VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=97193

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 03 úno 2010 23:08
od milko
Dobrý večer, mohl bych poprosit o kontrolu logu z combofixu. Děkuji


ComboFix 10-02-03.04 - milda 03.02.2010 22:48:03.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.2066 [GMT 1:00]
Spuštěný z: c:\users\milda\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\temp
c:\users\milda\Music\Mercyful Fate - Don't Break The Oath\_desktop.ini
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))
.

2010-01-31 18:58 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-31 18:58 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-29 23:46 . 2010-01-29 23:46 -------- d-----w- c:\programdata\ATI
2010-01-29 23:42 . 2010-01-29 23:42 10134 ----a-r- c:\users\milda\AppData\Roaming\Microsoft\Installer\{AC9BAC65-97AC-4F3F-23A0-706169424F59}\ARPPRODUCTICON.exe
2010-01-29 23:31 . 2008-05-28 23:03 37176 ----a-w- c:\users\milda\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-29 23:20 . 2010-01-29 23:20 -------- d--h--w- c:\windows\PIF
2010-01-29 23:16 . 2008-04-07 04:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-01-29 23:08 . 2010-01-29 23:08 -------- d-----w- c:\program files\Adobe Media Player
2010-01-29 23:07 . 2010-01-29 23:07 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-28 22:20 . 2010-01-28 22:20 -------- d-----w- c:\windows\system32\RTCOM
2010-01-28 22:17 . 2010-01-28 22:20 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-01-28 20:47 . 2010-01-28 20:47 -------- d-----w- c:\users\milda\AppData\Local\MigWiz
2010-01-28 00:11 . 2010-01-28 00:11 -------- d-----w- c:\users\milda\AppData\Roaming\Malwarebytes
2010-01-28 00:10 . 2010-01-31 18:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-28 00:10 . 2010-01-28 00:10 -------- d-----w- c:\programdata\Malwarebytes
2010-01-27 23:59 . 2010-01-28 21:01 -------- d-----w- c:\users\milda\AppData\Local\temp(340)
2010-01-27 23:11 . 2010-01-27 23:11 -------- d-----w- c:\program files\Ultimate Process Manager
2010-01-27 18:18 . 2010-01-27 18:18 -------- d-----w- c:\users\milda\AppData\Local\ArcSoft
2010-01-27 18:14 . 2010-01-27 18:14 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2010-01-27 18:14 . 2010-01-27 18:14 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2010-01-27 18:14 . 2010-01-27 18:18 -------- d-----w- c:\users\milda\AppData\Roaming\ArcSoft
2010-01-27 18:13 . 2010-01-27 18:14 -------- d-----w- c:\programdata\ArcSoft
2010-01-27 18:13 . 2010-01-27 18:13 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-01-27 17:27 . 2010-01-28 22:15 -------- d-----w- c:\program files\Lavalys
2010-01-27 12:37 . 2010-01-27 12:37 -------- d-----w- c:\users\milda\AppData\Local\Opera
2010-01-27 00:55 . 2010-01-27 00:55 -------- d-----w- c:\users\milda\Tracing
2010-01-27 00:53 . 2010-01-28 17:02 -------- d-----w- c:\program files\Microsoft
2010-01-27 00:53 . 2010-01-27 00:53 -------- d-----w- c:\program files\Windows Live
2010-01-27 00:50 . 2010-01-27 00:50 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-27 00:19 . 2010-01-27 00:25 -------- d-----w- c:\users\milda\AppData\Roaming\XnView
2010-01-27 00:19 . 2010-01-27 00:19 -------- d-----w- c:\program files\XnView
2010-01-26 20:05 . 2010-02-02 21:53 -------- d-----w- c:\programdata\TrackMania
2010-01-26 01:32 . 2010-01-26 01:40 -------- d-----w- c:\program files\TrackMania United
2010-01-25 01:15 . 2010-01-25 01:15 -------- d-----w- c:\program files\Alcohol Soft
2010-01-23 23:33 . 2010-01-23 23:42 -------- d-----w- c:\users\milda\AppData\Roaming\FileZilla
2010-01-23 17:05 . 2010-01-30 00:06 -------- d-----w- c:\users\milda\win7
2010-01-23 02:21 . 2010-01-23 02:21 -------- d-----w- c:\programdata\ALM
2010-01-17 19:35 . 2010-01-17 19:35 -------- d-----w- c:\program files\Stardock
2010-01-17 19:26 . 2010-01-17 19:26 -------- d-----w- c:\program files\AveIconifier2
2010-01-14 08:55 . 2010-01-14 08:55 -------- d-----r- C:\Sandbox
2010-01-14 08:54 . 2010-01-14 08:54 -------- d-----w- c:\program files\Sandboxie
2010-01-12 22:30 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-12 22:30 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-05 00:44 . 2010-01-05 00:44 466944 ------w- c:\windows\Setup1.exe
2010-01-05 00:44 . 2010-01-05 00:44 73216 ----a-w- c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 21:53 . 2008-01-21 06:46 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-02-03 21:53 . 2008-01-21 06:46 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-02-03 21:46 . 2009-12-25 00:28 -------- d-----w- c:\users\milda\AppData\Roaming\WTablet
2010-02-03 21:45 . 2009-10-28 17:41 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-02 01:46 . 2009-07-24 18:17 -------- d-----w- c:\users\milda\AppData\Roaming\uTorrent
2010-02-01 02:12 . 2009-07-20 20:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-29 23:45 . 2009-07-20 20:40 -------- d-----w- c:\program files\ATI Technologies
2010-01-29 23:33 . 2009-07-20 17:24 67608 ----a-w- c:\users\milda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-29 23:26 . 2009-07-21 19:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-28 22:19 . 2009-07-28 23:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-28 21:51 . 2009-11-04 17:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-28 21:10 . 2009-07-21 20:29 -------- d-----w- c:\users\milda\AppData\Roaming\LangSoft
2010-01-28 21:10 . 2009-11-17 19:38 -------- d-----w- c:\programdata\FLEXnet
2010-01-28 21:10 . 2009-07-21 20:46 -------- d-----w- c:\programdata\MediaMonkey
2010-01-28 21:10 . 2009-09-06 14:18 -------- d-----w- c:\program files\ImageConverter Plus
2010-01-28 21:10 . 2009-07-20 20:16 -------- d-----w- c:\program files\CCleaner
2010-01-28 00:54 . 2009-08-16 22:39 -------- d-----w- c:\program files\Realtek
2010-01-27 18:13 . 2009-07-28 23:09 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-14 10:12 . 2009-10-02 21:00 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 22:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-05 19:06 . 2009-07-28 23:08 -------- d-----w- c:\program files\LG PC Suite II
2010-01-02 06:38 . 2010-01-28 21:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-28 21:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-28 21:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-28 21:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-25 02:43 . 2009-12-25 00:28 -------- d-----w- c:\users\milda\AppData\Roaming\WTouch
2009-12-25 00:28 . 2009-12-25 00:27 -------- d-----w- c:\program files\WTouch
2009-12-25 00:27 . 2009-12-25 00:24 -------- d-----w- c:\program files\Tablet
2009-12-23 01:41 . 2009-12-23 01:31 -------- d-----w- c:\program files\IrfanView
2009-12-20 15:10 . 2009-12-20 15:10 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-10 01:35 . 2009-08-12 18:42 -------- d-----w- c:\programdata\Microsoft Help
2009-12-08 21:44 . 2009-12-08 21:44 -------- d-----w- c:\users\milda\AppData\Roaming\PLANStudio Setup
2009-11-26 00:00 . 2009-07-21 20:30 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2009-11-26 00:00 . 2009-07-21 20:30 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2009-11-26 00:00 . 2009-07-21 20:30 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2009-11-25 23:59 . 2009-11-25 23:45 45056 ----a-w- c:\windows\TRNOEH.DLL
2009-11-25 23:59 . 2009-11-25 23:45 26624 ----a-w- c:\windows\OETRN.EXE
2009-11-25 23:59 . 2009-11-25 23:45 200704 ----a-w- c:\windows\TRNOET.DLL
2009-11-25 23:56 . 2009-11-25 23:43 516096 ----a-w- c:\windows\UN32.EXE
2009-11-24 23:54 . 2009-07-20 17:38 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-07-20 17:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-07-20 17:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-07-20 17:38 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-07-20 17:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-07-20 17:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-07-20 17:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-09 12:31 . 2009-12-11 13:45 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-11 13:45 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-11 13:45 411648 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1152602.exe" [2009-11-06 464312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,7d,53,dc,e2,21,ca,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [20.7.2009 18:39 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [20.7.2009 18:39 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [20.7.2009 18:38 53328]
R2 TabletServicePen;TabletServicePen;c:\windows\System32\Pen_Tablet.exe [25.12.2009 1:24 4408616]
R2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [25.12.2009 1:27 112936]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [1.12.2009 14:55 119296]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\System32\drivers\wacmoumonitor.sys [25.12.2009 1:24 15656]
R3 WacomVTHid;Virtual Touch Driver;c:\windows\System32\drivers\WacomVTHid.sys [25.12.2009 1:27 13224]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [19.10.2009 0:38 722416]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.8.2008 5:46 284016]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [27.1.2010 18:27 26736]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000Core.job
- c:\users\milda\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-20 19:04]

2010-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000UA.job
- c:\users\milda\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-20 19:04]

2010-02-03 c:\windows\Tasks\User_Feed_Synchronization-{60C3B1A9-D886-4CB7-BA8A-945FD3FC0BF3}.job
- c:\windows\system32\msfeedssync.exe [2010-01-28 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\milda\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 22:56
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-02-03 22:58:40
ComboFix-quarantined-files.txt 2010-02-03 21:58
ComboFix2.txt 2010-01-27 23:31

Před spuštěním: Volných bajtů: 279 363 760 128
Po spuštění: Volných bajtů: 279 296 942 080

- - End Of File - - 970370D88DEB99FB647D590811583F4E

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 09:03
od stell
zdravim

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 18:15
od milko
Děkuji. Přikládám nově vytvořený log.

ComboFix 10-02-03.04 - milda 04.02.2010 17:54:38.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.2198 [GMT 1:00]
Spuštěný z: c:\users\milda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\milda\Desktop\CFScript.txt.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-04 do 2010-02-04 )))))))))))))))))))))))))))))))
.

2010-02-04 17:02 . 2010-02-04 17:03 -------- d-----w- c:\users\milda\AppData\Local\temp
2010-01-31 18:58 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-31 18:58 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-29 23:46 . 2010-01-29 23:46 -------- d-----w- c:\programdata\ATI
2010-01-29 23:20 . 2010-01-29 23:20 -------- d--h--w- c:\windows\PIF
2010-01-29 23:16 . 2008-04-07 04:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-01-29 23:08 . 2010-01-29 23:08 -------- d-----w- c:\program files\Adobe Media Player
2010-01-29 23:07 . 2010-01-29 23:07 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-28 22:20 . 2010-01-28 22:20 -------- d-----w- c:\windows\system32\RTCOM
2010-01-28 22:17 . 2010-01-28 22:20 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-01-28 20:47 . 2010-01-28 20:47 -------- d-----w- c:\users\milda\AppData\Local\MigWiz
2010-01-28 00:11 . 2010-01-28 00:11 -------- d-----w- c:\users\milda\AppData\Roaming\Malwarebytes
2010-01-28 00:10 . 2010-01-31 18:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-28 00:10 . 2010-01-28 00:10 -------- d-----w- c:\programdata\Malwarebytes
2010-01-27 23:59 . 2010-01-28 21:01 -------- d-----w- c:\users\milda\AppData\Local\temp(340)
2010-01-27 23:11 . 2010-01-27 23:11 -------- d-----w- c:\program files\Ultimate Process Manager
2010-01-27 18:18 . 2010-01-27 18:18 -------- d-----w- c:\users\milda\AppData\Local\ArcSoft
2010-01-27 18:14 . 2010-01-27 18:14 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2010-01-27 18:14 . 2010-01-27 18:14 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2010-01-27 18:14 . 2010-01-27 18:18 -------- d-----w- c:\users\milda\AppData\Roaming\ArcSoft
2010-01-27 18:13 . 2010-01-27 18:14 -------- d-----w- c:\programdata\ArcSoft
2010-01-27 18:13 . 2010-01-27 18:13 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-01-27 17:27 . 2010-01-28 22:15 -------- d-----w- c:\program files\Lavalys
2010-01-27 12:37 . 2010-01-27 12:37 -------- d-----w- c:\users\milda\AppData\Local\Opera
2010-01-27 00:55 . 2010-01-27 00:55 -------- d-----w- c:\users\milda\Tracing
2010-01-27 00:53 . 2010-01-28 17:02 -------- d-----w- c:\program files\Microsoft
2010-01-27 00:53 . 2010-01-27 00:53 -------- d-----w- c:\program files\Windows Live
2010-01-27 00:50 . 2010-01-27 00:50 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-27 00:19 . 2010-01-27 00:25 -------- d-----w- c:\users\milda\AppData\Roaming\XnView
2010-01-27 00:19 . 2010-01-27 00:19 -------- d-----w- c:\program files\XnView
2010-01-26 20:05 . 2010-02-03 22:40 -------- d-----w- c:\programdata\TrackMania
2010-01-26 01:32 . 2010-01-26 01:40 -------- d-----w- c:\program files\TrackMania United
2010-01-25 01:15 . 2010-01-25 01:15 -------- d-----w- c:\program files\Alcohol Soft
2010-01-23 23:33 . 2010-01-23 23:42 -------- d-----w- c:\users\milda\AppData\Roaming\FileZilla
2010-01-23 17:05 . 2010-01-30 00:06 -------- d-----w- c:\users\milda\win7
2010-01-23 02:21 . 2010-01-23 02:21 -------- d-----w- c:\programdata\ALM
2010-01-17 19:35 . 2010-01-17 19:35 -------- d-----w- c:\program files\Stardock
2010-01-17 19:26 . 2010-01-17 19:26 -------- d-----w- c:\program files\AveIconifier2
2010-01-14 08:55 . 2010-01-14 08:55 -------- d-----r- C:\Sandbox
2010-01-14 08:54 . 2010-01-14 08:54 -------- d-----w- c:\program files\Sandboxie
2010-01-12 22:30 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-12 22:30 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-04 17:03 . 2009-12-25 00:28 -------- d-----w- c:\users\milda\AppData\Roaming\WTablet
2010-02-04 17:02 . 2009-10-28 17:41 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-04 16:59 . 2008-01-21 06:46 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-02-04 16:59 . 2008-01-21 06:46 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-02-02 01:46 . 2009-07-24 18:17 -------- d-----w- c:\users\milda\AppData\Roaming\uTorrent
2010-02-01 02:12 . 2009-07-20 20:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-29 23:45 . 2009-07-20 20:40 -------- d-----w- c:\program files\ATI Technologies
2010-01-29 23:42 . 2010-01-29 23:42 10134 ----a-r- c:\users\milda\AppData\Roaming\Microsoft\Installer\{AC9BAC65-97AC-4F3F-23A0-706169424F59}\ARPPRODUCTICON.exe
2010-01-29 23:33 . 2009-07-20 17:24 67608 ----a-w- c:\users\milda\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-29 23:26 . 2009-07-21 19:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-28 22:19 . 2009-07-28 23:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-28 21:51 . 2009-11-04 17:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-28 21:10 . 2009-07-21 20:29 -------- d-----w- c:\users\milda\AppData\Roaming\LangSoft
2010-01-28 21:10 . 2009-11-17 19:38 -------- d-----w- c:\programdata\FLEXnet
2010-01-28 21:10 . 2009-07-21 20:46 -------- d-----w- c:\programdata\MediaMonkey
2010-01-28 21:10 . 2009-09-06 14:18 -------- d-----w- c:\program files\ImageConverter Plus
2010-01-28 21:10 . 2009-07-20 20:16 -------- d-----w- c:\program files\CCleaner
2010-01-28 00:54 . 2009-08-16 22:39 -------- d-----w- c:\program files\Realtek
2010-01-27 18:13 . 2009-07-28 23:09 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-14 10:12 . 2009-10-02 21:00 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 22:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-05 19:06 . 2009-07-28 23:08 -------- d-----w- c:\program files\LG PC Suite II
2010-01-05 00:44 . 2010-01-05 00:44 466944 ------w- c:\windows\Setup1.exe
2010-01-05 00:44 . 2010-01-05 00:44 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-01-02 06:38 . 2010-01-28 21:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-28 21:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-28 21:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-28 21:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-25 02:43 . 2009-12-25 00:28 -------- d-----w- c:\users\milda\AppData\Roaming\WTouch
2009-12-25 00:28 . 2009-12-25 00:27 -------- d-----w- c:\program files\WTouch
2009-12-25 00:27 . 2009-12-25 00:24 -------- d-----w- c:\program files\Tablet
2009-12-23 01:41 . 2009-12-23 01:31 -------- d-----w- c:\program files\IrfanView
2009-12-20 15:10 . 2009-12-20 15:10 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-10 01:35 . 2009-08-12 18:42 -------- d-----w- c:\programdata\Microsoft Help
2009-12-08 21:44 . 2009-12-08 21:44 -------- d-----w- c:\users\milda\AppData\Roaming\PLANStudio Setup
2009-11-26 00:00 . 2009-07-21 20:30 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2009-11-26 00:00 . 2009-07-21 20:30 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2009-11-26 00:00 . 2009-07-21 20:30 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2009-11-25 23:59 . 2009-11-25 23:45 45056 ----a-w- c:\windows\TRNOEH.DLL
2009-11-25 23:59 . 2009-11-25 23:45 26624 ----a-w- c:\windows\OETRN.EXE
2009-11-25 23:59 . 2009-11-25 23:45 200704 ----a-w- c:\windows\TRNOET.DLL
2009-11-25 23:56 . 2009-11-25 23:43 516096 ----a-w- c:\windows\UN32.EXE
2009-11-24 23:54 . 2009-07-20 17:38 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-07-20 17:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-07-20 17:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-07-20 17:38 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-07-20 17:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-07-20 17:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-07-20 17:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-09 12:31 . 2009-12-11 13:45 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-11 13:45 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-11 13:45 411648 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,7d,53,dc,e2,21,ca,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [20.7.2009 18:39 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [20.7.2009 18:39 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [20.7.2009 18:38 53328]
R2 TabletServicePen;TabletServicePen;c:\windows\System32\Pen_Tablet.exe [25.12.2009 1:24 4408616]
R2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [25.12.2009 1:27 112936]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [1.12.2009 14:55 119296]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\System32\drivers\wacmoumonitor.sys [25.12.2009 1:24 15656]
R3 WacomVTHid;Virtual Touch Driver;c:\windows\System32\drivers\WacomVTHid.sys [25.12.2009 1:27 13224]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.8.2008 5:46 284016]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [27.1.2010 18:27 26736]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'

2010-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000Core.job
- c:\users\milda\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-20 19:04]

2010-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000UA.job
- c:\users\milda\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-20 19:04]

2010-02-04 c:\windows\Tasks\User_Feed_Synchronization-{60C3B1A9-D886-4CB7-BA8A-945FD3FC0BF3}.job
- c:\windows\system32\msfeedssync.exe [2010-01-28 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\milda\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-04 18:03
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll Ntfs.sys fltmgr.sys luafv.sys fileinfo.sys >>UNKNOWN [0x852E31F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8afa0d24
\Driver\ACPI -> acpi.sys @ 0x80739d68
\Driver\atapi -> 0x852e21f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\WTouch\WTouchUser.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\oodag.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\windows\system32\WTablet\Pen_TabletUser.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\windows\servicing\TrustedInstaller.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2010-02-04 18:07:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-04 17:07
ComboFix2.txt 2010-02-03 21:58
ComboFix3.txt 2010-01-27 23:31

Před spuštěním: Volných bajtů: 277 779 566 592
Po spuštění: Volných bajtů: 277 744 910 336

- - End Of File - - D1A475206E5C8AFB00FE91226B86C1D7

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 18:31
od stell
Stahni OTListIt2>> OTL
- spust
-file age-zmen na -7-day
-zafajkni
-Scan all users.
-Lop check.
-Purity check.
-v sekciiExtra Registry>zaboduj>Use SafeList
-do okna Custom Scans/Fixes>vloz zeleny text a klik Run SCAN
-scan trva [10-15 min]>.potom vloz sem
-OTL.txt (bude na ploche).

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
%SYSTEMROOT%\system32\*.dll /lockedfiles
%SYSTEMROOT%\Tasks\*.job /lockedfiles
- klik na run scan
- vytvori se log s nazvem OTL, jen obsah vloz sem

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 19:26
od milko
Log z OTL

OTL logfile created on: 4.2.2010 19:11:03 - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\milda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 258,62 Gb Free Space | 55,53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MILDA-PC
Current User Name: milda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.04 19:08:08 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\milda\Desktop\OTL.exe
PRC - [2010.01.06 20:39:52 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.01 14:55:10 | 000,066,560 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.09.30 04:54:10 | 000,733,184 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2009.07.15 17:13:06 | 003,662,632 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009.07.15 17:13:04 | 000,393,512 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009.07.15 17:13:04 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009.07.15 17:13:02 | 004,408,616 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009.04.11 07:28:15 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
PRC - [2009.04.11 07:28:06 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.11.03 10:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodag.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:25:32 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006.02.28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe


========== Modules (SafeList) ==========

MOD - [2010.02.04 19:08:08 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\milda\Desktop\OTL.exe
MOD - [2009.04.11 07:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.04.11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.01.30 00:04:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.12.01 14:55:10 | 000,066,560 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.30 04:54:10 | 000,733,184 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.15 17:13:04 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009.07.15 17:13:02 | 004,408,616 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009.02.18 19:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.11.04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.11.03 10:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Windows\System32\oodag.exe -- (O&O Defrag)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.11.02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006.10.26 12:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.02.28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)


========== Driver Services (SafeList) ==========

DRV - [2009.12.01 14:55:10 | 000,119,296 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.10.28 11:39:26 | 002,785,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.10.19 00:38:29 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.30 05:19:20 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.03 17:21:36 | 000,168,448 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.05.25 00:00:00 | 000,026,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009.05.20 23:14:32 | 000,013,224 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVTHid.sys -- (WacomVTHid)
DRV - [2009.05.20 20:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.01.30 22:29:50 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008.01.21 03:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.02.16 20:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 01:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2005.06.24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005.05.26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005.05.26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-825745627-877188655-1165282588-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-825745627-877188655-1165282588-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-825745627-877188655-1165282588-1000\S-1-5-21-825745627-877188655-1165282588-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-825745627-877188655-1165282588-1000\S-1-5-21-825745627-877188655-1165282588-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: hidemenubar@moztw.org:1.0.20091221
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2007.30

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.06 20:39:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.28 18:03:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009.11.26 02:44:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.01.28 18:03:13 | 000,000,000 | ---D | M]

[2009.07.20 21:13:22 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Extensions
[2010.02.03 21:16:43 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions
[2009.11.26 01:00:52 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.01.15 23:48:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.11.21 01:07:46 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\cs@dictionaries.addons.mozilla.org
[2009.11.21 01:10:20 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\fastdial@telega.phpnet.us
[2010.01.07 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\hidemenubar@moztw.org
[2010.01.27 18:40:54 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Mozilla\Firefox\Profiles\70jvi8p4.default\extensions\Office2007Black@JBBS(361)
[2009.07.20 21:13:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.15 19:42:42 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.15 19:42:42 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.15 19:42:42 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.15 19:42:42 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.15 19:42:42 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.02.04 18:03:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-825745627-877188655-1165282588-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-825745627-877188655-1165282588-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-825745627-877188655-1165282588-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-825745627-877188655-1165282588-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-825745627-877188655-1165282588-1000\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-be ... canner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008.01.21 03:34:27 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 7 Days ==========

[2010.02.04 19:08:06 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\milda\Desktop\OTL.exe
[2010.02.04 18:07:49 | 000,000,000 | ---D | C] -- C:\Users\milda\AppData\Local\temp
[2010.02.04 18:03:20 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010.02.04 18:02:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.02.04 17:51:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.02.03 22:47:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.02.03 22:47:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.02.03 22:47:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.02.03 22:46:57 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.01.31 19:58:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.31 19:58:46 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.30 13:41:01 | 000,000,000 | ---D | C] -- C:\Users\milda\Application Data
[2010.01.30 13:32:34 | 000,000,000 | ---D | C] -- C:\Users\milda\Documents\Adobe
[2010.01.30 04:54:35 | 000,000,000 | ---D | C] -- C:\Users\milda\Documents\Priroda
[2010.01.30 00:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.01.30 00:42:18 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.01.30 00:20:42 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010.01.30 00:16:40 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2010.01.30 00:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010.01.30 00:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.01.29 02:31:53 | 000,000,000 | ---D | C] -- C:\Users\milda\Documents\Downloads
[2010.01.28 23:20:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.01.28 23:19:58 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.01.28 23:19:58 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.01.28 23:19:58 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.01.28 23:19:58 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.01.28 23:19:58 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.01.28 23:19:58 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.01.28 23:19:57 | 002,796,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.01.28 23:19:57 | 002,785,568 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.01.28 23:19:57 | 001,528,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.01.28 23:19:57 | 000,338,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.01.28 23:19:57 | 000,055,328 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.01.28 23:19:56 | 000,347,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.01.28 23:19:56 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.01.28 23:19:56 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.01.28 23:19:56 | 000,164,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.01.28 23:19:56 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.01.28 23:19:56 | 000,059,392 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.01.28 23:19:55 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.01.28 23:19:55 | 000,306,176 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.01.28 23:19:55 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.01.28 23:19:54 | 000,281,600 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.01.28 23:19:54 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.01.28 23:19:54 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.01.28 23:19:50 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.01.28 23:17:11 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.01.28 22:28:48 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.01.28 22:28:47 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.01.28 22:28:47 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.01.28 22:28:47 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.01.28 22:28:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.01.28 22:28:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.01.28 22:28:47 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.01.28 22:28:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.01.28 22:28:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.01.28 22:28:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.01.28 22:28:46 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.01.28 22:28:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.01.28 22:28:46 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.01.28 22:28:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.01.28 21:47:42 | 000,000,000 | ---D | C] -- C:\Users\milda\AppData\Local\MigWiz

========== Files - Modified Within 7 Days ==========

[2010.02.04 19:08:48 | 007,340,032 | -HS- | M] () -- C:\Users\milda\ntuser.dat
[2010.02.04 19:08:08 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\milda\Desktop\OTL.exe
[2010.02.04 18:17:15 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.02.04 18:17:15 | 000,598,594 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.02.04 18:17:15 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.02.04 18:17:15 | 000,114,786 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.02.04 18:17:15 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.02.04 18:14:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000UA.job
[2010.02.04 18:11:25 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.04 18:11:24 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.04 18:11:21 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.04 18:11:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.04 18:11:10 | 3485,990,912 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.04 18:11:09 | 000,339,682 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2010.02.04 18:10:06 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.02.04 18:10:05 | 000,524,288 | -HS- | M] () -- C:\Users\milda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.02.04 18:10:05 | 000,065,536 | -HS- | M] () -- C:\Users\milda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.02.04 18:10:00 | 001,821,590 | -H-- | M] () -- C:\Users\milda\AppData\Local\IconCache.db
[2010.02.04 18:03:23 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.02.04 18:03:16 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.02.04 17:22:26 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{60C3B1A9-D886-4CB7-BA8A-945FD3FC0BF3}.job
[2010.02.04 02:14:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-825745627-877188655-1165282588-1000Core.job
[2010.02.03 23:01:18 | 000,001,678 | ---- | M] () -- C:\Windows\MAILTRAN.INI
[2010.02.03 22:44:19 | 003,845,286 | R--- | M] () -- C:\Users\milda\Desktop\ComboFix.exe
[2010.02.02 21:00:04 | 001,170,468 | ---- | M] () -- C:\Users\milda\Desktop\ALBUM_manual_CZ.pdf
[2010.01.31 19:58:51 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.01.30 17:17:49 | 000,203,597 | ---- | M] () -- C:\Users\milda\Desktop\063.jpg
[2010.01.30 15:42:33 | 000,298,873 | ---- | M] () -- C:\Users\milda\Desktop\daisy-wallpapers_733_1024.jpg
[2010.01.30 13:40:25 | 000,099,328 | ---- | M] () -- C:\Users\milda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.30 00:59:04 | 002,393,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.01.30 00:33:03 | 000,067,608 | ---- | M] () -- C:\Users\milda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.01.29 18:55:07 | 000,000,165 | ---- | M] () -- C:\Users\milda\AppData\Roaming\burnaware.ini
[2010.01.29 02:16:47 | 000,001,638 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2010.01.29 02:15:17 | 001,079,272 | ---- | M] () -- C:\Users\milda\Desktop\revosetup.exe
[2010.01.29 01:40:21 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.01.29 01:40:21 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.01.28 23:20:01 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

========== Files Created - No Company Name ==========

[2010.02.03 22:47:05 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010.02.03 22:47:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.02.03 22:47:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.02.03 22:47:05 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.02.03 22:47:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.02.03 22:44:07 | 003,845,286 | R--- | C] () -- C:\Users\milda\Desktop\ComboFix.exe
[2010.02.02 21:00:04 | 001,170,468 | ---- | C] () -- C:\Users\milda\Desktop\ALBUM_manual_CZ.pdf
[2010.01.31 19:58:51 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.01.30 17:17:48 | 000,203,597 | ---- | C] () -- C:\Users\milda\Desktop\063.jpg
[2010.01.30 15:42:33 | 000,298,873 | ---- | C] () -- C:\Users\milda\Desktop\daisy-wallpapers_733_1024.jpg
[2010.01.29 02:15:14 | 001,079,272 | ---- | C] () -- C:\Users\milda\Desktop\revosetup.exe
[2010.01.14 09:54:20 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2009.11.26 00:45:24 | 000,200,704 | ---- | C] () -- C:\Windows\TRNOET.DLL
[2009.11.26 00:45:24 | 000,045,056 | ---- | C] () -- C:\Windows\TRNOEH.DLL
[2009.11.26 00:43:59 | 000,002,753 | ---- | C] () -- C:\Windows\UN32P.INI
[2009.11.26 00:43:34 | 000,001,678 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2009.11.26 00:43:27 | 000,004,192 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2009.11.26 00:43:27 | 000,001,581 | ---- | C] () -- C:\Windows\WDICT32.INI
[2009.10.19 00:38:29 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.08.18 22:35:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.16 23:39:56 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.24 19:26:58 | 000,000,165 | ---- | C] () -- C:\Users\milda\AppData\Roaming\burnaware.ini
[2009.07.21 22:45:15 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2009.07.21 21:30:48 | 000,002,476 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2009.07.21 21:29:55 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2009.07.20 19:14:43 | 000,099,328 | ---- | C] () -- C:\Users\milda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.20 18:24:30 | 000,000,680 | ---- | C] () -- C:\Users\milda\AppData\Local\d3d9caps.dat
[2009.02.25 22:34:55 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009.10.23 19:36:52 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\123 Free Solitaire
[2009.11.18 03:02:20 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Aleo Software
[2009.10.19 00:49:49 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\DAEMON Tools Lite
[2009.10.19 00:38:14 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\DAEMON Tools Pro
[2010.01.24 00:42:52 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\FileZilla
[2009.12.04 22:46:11 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\ImgBurn
[2009.08.13 01:12:53 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\LANGMaster
[2009.08.22 08:21:31 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\langmaster.cz
[2010.01.28 22:10:55 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\LangSoft
[2009.07.29 00:08:58 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\LG Electronics
[2009.11.05 01:12:50 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Nvu
[2010.01.27 13:37:11 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Opera
[2009.12.08 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\PLANStudio Setup
[2009.11.21 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Softplicity
[2009.07.20 20:47:48 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\Thunderbird
[2010.02.02 02:46:38 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\uTorrent
[2009.12.25 03:43:37 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\WTouch
[2010.01.27 01:25:56 | 000,000,000 | ---D | M] -- C:\Users\milda\AppData\Roaming\XnView
[2010.02.04 18:10:06 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.02.04 17:22:26 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{60C3B1A9-D886-4CB7-BA8A-945FD3FC0BF3}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< %SYSTEMROOT%\system32\*.dll /lockedfiles >
[2009.03.08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %SYSTEMROOT%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E10E8F34
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:C8B8CEBD
< End of report >

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 19:49
od stell
spust OTL do okna customscan/fixes vloz zeleny text a klik RUNFIX>log po restarte vloz sem

Kód: Vybrat vše

:OTL
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E10E8F34
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:C8B8CEBD
commands
[purity]
[emptytemp]
[Reboot]

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 20:33
od milko
Snad je to ono.

All processes killed
========== OTL ==========
ADS C:\ProgramData\TEMP:E10E8F34 deleted successfully.
ADS C:\ProgramData\TEMP:C8B8CEBD deleted successfully.
File rity] not found.
File ptytemp] not found.
File boot] not found.

OTL by OldTimer - Version 3.1.27.1 log created on 02042010_201113

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 20:36
od stell
ok,ale nespravne si zkopiroval text,vynechal si zavorky,,tak ze este raz sprav script pre OTL,a log vloz sem,

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:05
od milko
Omlouvám se. Znamená to zopakovat poslední krok, nebo znovu provést scan?

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:08
od stell
posledny krok,staci len tot vlozit do okna,a log po restarte vloz sem.

Kód: Vybrat vše

:commands
[purity]
[emptytemp]
[Reboot]

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:15
od milko
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: milda
->Temp folder emptied: 27970 bytes
->Temporary Internet Files folder emptied: 37160 bytes
->FireFox cache emptied: 61944549 bytes
->Google Chrome cache emptied: 819568 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 60,00 mb


OTL by OldTimer - Version 3.1.27.1 log created on 02042010_211137

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:23
od stell
ok,spust OTL-klik Cleanup-yes,,yes,a napis ako sa chova pc,

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:54
od milko
Díky moc za pomoc. Vypadá to, zatím, že by mohl být problém vyřešen. Jednalo se o disk, který neustále pracoval a poslední dobou se párkrát stalo, že se počítač odmítl vypnout. Disk se zklidnil, už nechrochtá jak šílenej.

Re: Prosím o kontrolu logu

Napsal: 04 úno 2010 21:58
od stell
ok,este pre istoto preskanuj pc v nudzovom rezime Cureit

DrWeb-CureIt
stiahni ho na plochu a zatial nespustaj,,
Restart do nudzoveho rezimu>>2x>klik a spustis>klik >NO>ok>
ak vyskoci >>zelene okno>zatvoris>>v pravo hore krizikom,,
>.>>Tlacitkom Start spustis skener,[prebehne expres scan(Toto je krátke skenovanie súborov v súčasnosti bežíaci v pamäti, boot sektory, a cielené zložiek).]
Ak sa zobrazí výzva na prevzatie plnej verzii Free Trial, jednoducho ignorovať a kliknite na tlačidlo X zatvoríte okno.
Ak sa pri tomto kratkom scane najdu infikovane subory, klikni na
"Vyber vsetky" -> "Liecit" -> " Cure> Presunúť nevyliečiteľné. ".
budu v zlozke C: \ Documents and Settings \ userprofile \ DoctorWeb \ Quarantine v prípade, že sa nedá liečiť)
[*] Vo vrchnom menu klikni na "Volby" -> "Zmenit Nastavenia" a vyfajkni [zrus]>>Heuristicka analyza a Vyzva na akciu -> "OK">Pouzit<<. Vrat sa naspat do hlavneho menu, v nom zvol komplet scan a klikni na zelenu sipku naprvo pod logom Dr. Web.
[*] Ked bude scan hotovy, vo vrchnom menu klik na "File" a zvol "Uloz...". Uloz log na plochu a vloz ho sem. Nezabudni restartovat PC.[/list]
Reštartovať počítač, pretože je mozne že súbory bude presunutý / odstránený az pri reštarte.
Po reštarte, obsah protokolu z Dr.Web.cvs -otvor v poznamkovom bloku a vloz sem,
toto skenovanie môže trvať dlhší čas
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz