF5-D0A452C2062F}" = Catalyst Control Center Localization Polish
"{FB834266-4A30-55F6-5D36-ADFB4AEECB87}" = CCC Help Portuguese
"7-Zip" = 7-Zip 4.65
"Acala 3GP Movies Free_is1" = Acala 3GP Movies Free 2.4.4
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Premium Security Suite
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"EADM" = EA Download Manager
"FormatFactory" = FormatFactory 2.20
"Fraps" = Fraps
"Garena" = Garena 2010
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{4A05FF52-4AA8-4681-BC06-5EE7F812A441}" = SEGA Rally
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nvu" = Nvu 1.0
"Opera 11.00.1156" = Opera 11.00
"Unlocker" = Unlocker 1.9.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1078081533-1844237615-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.1.2011 12:06:14 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.1.2011 9:18:00 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 17.1.2011 13:49:45 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 18.1.2011 3:30:02 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 19.1.2011 2:32:36 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 19.1.2011 2:45:15 | Computer Name = PC | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex

Error - 22.1.2011 6:01:29 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2011 6:01:36 | Computer Name = PC | Source = Application Hang | ID = 1001
Description = Chybný blok -2093078663

Error - 22.1.2011 6:02:07 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2011 6:02:12 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 22.1.2011 5:47:50 | Computer Name = PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby GDScan
s argumenty za účelem spuštění serveru: {244F96DF-80AE-45D3-968B-A53D71271177}

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDMNICPT\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby G Data AntiVirus Proxy, ale tato akce selhala kvůli následující
chybě: %%1058

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDNDISIC\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_GDTDIINTERCEPTOR\0000 se již v systému nenachází,
přestože nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:48:42 | Computer Name = PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_HOOKCENTRE\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 22.1.2011 5:58:37 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 22.1.2011 6:04:50 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 22.1.2011 10:28:22 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 00E04CCB3DB0
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.1.2011 11:01:47 | Computer Name = PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 00E04CCB3DB0
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#13 Příspěvek od **motji** » 23 led 2011 18:42

Já už tedy nevím, promazal jste dočasné soubory u IE? Jsou skryté

Musíte si zobrazit skryté a systémové soubory -
-pujdete do dokument and settings, Local servise i network servise - Temorary internet files - a zkuste se tam podívat.

Funguje Vám daemon a alcohol?

Thrall · #14 Příspěvek od **Thrall** » 23 led 2011 18:43

deamon ani alcohol nemám

#15 Příspěvek od **motji** » 23 led 2011 22:21

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC

Co ta historie IE?

VIRY.CZ

Problémy s PC

Problémy s PC

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie

Re: Nejde vymazat historie