prosím o kontrolu

Zpráva

casablancass · #1 Příspěvek od **casablancass** » 19 říj 2014 10:00

Zdravím všechny. Prosím o preventivní kontrolu a pár rad.

Pc jsem si nedávno projel Ccleanerem a dneska SpyBotem SaD. Spybot mi našel dva záznamy(file - Invisible to Win32 a folder - No Admin in ACL), které nemůžu smazat. Proto jsem se raději rozhodnul pro kontrolu.

Stáhnul jsem si HiJackThis a udělal log. V Program Files mám složku HiJackThis i se starým logem z dřívější doby, tak jsem čekal, že se mi log uloží tam, ale vytvořil se mi jen na ploše.

Samotný log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:58, on 19.10.2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy 2\SDRootAlyzer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\zakaznik\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=100000014&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SysMon] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll" rdl
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 5993 bytes

#2 Příspěvek od **Márty84** » 19 říj 2014 11:08

Zdravim

Tak nejdrive par doporuceni.

Odinstalujte Spybota, program je zastaraly a v podstate k nicemu.

Aktualizujte system - dounstalujte Service Pack 3

Samotne HJT uz se davno nepouziva, je nedostacujici. Kouknete o kousek vyse na ten velky, barevne odliseny, obdelnik a dejte log z RSIT

casablancass · #3 Příspěvek od **casablancass** » 19 říj 2014 20:11

Děkuji.

SP3 nainstalován a SpyBot odinstalován.

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by zakaznik at 2014-10-19 21:09:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (11%) free of 153 GB
Total RAM: 1022 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:12, on 19.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\zakaznik\Plocha\firefox stažené\RSIT.exe
C:\Program Files\trend micro\zakaznik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=100000014&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SysMon] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll" rdl
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe

--
End of file - 5733 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.64 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\
doplky-pro-firefox.xml
google-esk-republika---pouze-esky.xml
google-esk-republika.xml
google-peklada.xml
google-us.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"SysMon"=C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll [2010-05-06 1268736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe"="C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-10-19 21:09:50 ----D---- C:\Program Files\trend micro
2014-10-19 21:09:49 ----D---- C:\rsit
2014-10-19 21:03:40 ----A---- C:\WINDOWS\OEWABLog.txt
2014-10-19 21:02:44 ----D---- C:\WINDOWS\Prefetch
2014-10-19 20:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2014-10-19 20:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2014-10-19 20:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2014-10-19 20:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2014-10-19 20:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-10-19 20:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-10-19 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2014-10-19 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2014-10-19 20:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-10-19 20:37:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-10-19 20:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2014-10-19 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-10-19 20:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-10-19 20:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2014-10-19 20:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2014-10-19 20:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-10-19 20:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-10-19 20:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-10-19 20:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-10-19 20:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-10-19 20:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-10-19 20:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-10-19 20:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-10-19 20:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-10-19 20:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2014-10-19 20:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-10-19 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2014-10-19 20:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-10-19 20:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2014-10-19 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-10-19 20:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2014-10-19 20:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2014-10-19 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2014-10-19 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2014-10-19 20:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2014-10-19 20:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2014-10-19 20:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2014-10-19 20:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-10-19 20:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-10-19 20:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2014-10-19 20:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2014-10-19 20:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2014-10-19 20:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-10-19 20:03:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-10-19 20:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-10-19 20:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-10-19 20:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2014-10-19 20:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2014-10-19 19:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2014-10-19 19:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-10-19 19:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2014-10-19 19:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2014-10-19 19:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-10-19 19:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-10-19 19:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2014-10-19 19:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2014-10-19 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2014-10-19 19:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2014-10-19 19:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-10-19 19:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2014-10-19 19:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2014-10-19 19:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2014-10-19 19:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2014-10-19 19:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2014-10-19 19:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2014-10-19 19:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2014-10-19 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-10-19 19:40:50 ----D---- C:\WINDOWS\LastGood.Tmp
2014-10-19 19:37:17 ----A---- C:\WINDOWS\setuplog.txt
2014-10-19 19:35:26 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\smtpapi.dll
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\rwnh.dll
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2014-10-19 19:35:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\azroles.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2014-10-19 19:35:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2014-10-19 19:35:15 ----N---- C:\WINDOWS\system32\credssp.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2014-10-19 19:35:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3svc.dll
2014-10-19 19:34:34 ----N---- C:\WINDOWS\system32\eapolqec.dll
2014-10-19 19:34:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2014-10-19 19:34:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2014-10-19 19:34:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2014-10-19 19:33:57 ----N---- C:\WINDOWS\system32\eapphost.dll
2014-10-19 19:33:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapsvc.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapqec.dll
2014-10-19 19:33:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2014-10-19 19:33:20 ----N---- C:\WINDOWS\system32\kmsvc.dll
2014-10-19 19:33:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2014-10-19 19:33:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2014-10-19 19:32:57 ----N---- C:\WINDOWS\system32\mssha.dll
2014-10-19 19:32:56 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\napipsec.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2014-10-19 19:32:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2014-10-19 19:32:45 ----N---- C:\WINDOWS\system32\napstat.exe
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\onex.dll
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2014-10-19 19:32:30 ----N---- C:\WINDOWS\system32\qagent.dll
2014-10-19 19:32:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2014-10-19 19:32:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\qutil.dll
2014-10-19 19:32:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\setupn.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slserv.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slgen.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\verclsid.exe
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tspkg.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tsgqec.dll
2014-10-19 19:31:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2014-10-19 19:31:41 ----N---- C:\WINDOWS\slrundll.exe
2014-10-19 19:31:38 ----D---- C:\WINDOWS\l2schemas
2014-10-19 19:31:37 ----D---- C:\WINDOWS\system32\cs
2014-10-19 19:31:36 ----D---- C:\WINDOWS\system32\bits
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2014-10-19 19:11:55 ----D---- C:\WINDOWS\network diagnostic
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2014-10-19 19:11:48 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2014-10-19 19:05:59 ----A---- C:\WINDOWS\002869_.tmp
2014-10-19 19:00:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

======List of files/folders modified in the last 1 month======

2014-10-19 21:09:52 ----D---- C:\WINDOWS\temp
2014-10-19 21:09:50 ----RD---- C:\Program Files
2014-10-19 21:05:49 ----D---- C:\WINDOWS\system32
2014-10-19 21:05:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-19 21:05:00 ----D---- C:\WINDOWS\Debug
2014-10-19 21:04:59 ----D---- C:\WINDOWS
2014-10-19 21:03:15 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-19 21:02:11 ----D---- C:\WINDOWS\system32\Setup
2014-10-19 21:02:11 ----D---- C:\WINDOWS\AppPatch
2014-10-19 21:02:10 ----D---- C:\WINDOWS\system32\wbem
2014-10-19 21:02:09 ----RSD---- C:\WINDOWS\Fonts
2014-10-19 21:02:03 ----D---- C:\WINDOWS\system32\drivers
2014-10-19 21:01:21 ----D---- C:\WINDOWS\security
2014-10-19 21:01:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-19 20:53:22 ----HD---- C:\WINDOWS\inf
2014-10-19 20:52:41 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-19 20:52:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-19 20:39:34 ----D---- C:\Program Files\Outlook Express
2014-10-19 20:32:10 ----D---- C:\Program Files\Movie Maker
2014-10-19 19:43:46 ----D---- C:\Program Files\Messenger
2014-10-19 19:35:47 ----D---- C:\WINDOWS\WinSxS
2014-10-19 19:35:28 ----D---- C:\WINDOWS\ehome
2014-10-19 19:35:24 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-19 19:35:22 ----D---- C:\WINDOWS\Help
2014-10-19 19:35:21 ----D---- C:\WINDOWS\ime
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\usmt
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\cs-cz
2014-10-19 19:31:38 ----SHD---- C:\WINDOWS\Installer
2014-10-19 19:31:36 ----D---- C:\WINDOWS\PeerNet
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\Restore
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\npp
2014-10-19 19:17:46 ----D---- C:\WINDOWS\msagent
2014-10-19 19:17:40 ----D---- C:\WINDOWS\srchasst
2014-10-19 19:17:33 ----D---- C:\Program Files\NetMeeting
2014-10-19 19:17:27 ----D---- C:\WINDOWS\system32\Com
2014-10-19 19:17:22 ----D---- C:\Program Files\Windows Media Player
2014-10-19 19:17:13 ----D---- C:\Program Files\Common Files\System
2014-10-19 19:16:23 ----D---- C:\WINDOWS\system32\oobe
2014-10-19 19:16:18 ----D---- C:\WINDOWS\system
2014-10-19 18:53:10 ----SHD---- C:\System Volume Information
2014-10-19 18:46:36 ----D---- C:\WINDOWS\repair
2014-10-19 18:46:34 ----D---- C:\WINDOWS\system32\NtmsData
2014-10-19 18:46:25 ----D---- C:\WINDOWS\Registration
2014-10-19 18:35:52 ----D---- C:\Program Files\Full Tilt Poker
2014-10-19 18:18:41 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-10-19 12:28:25 ----A---- C:\WINDOWS\WININIT.INI
2014-10-19 12:28:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-10-19 12:27:33 ----SD---- C:\WINDOWS\Tasks
2014-10-18 14:49:33 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-18 14:06:40 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-10-18 10:55:01 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
2014-10-18 10:54:11 ----D---- C:\WINDOWS\Minidump
2014-10-18 10:39:17 ----D---- C:\Program Files\Internet Explorer
2014-10-11 08:29:31 ----D---- C:\Program Files\PokerStars

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-21 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 null_flt;null_flt; \??\C:\WINDOWS\System32\Drivers\null_flt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 altm0kf1;altm0kf1; C:\WINDOWS\system32\drivers\altm0kf1.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\zakaznik\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2010-05-20 30576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-11-15 217088]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 wmcmgc;Windows Management Configuration; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-17 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 19 říj 2014 20:17

Vyborne, tak jdeme postupne cistit

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

casablancass · #5 Příspěvek od **casablancass** » 19 říj 2014 20:54

crystal disk info:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2014/10/19 21:53:34

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- ST3160212AS
- Sekundární kanál IDE (1)
+ Řadič VIA rozhraní IDE ke sběrnici PCI v režimu Bus Master [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- PHILIPS DVD8801
+ ALTM0KF1 IDE Controller [SCSI]
- HAXEBQX F4XQZGT SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST3160212AS : 160,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST3160212AS
----------------------------------------------------------------------------
Model : ST3160212AS
Firmware : 3.AAE
Serial Number : 5LS7P3HC
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 2048 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 25866 hod.
Power On Count : 7640 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _94 __6 000004E06D45 Počet chyb čtení
03 _95 _94 __0 000000000000 Čas na roztočení ploten
04 _93 _93 _20 000000001DE3 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _89 _60 _30 0000334080B5 Počet chybných hledání
09 _71 _71 __0 00000000650A Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _93 _93 _20 000000001DD8 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD _98 _98 __0 000000000002 Vysoká rychlost zápisu
BE _60 _51 _45 00002B280028 Teplota toku vzduchu
C2 _40 _49 __0 000F00000028 Teplota
C3 _67 _46 __0 00000BC2AEE7 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 354C 354C 5337 5033 4843
020: 0000 1000 0004 332E 4141 2020 2020 5354 3331 3630
030: 3231 3241 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0040 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 8002 8002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1312 0002 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 0C00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A2A5

casablancass · #6 Příspěvek od **casablancass** » 19 říj 2014 21:15

# AdwCleaner v4.000 - Report created 19/10/2014 at 22:02:39
# DB v
# Updated 12/10/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : zakaznik - USER
# Running from : C:\Documents and Settings\zakaznik\Plocha\firefox stažené\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\BS_Player
Folder Deleted : C:\Documents and Settings\zakaznik\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\Conduit
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\ICQToolbarData
Folder Deleted : C:\Documents and Settings\zakaznik\Data aplikací\OpenCandy
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\invalidprefs.js
File Deleted : C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\icqplugin.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\muzapp.exe]
Key Deleted : HKCU\Software\Grand Virtual
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.17055

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

*************************

AdwCleaner[R0].txt - [2938 octets] - [19/10/2014 21:57:38]
AdwCleaner[S0].txt - [2859 octets] - [19/10/2014 22:02:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2919 octets] ##########

#7 Příspěvek od **Márty84** » 20 říj 2014 17:57

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

casablancass · #8 Příspěvek od **casablancass** » 21 říj 2014 15:06

Díky za rady, tady to je:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.10.21.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
zakaznik :: USER [administrátor]

Ochrana: Zakázána

21.10.2014 11:42:53
MBAM-log-2014-10-21 (16-02-45).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 449976
Uplynulý čas: 4 hodin, 13 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 5
C:\Documents and Settings\zakaznik\Dokumenty\Downloads\Wondershare.Photo.Recovery.v3.0.3.Incl.Keymaker-CORE\CORE10k.EXE (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\zakaznik\Dokumenty\Stažené soubory\SkypeSetupFull_inst.exe (PUP.Optional.FriedCookie) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\zakaznik\Local Settings\temp\KNaXvWOK.exe.part (PUP.Optional.OptimunInstaller) -> Nebyla provedena žádná instrukce.
C:\Program Files\ICQ7.2\upgrade\2dcd1d63cb45e6613582211c3d5f4b23 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{26837103-34EF-4295-B835-69581D5142C5}\RP1337\A0425278.exe (Trojan.Downloader.Agent) -> Nebyla provedena žádná instrukce.

(konec)

#9 Příspěvek od **Márty84** » 21 říj 2014 15:10

Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

casablancass · #10 Příspěvek od **casablancass** » 22 říj 2014 11:18

Chtěl jsem se ještě zeptat, jestli je v případě scanování MBAM lepší vypnout antivir a připojení k internetu, nebo na tom zase tak nezáleží?

#11 Příspěvek od **Márty84** » 22 říj 2014 11:45

Nejak moc na tom nezalezi. Mozna by to trosku urychlilo test, ale na vysledky to vliv nema

casablancass · #12 Příspěvek od **casablancass** » 23 říj 2014 11:24

Test dokončen. Žádné infikované soubory nenalezeny.

Zapnut bod obnovy.

Je to všechno?

#13 Příspěvek od **Márty84** » 23 říj 2014 11:27

Jeste ne

Bylo by dobre to docistit uplne.

MBAM muzete odinstalovat.

Dejte novy log z RSIT.

casablancass · #14 Příspěvek od **casablancass** » 23 říj 2014 13:17

Děkuji.

Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by zakaznik at 2014-10-23 14:13:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (17%) free of 153 GB
Total RAM: 1022 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:14:59, on 23.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\zakaznik\Plocha\firefox stažené\RSIT.exe
C:\Program Files\trend micro\zakaznik.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SysMon] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll" rdl
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 6003 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.64 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\zakaznik\Data aplikací\Mozilla\Firefox\Profiles\s2ej2umb.default\searchplugins\
doplky-pro-firefox.xml
google-esk-republika---pouze-esky.xml
google-esk-republika.xml
google-peklada.xml
google-us.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"SysMon"=C:\Documents and Settings\All Users\Data aplikací\SysMon\ASK.dll [2010-05-06 1268736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poorfox\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe"="C:\Documents and Settings\zakaznik\Plocha\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\zakaznik\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-10-21 11:34:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-10-21 11:34:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-21 06:21:00 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\Malwarebytes
2014-10-21 06:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-10-19 21:57:34 ----D---- C:\AdwCleaner
2014-10-19 21:09:50 ----D---- C:\Program Files\trend micro
2014-10-19 21:09:49 ----D---- C:\rsit
2014-10-19 21:03:40 ----A---- C:\WINDOWS\OEWABLog.txt
2014-10-19 21:02:44 ----D---- C:\WINDOWS\Prefetch
2014-10-19 20:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2014-10-19 20:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2014-10-19 20:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2014-10-19 20:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2014-10-19 20:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-10-19 20:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-10-19 20:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2014-10-19 20:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2014-10-19 20:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-10-19 20:37:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-10-19 20:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2014-10-19 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-10-19 20:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-10-19 20:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2014-10-19 20:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2014-10-19 20:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-10-19 20:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-10-19 20:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-10-19 20:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-10-19 20:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-10-19 20:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-10-19 20:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-10-19 20:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-10-19 20:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-10-19 20:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2014-10-19 20:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-10-19 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2014-10-19 20:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-10-19 20:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2014-10-19 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-10-19 20:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2014-10-19 20:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2014-10-19 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2014-10-19 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2014-10-19 20:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2014-10-19 20:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2014-10-19 20:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2014-10-19 20:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-10-19 20:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-10-19 20:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2014-10-19 20:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2014-10-19 20:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2014-10-19 20:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-10-19 20:03:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-10-19 20:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-10-19 20:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-10-19 20:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2014-10-19 20:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2014-10-19 19:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2014-10-19 19:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-10-19 19:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2014-10-19 19:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2014-10-19 19:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-10-19 19:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-10-19 19:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2014-10-19 19:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2014-10-19 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2014-10-19 19:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2014-10-19 19:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-10-19 19:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2014-10-19 19:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2014-10-19 19:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2014-10-19 19:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2014-10-19 19:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2014-10-19 19:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2014-10-19 19:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2014-10-19 19:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-10-19 19:37:17 ----A---- C:\WINDOWS\setuplog.txt
2014-10-19 19:35:26 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2014-10-19 19:35:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2014-10-19 19:35:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2014-10-19 19:35:18 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\azroles.dll
2014-10-19 19:35:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2014-10-19 19:35:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2014-10-19 19:35:15 ----N---- C:\WINDOWS\system32\credssp.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsroam.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2014-10-19 19:35:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2014-10-19 19:35:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2014-10-19 19:34:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2014-10-19 19:34:45 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
2014-10-19 19:34:35 ----N---- C:\WINDOWS\system32\dot3svc.dll
2014-10-19 19:34:34 ----N---- C:\WINDOWS\system32\eapolqec.dll
2014-10-19 19:34:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2014-10-19 19:34:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2014-10-19 19:34:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2014-10-19 19:33:57 ----N---- C:\WINDOWS\system32\eapphost.dll
2014-10-19 19:33:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapsvc.dll
2014-10-19 19:33:38 ----N---- C:\WINDOWS\system32\eapqec.dll
2014-10-19 19:33:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2014-10-19 19:33:31 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2014-10-19 19:33:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2014-10-19 19:33:20 ----N---- C:\WINDOWS\system32\kmsvc.dll
2014-10-19 19:33:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-10-19 19:33:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2014-10-19 19:33:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2014-10-19 19:32:57 ----N---- C:\WINDOWS\system32\mssha.dll
2014-10-19 19:32:56 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\napipsec.dll
2014-10-19 19:32:55 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2014-10-19 19:32:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2014-10-19 19:32:45 ----N---- C:\WINDOWS\system32\napstat.exe
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\onex.dll
2014-10-19 19:32:42 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2014-10-19 19:32:30 ----N---- C:\WINDOWS\system32\qagent.dll
2014-10-19 19:32:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2014-10-19 19:32:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2014-10-19 19:32:02 ----N---- C:\WINDOWS\system32\qutil.dll
2014-10-19 19:32:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2014-10-19 19:32:00 ----N---- C:\WINDOWS\system32\setupn.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slserv.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2014-10-19 19:31:59 ----N---- C:\WINDOWS\system32\slgen.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\verclsid.exe
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tspkg.dll
2014-10-19 19:31:57 ----N---- C:\WINDOWS\system32\tsgqec.dll
2014-10-19 19:31:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2014-10-19 19:31:41 ----N---- C:\WINDOWS\slrundll.exe
2014-10-19 19:31:38 ----D---- C:\WINDOWS\l2schemas
2014-10-19 19:31:37 ----D---- C:\WINDOWS\system32\cs
2014-10-19 19:31:36 ----D---- C:\WINDOWS\system32\bits
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2014-10-19 19:11:55 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2014-10-19 19:11:55 ----D---- C:\WINDOWS\network diagnostic
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2014-10-19 19:11:54 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2014-10-19 19:11:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2014-10-19 19:11:52 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2014-10-19 19:11:51 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2014-10-19 19:11:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2014-10-19 19:11:49 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2014-10-19 19:11:48 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2014-10-19 19:11:47 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2014-10-19 19:11:46 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2014-10-19 19:11:45 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2014-10-19 19:11:44 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2014-10-19 19:11:43 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2014-10-19 19:11:42 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2014-10-19 19:11:41 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2014-10-19 19:11:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2014-10-19 19:11:39 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2014-10-19 19:11:38 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2014-10-19 19:11:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2014-10-19 19:05:59 ----A---- C:\WINDOWS\002869_.tmp
2014-10-19 19:05:57 ----A---- C:\WINDOWS\imsins.BAK
2014-10-19 19:00:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

======List of files/folders modified in the last 1 month======

2014-10-23 14:14:00 ----D---- C:\WINDOWS\temp
2014-10-23 11:45:04 ----SHD---- C:\System Volume Information
2014-10-23 11:43:10 ----D---- C:\WINDOWS\system32\drivers
2014-10-21 22:22:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-21 16:43:53 ----D---- C:\WINDOWS\Minidump
2014-10-21 16:43:53 ----D---- C:\WINDOWS
2014-10-21 11:34:31 ----RD---- C:\Program Files
2014-10-20 17:40:43 ----HD---- C:\WINDOWS\inf
2014-10-20 17:40:16 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-20 11:02:14 ----D---- C:\WINDOWS\system32
2014-10-20 11:02:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-20 11:01:44 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-20 06:38:00 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-19 22:02:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-10-19 21:05:00 ----D---- C:\WINDOWS\Debug
2014-10-19 21:02:11 ----D---- C:\WINDOWS\system32\Setup
2014-10-19 21:02:11 ----D---- C:\WINDOWS\AppPatch
2014-10-19 21:02:10 ----D---- C:\WINDOWS\system32\wbem
2014-10-19 21:02:09 ----RSD---- C:\WINDOWS\Fonts
2014-10-19 21:01:21 ----D---- C:\WINDOWS\security
2014-10-19 20:52:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-19 20:39:34 ----D---- C:\Program Files\Outlook Express
2014-10-19 20:32:10 ----D---- C:\Program Files\Movie Maker
2014-10-19 19:43:46 ----D---- C:\Program Files\Messenger
2014-10-19 19:35:47 ----D---- C:\WINDOWS\WinSxS
2014-10-19 19:35:28 ----D---- C:\WINDOWS\ehome
2014-10-19 19:35:22 ----D---- C:\WINDOWS\Help
2014-10-19 19:35:21 ----D---- C:\WINDOWS\ime
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\usmt
2014-10-19 19:31:41 ----D---- C:\WINDOWS\system32\cs-cz
2014-10-19 19:31:38 ----SHD---- C:\WINDOWS\Installer
2014-10-19 19:31:36 ----D---- C:\WINDOWS\PeerNet
2014-10-19 19:18:10 ----D---- C:\WINDOWS\ServicePackFiles
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\Restore
2014-10-19 19:17:47 ----D---- C:\WINDOWS\system32\npp
2014-10-19 19:17:46 ----D---- C:\WINDOWS\msagent
2014-10-19 19:17:40 ----D---- C:\WINDOWS\srchasst
2014-10-19 19:17:33 ----D---- C:\Program Files\NetMeeting
2014-10-19 19:17:27 ----D---- C:\WINDOWS\system32\Com
2014-10-19 19:17:22 ----D---- C:\Program Files\Windows Media Player
2014-10-19 19:17:13 ----D---- C:\Program Files\Common Files\System
2014-10-19 19:16:23 ----D---- C:\WINDOWS\system32\oobe
2014-10-19 19:16:18 ----D---- C:\WINDOWS\system
2014-10-19 19:05:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-10-19 18:53:50 ----D---- C:\WINDOWS\system32\NtmsData
2014-10-19 18:46:36 ----D---- C:\WINDOWS\repair
2014-10-19 18:46:25 ----D---- C:\WINDOWS\Registration
2014-10-19 18:35:52 ----D---- C:\Program Files\Full Tilt Poker
2014-10-19 18:18:41 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-10-19 12:28:25 ----A---- C:\WINDOWS\WININIT.INI
2014-10-19 12:28:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-10-19 12:27:33 ----SD---- C:\WINDOWS\Tasks
2014-10-18 14:49:33 ----D---- C:\WINDOWS\system32\drivers\etc
2014-10-18 14:06:40 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-10-18 10:55:01 ----D---- C:\Documents and Settings\zakaznik\Data aplikací\uTorrent
2014-10-18 10:39:17 ----D---- C:\Program Files\Internet Explorer
2014-10-11 08:29:31 ----D---- C:\Program Files\PokerStars

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-21 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 null_flt;null_flt; \??\C:\WINDOWS\System32\Drivers\null_flt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 a53vk96s;a53vk96s; C:\WINDOWS\system32\drivers\a53vk96s.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\zakaznik\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2010-05-20 30576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-11-15 217088]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 wmcmgc;Windows Management Configuration; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-17 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#15 Příspěvek od **Márty84** » 23 říj 2014 14:10

Posledni sken a budem mazat

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

VIRY.CZ

prosím o kontrolu

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu