Nelze připojit USB disky, ikony disků v "Tento počítač" nelze taktéž otevřít (zobrazí se otevřít v...)
ve mwav jsem našel tyto dva řádky:
Objekt "Spyware.NetScreenWatch Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "RegSort Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by ZUZU at 2010-04-04 20:15:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 24 GB (28%) free of 85 GB
Total RAM: 1014 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:28, on 4.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\PersistenceThread.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Parental Control\bin\pcontrol.exe
C:\Program Files\Privoxy\privoxy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\DOCUME~1\ZUZU\LOCALS~1\Temp\mexe.com
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ZUZU\Plocha\RSIT.exe
C:\Program Files\trend micro\ZUZU.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Parental Control] "C:\Program Files\Parental Control\bin\pcontrol.exe" --start
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [EasyMode] "%ProgramFiles%\\ASUS\\Easy Mode\\Easy Mode.exe" --limitedUserImportRegister
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: SuperHybridEngine.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\policylsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\policylsp.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: privoxy - The Privoxy team - www.privoxy.org - C:\Program Files\Privoxy\privoxy.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
--
End of file - 9832 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-05-06 1145736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-05-06 1145736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-05-01 137752]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-05-01 354840]
"PersistenceThread"=C:\WINDOWS\system32\PersistenceThread.exe [2009-05-01 92696]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-11 17881600]
"Parental Control"=C:\Program Files\Parental Control\bin\pcontrol.exe [2009-03-21 1104384]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2009-06-01 712704]
"EasyMode"=C:\Program Files\\ASUS\\Easy Mode\\Easy Mode.exe [2009-03-18 1249280]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-06 1434920]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2009-06-04 696320]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-03-06 79144]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-05-13 396800]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-05-19 3417336]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\ZUZU\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31dc42a4-ab6b-11de-8e68-002243f4b350}]
shell\AutoRun\command - wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c8690f8-a861-11de-8e62-002243f4b350}]
shell\AutoRun\command - E:\start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60839566-fbad-11de-8ecb-002243f4b350}]
shell\AutoRun\command - E:\e9naq.exe
shell\open\command - E:\e9naq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5156e81-ebce-11de-8eb5-002243f4b350}]
shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de38147e-efdf-11de-8ebc-002243f4b350}]
shell\AutoRun\command - wd_windows_tools\setup.exe
======List of files/folders created in the last 1 months======
2010-04-04 20:15:43 ----D---- C:\Program Files\trend micro
2010-04-04 20:15:40 ----D---- C:\rsit
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\VDLL.DLL
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\rundll16.exe
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\logo1_.exe
2010-04-04 19:48:11 ----AD---- C:\WINDOWS\logo_1.exe
2010-04-04 19:45:29 ----D---- C:\WINDOWS\LastGood
2010-04-04 19:43:07 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-04-04 19:43:06 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-04-04 19:43:05 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-04-04 19:42:58 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-04-04 19:42:58 ----A---- C:\WINDOWS\system32\T.COM
2010-04-04 19:42:58 ----A---- C:\WINDOWS\R.COM
2010-04-04 19:42:57 ----A---- C:\WINDOWS\REGEDIT.COM
2010-04-04 19:42:55 ----D---- C:\Program Files\Common Files\MicroWorld
2010-04-04 19:42:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-04-04 19:29:19 ----D---- C:\Program Files\CCleaner
2010-04-04 15:14:46 ----A---- C:\WINDOWS\wininit.ini
2010-04-03 21:31:45 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-03 21:31:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-28 15:28:09 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-13 11:37:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 18:01:09 ----D---- C:\Program Files\Ask.com
2010-03-09 18:00:40 ----A---- C:\WINDOWS\system32\vbzlib1.dll
2010-03-09 18:00:34 ----D---- C:\Program Files\DsNET Corp
2010-03-09 17:55:06 ----A---- C:\Program Files\aTube_Catcher_Installer.exe
======List of files/folders modified in the last 1 months======
2010-04-04 20:15:48 ----D---- C:\WINDOWS\Prefetch
2010-04-04 20:15:43 ----RD---- C:\Program Files
2010-04-04 19:48:11 ----D---- C:\WINDOWS\system32
2010-04-04 19:48:11 ----D---- C:\WINDOWS
2010-04-04 19:46:17 ----HD---- C:\WINDOWS\inf
2010-04-04 19:45:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-04 19:42:55 ----D---- C:\Program Files\Common Files
2010-04-04 19:40:14 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-04 19:39:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-04 19:36:03 ----D---- C:\WINDOWS\Temp
2010-04-04 19:33:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-04 19:30:31 ----D---- C:\WINDOWS\Debug
2010-04-04 19:30:30 ----D---- C:\WINDOWS\Minidump
2010-04-02 17:45:10 ----D---- C:\Program Files\Internet Explorer
2010-04-02 17:18:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-02 17:18:34 ----D---- C:\WINDOWS\ie8updates
2010-04-02 17:17:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-18 21:17:30 ----SD---- C:\Documents and Settings\ZUZU\Data aplikací\Microsoft
2010-03-15 21:03:19 ----RD---- C:\Sjú
2010-03-13 11:37:44 ----D---- C:\Program Files\Movie Maker
2010-03-13 11:37:02 ----SHD---- C:\WINDOWS\Installer
2010-03-13 11:37:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-03-09 18:01:18 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 policyappblockservice;Parental Control Application Filter; \??\C:\Program Files\Parental Control\bin\policyappblock.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-03-27 1529600]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-12-30 534568]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-12-30 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-12-30 991656]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-12-30 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-12-30 47272]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 igd;igd; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-04-28 5096544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-12 5080064]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-05-18 233512]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-03-06 208304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;USB µř°T¸Ë¸m (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys [2008-11-19 39040]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-12-05 346720]
R2 privoxy;privoxy; C:\Program Files\Privoxy\privoxy.exe [2008-01-20 302080]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-05-19 107744]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Tadeáš Pařík
- Návštěvník
- Příspěvky: 6
- Registrován: 04 dub 2010 19:01
Re: Prosím o kontrolu logu
Ahoj,
tak přikládám první část:
z OTL.txt
z Extras.txt
za chvíli dodám druhou část z tvého návodu. Díky.
tak přikládám první část:
z OTL.txt
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
CREATERESTOREPOINT
Kód: Vybrat vše
OTL Extras logfile created on: 4.4.2010 20:39:54 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\ZUZU\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 014,00 Mb Total Physical Memory | 434,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82,82 Gb Total Space | 23,01 Gb Free Space | 27,78% Space Free | Partition Type: NTFS
Drive D: | 61,29 Gb Total Space | 45,79 Gb Free Space | 74,72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-63AUZLVLBE0MT
Current User Name: ZUZU
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-4135120035-2349672402-931036094-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2651A51A-4EA2-4DF6-9F0D-43DDA7D2D6B1}" = ebi.BookReader3J
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Software Bluetooth WIDCOMM
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9601039B-E012-42DA-9EF1-42E914734E1A}" = Windows Live Zabezpečení rodiny
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D806E63B-0C11-4061-8DA9-1E980FB9A9EB}" = Data Sync
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DE168D-39C0-4378-BD45-C7D150DC5D0E}" = Easy Mode
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS VIBE" = ASUS VIBE
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Eee Docking_is1" = Eee Docking 1.3.2.0
"Eee Storage" = Eee Storage
"EeePC1101ScreenSaverv016" = EeePC1101ScreenSaverv016
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"LPCO" = Intel(R) Graphics Media Accelerator 500
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Parental Control" = Parental Control
"Privoxy" = Privoxy (remove only)
"rajče.net_is1" = rajče beta54 sestavení 124
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 18.12.2009 6:15:19 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 20.12.2009 17:04:49 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 22.12.2009 6:22:23 | Computer Name = N-63AUZLVLBE0MT | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6504.5000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 22.12.2009 12:06:23 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 29.12.2009 14:44:06 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 12.1.2010 18:26:41 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 13.1.2010 15:56:55 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 14.1.2010 9:53:05 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 15.1.2010 8:11:42 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
Error - 20.1.2010 17:32:10 | Computer Name = N-63AUZLVLBE0MT | Source = Application Error | ID = 1000
Description = Chybující aplikace liveupdate.exe, verze 0.0.0.0, chybující modul
liveupdate.exe, verze 0.0.0.0, adresa chyby 0x000085ac.
[ System Events ]
Error - 28.3.2010 11:37:33 | Computer Name = N-63AUZLVLBE0MT | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.
Error - 31.3.2010 11:08:13 | Computer Name = N-63AUZLVLBE0MT | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 31.3.2010 11:08:13 | Computer Name = N-63AUZLVLBE0MT | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 31.3.2010 11:08:14 | Computer Name = N-63AUZLVLBE0MT | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 31.3.2010 11:08:14 | Computer Name = N-63AUZLVLBE0MT | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 3.4.2010 13:27:09 | Computer Name = N-63AUZLVLBE0MT | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.2.104 pro síťovou kartu s adresou 0025D348313B
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 4.4.2010 14:34:27 | Computer Name = N-63AUZLVLBE0MT | Source = Service Control Manager | ID = 7031
Description = Služba privoxy byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error - 4.4.2010 14:34:28 | Computer Name = N-63AUZLVLBE0MT | Source = Service Control Manager | ID = 7034
Description = Služba SeaPort byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 4.4.2010 14:34:28 | Computer Name = N-63AUZLVLBE0MT | Source = Service Control Manager | ID = 7034
Description = Služba SRS Volume Sync Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 4.4.2010 14:34:29 | Computer Name = N-63AUZLVLBE0MT | Source = Service Control Manager | ID = 7031
Description = Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
< End of report >
-
Tadeáš Pařík
- Návštěvník
- Příspěvky: 6
- Registrován: 04 dub 2010 19:01
Re: Prosím o kontrolu logu
Ahoj,
tak druhá část, omlouvám se, chybu tam nemáš, jen já to špatně pojmenoval, ten první výstup je Scan.txt. Tady je zbytek + zip
tak druhá část, omlouvám se, chybu tam nemáš, jen já to špatně pojmenoval, ten první výstup je Scan.txt. Tady je zbytek + zip
Kód: Vybrat vše
OTL logfile created on: 4.4.2010 20:59:00 - Run 2
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\ZUZU\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 014,00 Mb Total Physical Memory | 393,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82,82 Gb Total Space | 23,01 Gb Free Space | 27,78% Space Free | Partition Type: NTFS
Drive D: | 61,29 Gb Total Space | 45,79 Gb Free Space | 74,72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: N-63AUZLVLBE0MT
Current User Name: ZUZU
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.04.04 20:32:52 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTL.exe
PRC - [2010.04.04 20:32:39 | 000,257,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTH.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.01.20 19:06:08 | 000,302,080 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\Privoxy\privoxy.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.04.04 20:32:52 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTL.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.05.19 18:29:58 | 000,107,744 | ---- | M] (SRS Labs, Inc.) [Auto | Stopped] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.02.06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.01.20 19:06:08 | 000,302,080 | ---- | M] (The Privoxy team - www.privoxy.org) [Auto | Running] -- C:\Program Files\Privoxy\privoxy.exe -- (privoxy)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.05.18 10:27:10 | 000,233,512 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.05.12 17:18:54 | 005,080,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.28 05:44:18 | 005,096,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (igd)
DRV - [2009.03.27 16:43:42 | 001,529,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009.03.06 22:58:44 | 000,208,304 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.03.02 07:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009.02.06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.02.02 22:22:44 | 000,005,120 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Parental Control\bin\policyappblock.sys -- (policyappblockservice)
DRV - [2008.12.30 10:53:54 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.12.30 10:53:54 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.12.30 10:53:52 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.12.30 10:53:52 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.12.30 10:53:50 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.11.19 03:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.cz"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.09 18:01:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.10.25 13:59:06 | 000,000,000 | ---D | M]
[2009.10.25 14:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla\Extensions
[2010.03.09 18:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\extensions
[2009.10.25 14:05:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.09 18:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\extensions\toolbar@ask.com
[2009.05.06 19:10:14 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\searchplugins\askcom.xml
[2009.10.25 13:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.24 21:07:44 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.08.24 21:07:44 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.08.24 21:07:44 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.08.24 21:07:44 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.08.24 21:07:44 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.03 21:53:23 | 000,385,903 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13312 more lines...
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [EasyMode] C:\Program Files\ASUS\Easy Mode\Easy Mode.exe ()
O4 - HKLM..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe ()
O4 - HKLM..\Run: [Parental Control] C:\Program Files\Parental Control\bin\pcontrol.exe ()
O4 - HKLM..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005..\Run: [SRS Premium Sound] C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe (SRS Labs, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\ZUZU\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4135120035-2349672402-931036094-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\PolicyLSP.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\PolicyLSP.dll ()
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ZUZU\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ZUZU\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.16 16:28:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.01.09 22:39:49 | 000,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.01.09 22:40:52 | 000,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{31dc42a4-ab6b-11de-8e68-002243f4b350}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\{4c8690f8-a861-11de-8e62-002243f4b350}\Shell - "" = AutoRun
O33 - MountPoints2\{4c8690f8-a861-11de-8e62-002243f4b350}\Shell\AutoRun\command - "" = E:\start.exe -- File not found
O33 - MountPoints2\{60839566-fbad-11de-8ecb-002243f4b350}\Shell\AutoRun\command - "" = E:\e9naq.exe -- File not found
O33 - MountPoints2\{60839566-fbad-11de-8ecb-002243f4b350}\Shell\open\Command - "" = E:\e9naq.exe -- File not found
O33 - MountPoints2\{c5156e81-ebce-11de-8eb5-002243f4b350}\Shell - "" = AutoRun
O33 - MountPoints2\{c5156e81-ebce-11de-8eb5-002243f4b350}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{de38147e-efdf-11de-8ebc-002243f4b350}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.06.16 16:27:29 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
[2010.04.04 20:32:50 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTL.exe
[2010.04.04 20:32:38 | 000,257,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTH.exe
[2010.04.04 20:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.04 20:15:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.04.04 19:48:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.04.04 19:45:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.04.04 19:43:07 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.04.04 19:43:06 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.04.04 19:43:05 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.04.04 19:42:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.04.04 19:42:58 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2010.04.04 19:42:58 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.04.04 19:42:57 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2010.04.04 19:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.04.04 19:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.04.04 19:30:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ZUZU\Recent
[2010.04.04 19:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.03 21:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.04.03 21:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.03.09 17:55:06 | 007,771,349 | ---- | C] (DsNET Corp ) -- C:\Program Files\aTube_Catcher_Installer.exe
[2009.12.08 14:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.28 18:49:24 | 001,322,817 | ---- | C] (rajče.net ) -- C:\Program Files\rajce_beta54-124.exe
[2009.09.26 11:40:12 | 016,749,784 | ---- | C] (Macrovision Corporation) -- C:\Program Files\install_centrum_cz_icq65.exe
[2009.09.26 11:19:27 | 010,050,902 | ---- | C] (http://www.codecpack.com) -- C:\Program Files\Codecs6030_allin1.exe
[2009.06.16 16:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.06.16 16:28:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.06.16 16:28:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
[2010.04.04 20:32:52 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTL.exe
[2010.04.04 20:32:39 | 000,257,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ZUZU\Plocha\OTH.exe
[2010.04.04 20:14:24 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\RSIT.exe
[2010.04.04 20:08:49 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\Microsoft Office Word 2007 (2).lnk
[2010.04.04 20:08:24 | 009,961,472 | -H-- | M] () -- C:\Documents and Settings\ZUZU\NTUSER.DAT
[2010.04.04 20:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.04.04 19:48:10 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.04.04 19:46:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.04 19:43:06 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.04.04 19:43:05 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.04.04 19:43:04 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.04.04 19:41:46 | 068,866,904 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\mwav.exe
[2010.04.04 19:39:24 | 001,020,148 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.04 19:39:24 | 000,433,004 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.04 19:39:24 | 000,429,594 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.04 19:39:24 | 000,078,598 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.04 19:39:24 | 000,067,960 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.04 19:34:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.04 19:33:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.04 19:32:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ZUZU\ntuser.ini
[2010.04.04 19:29:25 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\CCleaner.lnk
[2010.04.04 15:14:46 | 000,000,095 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.04.03 21:53:23 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.04.03 21:32:16 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\Spybot - Search & Destroy.lnk
[2010.04.03 20:46:17 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.03.30 22:55:06 | 000,017,608 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\1600367-Spanish_flag-Spain.jpg
[2010.03.30 22:52:27 | 000,015,452 | ---- | M] () -- C:\Documents and Settings\ZUZU\Plocha\00d844e0c8c18f2d781eb330737a4919.gif
[2010.03.29 17:00:11 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Výběr prohlížeče.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.04.04 20:14:23 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\RSIT.exe
[2010.04.04 19:43:42 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.04.04 19:43:05 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.04.04 19:41:37 | 068,866,904 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\mwav.exe
[2010.04.04 19:29:25 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\CCleaner.lnk
[2010.04.04 15:14:46 | 000,000,095 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.04.03 21:32:16 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\Spybot - Search & Destroy.lnk
[2010.03.30 22:55:12 | 000,017,608 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\1600367-Spanish_flag-Spain.jpg
[2010.03.30 22:52:43 | 000,015,452 | ---- | C] () -- C:\Documents and Settings\ZUZU\Plocha\00d844e0c8c18f2d781eb330737a4919.gif
[2010.03.29 17:00:11 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Výběr prohlížeče.lnk
[2010.03.09 18:00:40 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2010.01.14 15:54:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2009.11.18 13:34:43 | 001,371,185 | ---- | C] () -- C:\Program Files\wrar380cz.exe
[2009.10.25 11:45:45 | 002,897,821 | ---- | C] () -- C:\Program Files\bsplayer137.826.exe
[2009.10.14 12:46:32 | 005,631,288 | ---- | C] () -- C:\Program Files\flashget20en.exe
[2009.09.28 13:14:25 | 000,134,656 | ---- | C] () -- C:\Documents and Settings\ZUZU\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.23 22:45:50 | 009,961,472 | -H-- | C] () -- C:\Documents and Settings\ZUZU\NTUSER.DAT
[2009.09.23 22:45:50 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\ZUZU\ntuser.dat.LOG
[2009.09.23 22:45:50 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\ZUZU\ntuser.ini
[2009.09.23 22:45:02 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009.09.23 22:45:02 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2009.06.16 20:51:35 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2009.06.16 20:51:35 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2009.06.16 20:32:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009.06.16 20:20:03 | 000,233,512 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009.06.16 18:10:00 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009.06.16 17:47:43 | 000,004,343 | ---- | C] () -- C:\WINDOWS\System32\lpgun.ini
[2009.03.05 21:04:50 | 000,479,744 | ---- | C] () -- C:\WINDOWS\System32\PolicyLSP.dll
[2008.12.05 09:07:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.02.17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[color=#E56717]========== LOP Check ==========[/color]
[2009.12.08 21:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EBI
[2009.09.26 11:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.04 19:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.08 21:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RSMR
[2009.06.16 17:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Wireless LAN Card
[2009.06.16 20:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\ASUS
[2009.12.08 21:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\ASUS
[2009.10.26 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\BITS
[2009.09.26 12:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\BSplayer Pro
[2010.01.19 19:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\ICQ
[2010.04.04 20:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Eee Docking" = C:\Program Files\ASUS\Eee Docking\Eee Docking.exe -- [2009.05.13 11:24:06 | 000,396,800 | ---- | M] ()
"SRS Premium Sound" = "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme -- [2009.05.19 18:30:00 | 003,417,336 | ---- | M] (SRS Labs, Inc.)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
[color=#A23BEC]< c:\windows\*.* /U >[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2009.10.04 22:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Adobe
[2009.12.08 21:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\ASUS
[2009.10.26 22:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\BITS
[2009.09.26 12:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\BSplayer Pro
[2009.10.25 14:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\GRETECH
[2010.01.19 19:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\ICQ
[2009.06.16 16:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Identities
[2009.06.16 17:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\InstallShield
[2009.06.16 20:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Macromedia
[2010.03.18 21:17:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Microsoft
[2009.10.25 14:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Mozilla
[2010.01.14 21:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\Skype
[2010.01.14 17:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\skypePM
[2009.12.21 14:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\U3
[2009.11.18 13:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ZUZU\Data aplikací\WinRAR
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2009.12.08 21:28:02 | 016,103,986 | ---- | M] () -- C:\Documents and Settings\ZUZU\Data aplikací\ASUS\ASUS Vibe\ASUSVibeSetup.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\ZUZU\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\ZUZU\Data aplikací\U3\temp\Launchpad Removal.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CRYPTSVC.DLL >[/color]
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
[color=#A23BEC]< MD5 for: HAL.DLL >[/color]
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
[color=#A23BEC]< MD5 for: CHANGER.SYS >[/color]
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:Changer.sys
[color=#A23BEC]< MD5 for: LSASS.EXE >[/color]
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE
[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2009.06.16 18:16:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.06.16 18:16:57 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.06.16 18:16:57 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
[color=#A23BEC]< >[/color]
< End of report >
- Přílohy
-
- Extras.zip
- (7.24 KiB) Staženo 28 x
-
Tadeáš Pařík
- Návštěvník
- Příspěvky: 6
- Registrován: 04 dub 2010 19:01
Re: Prosím o kontrolu logu
Ty programy neznám, protože se nejedná o mé PC, já už několik let úspěšně funguji pod Linuxem, takže tohle je pro mě zdravý návrat pod WIN 
Ale myslím, že nebude problém je odinstalovat.
Tady je výpis:
ComboFix 10-04-03.02 - ZUZU 04.04.2010 21:50:00.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.361 [GMT 2:00]
Spuštěný z: c:\documents and settings\ZUZU\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100404-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose - 2009.10.26 19.51.01.log
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction - 2009.10.26 19.51.01.log
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\recycler\S-1-5-21-1491410888-2764873538-3129718923-1003
c:\windows\AppPatch\AcAdProc.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
c:\windows\system32\Thumbs.db
c:\windows\system32\vbzlib1.dll
D:\autorun.inf
Nakažená kopie c:\windows\system32\kernel32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-04 do 2010-04-04 )))))))))))))))))))))))))))))))
.
2010-04-04 18:15 . 2010-04-04 18:16 -------- d-----w- c:\program files\trend micro
2010-04-04 18:15 . 2010-04-04 18:16 -------- d-----w- C:\rsit
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\VDLL.DLL
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\system32\runouce.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\rundll16.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\logo1_.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\logo_1.exe
2010-04-04 17:43 . 2010-04-04 17:43 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-04-04 17:43 . 2010-04-04 17:43 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-04-04 17:43 . 2010-04-04 17:43 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-04-04 17:42 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-04-04 17:42 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-04-04 17:42 . 2010-04-04 17:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-04-04 17:29 . 2010-04-04 17:29 -------- d-----w- c:\program files\CCleaner
2010-04-03 19:31 . 2010-04-04 13:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-28 13:28 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-09 16:01 . 2010-03-09 16:01 -------- d-----w- c:\program files\Ask.com
2010-03-09 16:00 . 2010-03-09 16:00 -------- d-----w- c:\program files\DsNET Corp
2010-03-09 15:55 . 2010-03-09 15:55 7771349 ----a-w- c:\program files\aTube_Catcher_Installer.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-04 19:21 . 2009-06-16 16:09 78598 ----a-w- c:\windows\system32\perfc005.dat
2010-04-04 19:21 . 2009-06-16 16:09 429594 ----a-w- c:\windows\system32\perfh005.dat
2010-02-25 06:18 . 2009-06-16 16:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-18 11:34 . 2009-11-18 11:34 1371185 ----a-w- c:\program files\wrar380cz.exe
2009-10-25 09:45 . 2009-10-25 09:45 2897821 ----a-w- c:\program files\bsplayer137.826.exe
2009-10-14 10:46 . 2009-10-14 10:46 5631288 ----a-w- c:\program files\flashget20en.exe
2009-09-28 16:49 . 2009-09-28 16:49 1322817 ----a-w- c:\program files\rajce_beta54-124.exe
2009-09-26 09:40 . 2009-09-26 09:40 16749784 ----a-w- c:\program files\install_centrum_cz_icq65.exe
2009-09-26 09:19 . 2009-09-26 09:19 10050902 ----a-w- c:\program files\Codecs6030_allin1.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-05-06 17:11 1145736 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-05-13 396800]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600]
"Parental Control"="c:\program files\Parental Control\bin\pcontrol.exe" [2009-03-20 1104384]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2009-06-01 712704]
"EasyMode"="c:\program files\\ASUS\\Easy Mode\\Easy Mode.exe" [2009-03-18 1249280]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-06-04 696320]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\ZUZU\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-6-16 376832]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-5 604776]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-02-06 16:53 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [23.9.2009 17:05 114768]
R1 policyappblockservice;Parental Control Application Filter;c:\program files\Parental Control\bin\policyappblock.sys [2.2.2009 22:22 5120]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.9.2009 17:05 20560]
R2 privoxy;privoxy;c:\program files\Privoxy\privoxy.exe --service --> c:\program files\Privoxy\privoxy.exe --service [?]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [19.5.2009 18:29 107744]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [16.6.2009 17:47 5096544]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [4.6.2009 3:54 38912]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [16.6.2009 20:20 233512]
R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [4.6.2009 3:54 39040]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.6.2009 17:48 1684736]
.
Obsah adresáře 'Naplánované úlohy'
2010-04-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-05-06 17:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\PolicyLSP.dll
FF - ProfilePath - c:\documents and settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-04 22:00
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3636)
c:\program files\ASUS\Eee Storage\XPClient.dll
c:\program files\ASUS\Eee Storage\LogicNP.EZShellExtensions.dll
c:\program files\ASUS\Eee Storage\EcaremeDLL.dll
c:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3390.31024__0d0f4b69e50e559b\SqliteShared.dll
c:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Privoxy\privoxy.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxext.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-04-04 22:04:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-04 20:04
Před spuštěním: Volných bajtů: 24 582 619 136
Po spuštění: Volných bajtů: 24 862 695 424
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 270BFAE1E13A53E295B4188D7179D3E4
Ale myslím, že nebude problém je odinstalovat.Tady je výpis:
ComboFix 10-04-03.02 - ZUZU 04.04.2010 21:50:00.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.361 [GMT 2:00]
Spuštěný z: c:\documents and settings\ZUZU\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100404-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose - 2009.10.26 19.51.01.log
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction - 2009.10.26 19.51.01.log
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\recycler\S-1-5-21-1491410888-2764873538-3129718923-1003
c:\windows\AppPatch\AcAdProc.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
c:\windows\system32\Thumbs.db
c:\windows\system32\vbzlib1.dll
D:\autorun.inf
Nakažená kopie c:\windows\system32\kernel32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-04 do 2010-04-04 )))))))))))))))))))))))))))))))
.
2010-04-04 18:15 . 2010-04-04 18:16 -------- d-----w- c:\program files\trend micro
2010-04-04 18:15 . 2010-04-04 18:16 -------- d-----w- C:\rsit
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\VDLL.DLL
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\system32\runouce.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\rundll16.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\logo1_.exe
2010-04-04 17:48 . 2010-04-04 17:48 -------- d---a-w- c:\windows\logo_1.exe
2010-04-04 17:43 . 2010-04-04 17:43 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-04-04 17:43 . 2010-04-04 17:43 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-04-04 17:43 . 2010-04-04 17:43 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-04-04 17:42 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-04-04 17:42 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-04-04 17:42 . 2010-04-04 17:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-04-04 17:29 . 2010-04-04 17:29 -------- d-----w- c:\program files\CCleaner
2010-04-03 19:31 . 2010-04-04 13:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-28 13:28 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-09 16:01 . 2010-03-09 16:01 -------- d-----w- c:\program files\Ask.com
2010-03-09 16:00 . 2010-03-09 16:00 -------- d-----w- c:\program files\DsNET Corp
2010-03-09 15:55 . 2010-03-09 15:55 7771349 ----a-w- c:\program files\aTube_Catcher_Installer.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-04 19:21 . 2009-06-16 16:09 78598 ----a-w- c:\windows\system32\perfc005.dat
2010-04-04 19:21 . 2009-06-16 16:09 429594 ----a-w- c:\windows\system32\perfh005.dat
2010-02-25 06:18 . 2009-06-16 16:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-18 11:34 . 2009-11-18 11:34 1371185 ----a-w- c:\program files\wrar380cz.exe
2009-10-25 09:45 . 2009-10-25 09:45 2897821 ----a-w- c:\program files\bsplayer137.826.exe
2009-10-14 10:46 . 2009-10-14 10:46 5631288 ----a-w- c:\program files\flashget20en.exe
2009-09-28 16:49 . 2009-09-28 16:49 1322817 ----a-w- c:\program files\rajce_beta54-124.exe
2009-09-26 09:40 . 2009-09-26 09:40 16749784 ----a-w- c:\program files\install_centrum_cz_icq65.exe
2009-09-26 09:19 . 2009-09-26 09:19 10050902 ----a-w- c:\program files\Codecs6030_allin1.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-05-06 17:11 1145736 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2008-07-25 09:16 282112 ----a-w- c:\windows\system32\mscoree.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-05-13 396800]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-05-19 3417336]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-01 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-01 354840]
"PersistenceThread"="c:\windows\system32\PersistenceThread.exe" [2009-05-01 92696]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-11 17881600]
"Parental Control"="c:\program files\Parental Control\bin\pcontrol.exe" [2009-03-20 1104384]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2009-06-01 712704]
"EasyMode"="c:\program files\\ASUS\\Easy Mode\\Easy Mode.exe" [2009-03-18 1249280]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-06-04 696320]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\ZUZU\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-6-16 376832]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-5 604776]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-02-06 16:53 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [23.9.2009 17:05 114768]
R1 policyappblockservice;Parental Control Application Filter;c:\program files\Parental Control\bin\policyappblock.sys [2.2.2009 22:22 5120]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.9.2009 17:05 20560]
R2 privoxy;privoxy;c:\program files\Privoxy\privoxy.exe --service --> c:\program files\Privoxy\privoxy.exe --service [?]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [19.5.2009 18:29 107744]
R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [16.6.2009 17:47 5096544]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [4.6.2009 3:54 38912]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [16.6.2009 20:20 233512]
R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [4.6.2009 3:54 39040]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.6.2009 17:48 1684736]
.
Obsah adresáře 'Naplánované úlohy'
2010-04-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-05-06 17:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\PolicyLSP.dll
FF - ProfilePath - c:\documents and settings\ZUZU\Data aplikací\Mozilla\Firefox\Profiles\tvdlz53z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-04 22:00
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3636)
c:\program files\ASUS\Eee Storage\XPClient.dll
c:\program files\ASUS\Eee Storage\LogicNP.EZShellExtensions.dll
c:\program files\ASUS\Eee Storage\EcaremeDLL.dll
c:\windows\assembly\GAC_MSIL\SqliteShared\1.0.3390.31024__0d0f4b69e50e559b\SqliteShared.dll
c:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Privoxy\privoxy.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxext.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-04-04 22:04:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-04 20:04
Před spuštěním: Volných bajtů: 24 582 619 136
Po spuštění: Volných bajtů: 24 862 695 424
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 270BFAE1E13A53E295B4188D7179D3E4
-
Tadeáš Pařík
- Návštěvník
- Příspěvky: 6
- Registrován: 04 dub 2010 19:01
Re: Prosím o kontrolu logu
Tak doplním, že oba zmíněné programy jsem právě odinstaloval.
-
Tadeáš Pařík
- Návštěvník
- Příspěvky: 6
- Registrován: 04 dub 2010 19:01
Re: Prosím o kontrolu logu
Děkuji, problém vyřešen. Upload provedu, link zašlu. Ještě jednou díky.
Přispějete na provoz fóra?