Nefunguje Google Chrome

Zpráva

John10 · #1 Příspěvek od **John10** » 04 čer 2010 13:35

Zdravím.
Nějak mi nefunguje Google Chrome. Spustím ho, naběhne, ale stránka je jen bílá, když zadám nějaký odkaz, tak se nic neděje. Když otevřu historii, tak to vypadá stejně. Zkoušel jsem reinstal Chromu, CCleaner...nic nepomohlo...
Ještě včera to fungovalo...

Všechny ostatní prohlížeče fungujou (Firefox, Opera, IE, Safari)

Logfile of random's system information tool 1.06 (written by random/random)
Run by Comp at 2010-06-04 14:29:00
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (41%) free of 148 GB
Total RAM: 1023 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:16, on 4.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ASMBB\win32\waudit.exe
C:\WINDOWS\ASMBB\win32\wauditu.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Safari\Safari.exe
C:\Documents and Settings\Komjútr\Desktop\Utility\RSIT.exe
C:\Program Files\trend micro\Comp.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comfor.cz
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} (EAFO3AXLauncher Control) - http://fifa-online.easports.com/fo3-the ... uncher.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8483821031
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.53.0.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: waudit - ASM Software LLC - C:\WINDOWS\ASMBB\win32\waudit.exe

--
End of file - 7774 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOMP-Comp.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-12-07 720896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-26 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-26 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-27 85160]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\smax4.exe [2005-09-07 716800]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-09-29 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series]
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2006-03-16 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-05-20 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\EA Sports\FIFA 10\FIFA10.exe"="C:\Program Files\EA Sports\FIFA 10\FIFA10.exe:*:Enabled:FIFA10"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Opera\opera.exe"="E:\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-06-04 14:28:04 ----D---- C:\Documents and Settings\Komjútr\Application Data\Apple Computer
2010-06-04 14:27:40 ----D---- C:\Program Files\Safari
2010-06-04 14:27:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-06-04 13:19:40 ----D---- C:\Program Files\Yamicsoft
2010-06-03 20:42:29 ----D---- C:\Documents and Settings\Komjútr\Application Data\Unity
2010-06-03 14:25:20 ----D---- C:\Fraps
2010-06-02 18:50:39 ----D---- C:\Documents and Settings\Komjútr\Application Data\GlarySoft
2010-06-02 18:46:34 ----D---- C:\Program Files\Glary Utilities
2010-06-02 16:11:48 ----D---- C:\Program Files\LopeSoft
2010-06-02 15:49:03 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-05-31 20:44:03 ----A---- C:\debugfile.txt
2010-05-31 20:43:19 ----D---- C:\Documents and Settings\All Users\Application Data\NovaTech Network
2010-05-31 20:38:17 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-05-31 20:38:06 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-05-31 20:37:40 ----D---- C:\Program Files\NovaTech Network
2010-05-26 21:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-23 13:42:06 ----A---- C:\WINDOWS\system32\rmc_rtspdl.dll
2010-05-23 13:42:06 ----A---- C:\WINDOWS\system32\rmc_fixasf.exe
2010-05-23 13:41:39 ----D---- C:\WINDOWS\Replay Media Catcher
2010-05-23 13:41:39 ----D---- C:\Program Files\Replay Media Catcher
2010-05-22 18:48:53 ----D---- C:\Program Files\HD Tune
2010-05-22 13:06:15 ----D---- C:\Documents and Settings\Komjútr\Application Data\VitySoft
2010-05-21 06:03:55 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-05-20 20:32:36 ----D---- C:\Documents and Settings\Komjútr\Application Data\BinarySense
2010-05-20 20:32:09 ----D---- C:\Program Files\Common Files\BinarySense
2010-05-20 17:22:55 ----A---- C:\WINDOWS\libem.INI
2010-05-20 17:22:41 ----D---- C:\Documents and Settings\Komjútr\Application Data\FlashGet
2010-05-20 17:22:29 ----D---- C:\Documents and Settings\Komjútr\Application Data\BITS
2010-05-20 17:22:23 ----D---- C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO
2010-05-20 17:22:21 ----D---- C:\Program Files\FlashGet Network
2010-05-20 06:28:43 ----D---- C:\Documents and Settings\Komjútr\Application Data\Spyware Terminator
2010-05-20 06:28:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-05-20 06:28:38 ----D---- C:\Program Files\Spyware Terminator
2010-05-16 14:18:57 ----D---- C:\Program Files\Defraggler
2010-05-15 23:17:13 ----D---- C:\Program Files\Microsoft Help Viewer
2010-05-15 23:17:12 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2010-05-15 23:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958655-v2$
2010-05-15 23:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-05-13 15:24:55 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-05-13 06:10:49 ----D---- C:\Program Files\Steam
2010-05-12 06:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-11 14:41:26 ----A---- C:\Translations.txt
2010-05-11 14:36:14 ----D---- C:\huf
2010-05-11 14:25:14 ----D---- C:\WINDOWS\Downloaded Installations
2010-05-11 06:33:32 ----D---- C:\Documents and Settings\All Users\Application Data\Martau
2010-05-11 06:33:24 ----D---- C:\Program Files\Total Uninstall 5
2010-05-08 16:15:03 ----D---- C:\WINDOWS\MATS
2010-05-08 16:14:58 ----D---- C:\Program Files\Microsoft Fix it Center
2010-05-08 16:14:30 ----D---- C:\Documents and Settings\Komjútr\Application Data\Souptoys
2010-05-08 16:14:30 ----D---- C:\Documents and Settings\All Users\Application Data\Souptoys
2010-05-08 16:14:11 ----D---- C:\Program Files\Souptoys
2010-05-08 16:14:01 ----D---- C:\WINDOWS\system32\windowspowershell
2010-05-08 16:13:41 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2010-05-08 12:41:03 ----D---- C:\WINDOWS\ASMBB
2010-05-05 07:04:59 ----D---- C:\WINDOWS\pss

======List of files/folders modified in the last 1 months======

2010-06-04 14:29:03 ----D---- C:\Program Files\trend micro
2010-06-04 14:28:16 ----D---- C:\WINDOWS\system32
2010-06-04 14:27:53 ----SHD---- C:\WINDOWS\Installer
2010-06-04 14:27:53 ----SHD---- C:\Config.Msi
2010-06-04 14:27:40 ----D---- C:\Program Files
2010-06-04 14:25:04 ----D---- C:\WINDOWS\Temp
2010-06-04 14:24:27 ----D---- C:\WINDOWS\Registration
2010-06-04 14:24:25 ----D---- C:\WINDOWS
2010-06-04 14:11:52 ----D---- C:\WINDOWS\system32\drivers
2010-06-04 13:53:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-04 13:43:42 ----SD---- C:\WINDOWS\Tasks
2010-06-04 13:26:31 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-04 13:19:48 ----SD---- C:\Documents and Settings\Komjútr\Application Data\Microsoft
2010-06-04 12:53:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-04 12:43:27 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-06-03 20:39:12 ----D---- C:\WINDOWS\Prefetch
2010-06-03 19:01:15 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-02 18:55:18 ----D---- C:\Program Files\Mozilla Firefox
2010-06-02 18:55:18 ----D---- C:\Program Files\Cheat Engine
2010-05-31 20:38:24 ----D---- C:\WINDOWS\system32\DirectX
2010-05-31 20:38:22 ----HD---- C:\WINDOWS\inf
2010-05-31 19:53:35 ----D---- C:\Shoty
2010-05-29 02:01:43 ----D---- C:\Documents and Settings\Komjútr\Application Data\Adobe
2010-05-29 02:01:24 ----D---- C:\Program Files\Adobe
2010-05-24 15:52:37 ----D---- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
2010-05-20 20:32:09 ----D---- C:\Program Files\Common Files
2010-05-16 12:36:54 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-16 12:36:52 ----RSD---- C:\WINDOWS\assembly
2010-05-16 12:03:28 ----D---- C:\WINDOWS\WinSxS
2010-05-15 23:30:52 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-05-15 23:30:50 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-05-15 23:20:37 ----D---- C:\Program Files\Microsoft SQL Server
2010-05-15 23:09:53 ----D---- C:\WINDOWS\system32\mui
2010-05-14 23:35:26 ----D---- C:\WINDOWS\system32\oodag
2010-05-13 15:24:54 ----D---- C:\Program Files\EA Sports
2010-05-13 15:23:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-05-12 17:12:54 ----D---- C:\WINDOWS\Debug
2010-05-12 06:08:25 ----D---- C:\Program Files\Outlook Express
2010-05-12 06:07:15 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-08 16:15:08 ----D---- C:\WINDOWS\AppPatch
2010-05-08 16:14:10 ----D---- C:\WINDOWS\system32\config
2010-05-07 23:16:38 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-05-06 22:59:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-05-05 14:55:46 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-05-06 99280]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-05-06 307280]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 FldSafe;FldSafe; C:\WINDOWS\system32\DRIVERS\FldSafe.sys [2010-03-20 10240]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 KHCAP;KHCap Packet Driver (KHCAP); C:\WINDOWS\system32\drivers\KHCAP.sys [2010-05-08 41216]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-14 83200]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-05-06 119200]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2006-06-29 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-26 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-05-24 311296]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-21 75064]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-05-20 488960]
R2 waudit;waudit; C:\WINDOWS\ASMBB\win32\waudit.exe [2010-05-08 1056768]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-13 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MatSvc;Microsoft Automated Troubleshooting Service; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 04 čer 2010 19:04

Ahoj,

jako byvalemu kolegovi z Novacku si dovolim ti tykat

Akorat navody na utility mam napsane ve vykani, tak se nediv

Z logu neni videt zadna havet, ale projedem to OTL, co nam ukaze...

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

John10 · #3 Příspěvek od **John10** » 04 čer 2010 21:29

OTL logfile created on: 4.6.2010 21:44:29 - Run 2
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Komjútr\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 460,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 1537 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,12 Gb Total Space | 59,56 Gb Free Space | 41,33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KOMP
Current User Name: Comp
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.04 21:42:50 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Komjútr\Desktop\OTL.exe
PRC - [2010.06.04 13:43:39 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.05.20 06:28:44 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.05.08 12:41:02 | 001,056,768 | ---- | M] (ASM Software LLC) -- C:\WINDOWS\ASMBB\win32\waudit.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.06 22:59:25 | 000,119,200 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010.04.28 13:45:50 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.04.10 01:11:44 | 000,210,888 | ---- | M] (ASM Software LLC) -- C:\WINDOWS\ASMBB\win32\wauditu.exe
PRC - [2009.05.27 00:31:29 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.10.09 12:28:56 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.10.09 12:22:58 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2005.09.07 16:35:36 | 000,716,800 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2005.05.20 10:11:06 | 000,925,696 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

========== Modules (SafeList) ==========

MOD - [2010.06.04 21:42:50 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Komjútr\Desktop\OTL.exe
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.05.20 06:28:44 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.05.08 12:41:02 | 001,056,768 | ---- | M] (ASM Software LLC) [Auto | Running] -- C:\WINDOWS\ASMBB\win32\waudit.exe -- (waudit)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.05.06 22:59:25 | 000,119,200 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2010.04.10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010.03.18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.03.13 15:02:44 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009.09.12 01:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Disabled | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2009.08.19 19:04:40 | 000,822,936 | ---- | M] (BinarySense, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\BinarySense\hldasvc.exe -- (HDDlife HDD Access service)
SRV - [2009.06.17 12:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
SRV - [2008.12.10 02:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)

========== Driver Services (SafeList) ==========

DRV - [2010.05.20 06:28:44 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.05.08 12:41:04 | 000,041,216 | ---- | M] (BlackSquare Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KHCAP.sys -- (KHCAP) KHCap Packet Driver (KHCAP)
DRV - [2010.05.06 22:41:30 | 000,099,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswFW.sys -- (aswFW)
DRV - [2010.05.06 22:41:12 | 000,307,280 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010.05.06 22:40:49 | 000,190,416 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.20 12:16:56 | 000,010,240 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\FldSafe.sys -- (FldSafe)
DRV - [2010.03.19 21:10:13 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.12.21 21:39:34 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2009.12.21 21:39:32 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.05.23 01:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008.04.13 20:39:47 | 000,023,040 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.08.28 18:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2007.04.03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2006.08.14 23:09:48 | 000,083,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2005.10.05 18:21:10 | 000,141,312 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005.08.11 14:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004.10.27 16:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.08.13 04:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comfor.cz

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comfor.cz

IE - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.1
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.20 17:22:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.06 14:20:12 | 000,000,000 | ---D | M]

[2010.03.13 02:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Extensions
[2010.06.03 13:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Firefox\Profiles\dc3l4ice.default\extensions
[2010.03.16 16:37:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Firefox\Profiles\dc3l4ice.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.22 15:57:24 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Firefox\Profiles\dc3l4ice.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010.03.13 03:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Firefox\Profiles\dc3l4ice.default\extensions\fastdial@telega.phpnet.us
[2010.03.13 03:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\mozilla\Firefox\Profiles\dc3l4ice.default\extensions\smartbookmarksbar@remy.juteau
[2010.04.04 16:09:07 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Mozilla\FireFox\Profiles\dc3l4ice.default\searchplugins\mywebsearch.xml
[2010.06.03 13:43:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.26 15:37:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.26 15:37:34 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.30 12:51:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [SoundMax] C:\Program Files\Analog Devices\SoundMAX\smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4105714786-3853599960-1806625717-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetAllUrl.htm ()
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-the ... uncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8483821031 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.53.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Komjútr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Komjútr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006.12.06 21:42:20 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (70945304882446336)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.04 21:42:50 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Komjútr\Desktop\OTL.exe
[2010.06.04 18:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.06.04 14:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\Apple Computer
[2010.06.04 14:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010.06.04 14:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.06.04 13:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google
[2010.06.04 13:41:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Komjútr\Recent
[2010.06.04 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2010.06.04 13:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\FixItCenter
[2010.06.03 21:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Desktop\100518-DAN-VA-Hard_Dance_Mania_19-2CD-2010-SiQ
[2010.06.03 20:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\Unity
[2010.06.03 20:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\Unity
[2010.06.03 14:25:20 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.06.02 18:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\GlarySoft
[2010.06.02 18:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010.06.02 16:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\LopeSoft
[2010.06.02 15:49:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010.05.31 20:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NovaTech Network
[2010.05.31 20:38:17 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.05.31 20:38:06 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.05.28 06:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Desktop\V.A. - Playoff - The Ultimate Ice Hockey Anthems
[2010.05.23 13:42:06 | 000,156,672 | ---- | C] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2010.05.23 13:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\My Documents\My Recordings
[2010.05.23 13:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\mdnslib
[2010.05.23 13:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\FLVService
[2010.05.23 13:41:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Replay Media Catcher
[2010.05.23 13:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Replay Media Catcher
[2010.05.22 19:03:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
[2010.05.22 18:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010.05.22 13:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\VitySoft
[2010.05.21 06:03:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.05.20 20:32:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\BinarySense
[2010.05.20 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BinarySense
[2010.05.20 17:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\FlashGet
[2010.05.20 17:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\BITS
[2010.05.20 17:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO
[2010.05.20 17:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2010.05.20 06:28:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\Spyware Terminator
[2010.05.20 06:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010.05.20 06:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.05.17 15:32:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\Temporary Projects
[2010.05.16 14:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010.05.15 23:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\My Documents\Visual Studio 2010
[2010.05.15 23:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2010.05.15 23:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010.05.15 13:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\My Documents\FIFA MANAGER 10 ONLINE
[2010.05.15 11:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Desktop\NetteFramework-1.0dev-PHP5.2
[2010.05.13 15:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\My Documents\EA SPORTS(TM) FIFA Online
[2010.05.13 06:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010.05.11 14:36:14 | 000,000,000 | ---D | C] -- C:\huf
[2010.05.11 14:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Desktop\Nová složka
[2010.05.11 14:25:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.05.11 06:33:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Martau
[2010.05.11 06:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2010.05.08 16:15:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2010.05.08 16:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010.05.08 16:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Komjútr\Application Data\Souptoys
[2010.05.08 16:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Souptoys
[2010.05.08 16:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Playsets
[2010.05.08 16:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Souptoys
[2010.05.08 16:14:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010.05.08 12:41:04 | 000,041,216 | ---- | C] (BlackSquare Software) -- C:\WINDOWS\System32\drivers\KHCAP.sys
[2010.05.08 12:41:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ASMBB

========== Files - Modified Within 30 Days ==========

[2010.06.04 21:48:01 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005UA.job
[2010.06.04 21:42:50 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Komjútr\Desktop\OTL.exe
[2010.06.04 18:11:13 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010.06.04 18:11:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.04 18:10:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.04 18:10:49 | 1072,943,104 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.04 18:10:44 | 000,317,921 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.06.04 18:01:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.04 17:07:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.04 17:03:20 | 000,006,096 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010.06.04 14:38:50 | 000,138,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.04 14:38:41 | 000,214,592 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.04 14:28:16 | 000,020,168 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.06.04 14:18:29 | 015,366,482 | ---- | M] () -- C:\WINDOWS\System32\OFG
[2010.06.04 13:48:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005Core.job
[2010.06.04 07:30:28 | 007,864,320 | ---- | M] () -- C:\Documents and Settings\Komjútr\ntuser.dat
[2010.06.04 07:30:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Komjútr\ntuser.ini
[2010.06.04 07:30:21 | 011,229,836 | -H-- | M] () -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\IconCache.db
[2010.06.03 22:33:09 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.02 15:38:53 | 000,237,962 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\royale_noir.rar
[2010.05.31 19:56:29 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Adobe PNG Format CS5 Prefs
[2010.05.29 02:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOMP-Comp.job
[2010.05.23 13:42:06 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010.05.23 13:42:06 | 000,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2010.05.22 22:42:55 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2010.05.22 22:42:55 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2010.05.22 21:20:33 | 2400,454,656 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\7600.16385.090713-1255_x86fre_enterprise_en-us_EVAL_Eval_Enterprise-GRMCENEVAL_EN_DVD.iso
[2010.05.22 19:03:03 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\Komjútr\Local Settings\Application Data\fusioncache.dat
[2010.05.21 14:58:02 | 000,487,660 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\Translations.csv_ostalo.zip
[2010.05.20 20:41:32 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010.05.20 20:40:14 | 000,000,598 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2010.05.20 17:22:55 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010.05.20 06:28:44 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.05.16 15:04:23 | 000,151,576 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\numbers.odp
[2010.05.16 15:04:20 | 000,160,252 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\subtlewaves.odp
[2010.05.15 23:29:53 | 015,373,660 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\SharpDevelop_3.2.0.5505_Setup.msi
[2010.05.15 23:10:49 | 000,000,165 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010.05.15 11:47:02 | 000,985,756 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\NetteFramework-1.0alpha-PHP5.2.zip
[2010.05.13 15:25:28 | 000,139,152 | ---- | M] () -- C:\Documents and Settings\Komjútr\Application Data\PnkBstrK.sys
[2010.05.13 15:24:55 | 000,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2010.05.08 21:48:21 | 000,171,223 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\flashdisk.c4d
[2010.05.08 17:42:54 | 000,014,842 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\Slunisko.jpg
[2010.05.08 17:42:38 | 000,022,058 | ---- | M] () -- C:\Documents and Settings\Komjútr\Desktop\Fotografie-0110.jpg
[2010.05.08 12:41:04 | 000,041,216 | ---- | M] (BlackSquare Software) -- C:\WINDOWS\System32\drivers\KHCAP.sys
[2010.05.07 12:56:24 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.05.06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.05.06 22:41:30 | 000,099,280 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2010.05.06 22:41:12 | 000,307,280 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2010.05.06 22:40:49 | 000,190,416 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.05.06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

========== Files Created - No Company Name ==========

[2010.06.04 17:03:19 | 000,006,096 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010.06.04 14:28:16 | 000,020,168 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.06.04 14:13:47 | 015,366,482 | ---- | C] () -- C:\WINDOWS\System32\OFG
[2010.06.04 13:43:42 | 000,001,034 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005UA.job
[2010.06.04 13:43:41 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4105714786-3853599960-1806625717-1005Core.job
[2010.06.02 18:46:39 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010.06.02 15:38:53 | 000,237,962 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\royale_noir.rar
[2010.05.24 14:42:59 | 000,445,255 | ---- | C] () -- C:\Documents and Settings\Komjútr\My Documents\DSC00090.JPG
[2010.05.23 13:42:06 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010.05.22 21:22:55 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2010.05.22 21:22:55 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2010.05.22 20:28:34 | 2400,454,656 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\7600.16385.090713-1255_x86fre_enterprise_en-us_EVAL_Eval_Enterprise-GRMCENEVAL_EN_DVD.iso
[2010.05.21 14:58:02 | 000,487,660 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\Translations.csv_ostalo.zip
[2010.05.20 20:41:32 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010.05.20 17:23:33 | 000,000,598 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2010.05.20 17:22:55 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010.05.20 06:28:44 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.05.16 15:04:23 | 000,151,576 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\numbers.odp
[2010.05.16 15:04:20 | 000,160,252 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\subtlewaves.odp
[2010.05.16 02:59:05 | 000,302,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4105714786-3853599960-1806625717-1005-0.dat
[2010.05.16 02:58:53 | 000,265,978 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010.05.15 23:10:49 | 000,000,165 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010.05.15 23:04:56 | 015,373,660 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\SharpDevelop_3.2.0.5505_Setup.msi
[2010.05.15 11:47:02 | 000,985,756 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\NetteFramework-1.0alpha-PHP5.2.zip
[2010.05.13 15:24:55 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010.05.08 19:46:03 | 000,022,058 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\Fotografie-0110.jpg
[2010.05.08 19:46:03 | 000,014,842 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\Slunisko.jpg
[2010.05.08 17:45:00 | 000,171,223 | ---- | C] () -- C:\Documents and Settings\Komjútr\Desktop\flashdisk.c4d
[2010.04.28 20:47:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.04.21 18:55:40 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.03.29 20:22:23 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.03.25 19:23:30 | 000,016,456 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.03.25 19:23:29 | 000,011,088 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2010.03.23 17:12:21 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.03.22 21:12:12 | 000,000,318 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2010.03.21 19:43:33 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.03.21 19:43:31 | 000,000,100 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010.03.21 19:43:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2010.03.21 19:42:39 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010.03.19 22:48:32 | 000,001,490 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010.03.19 17:05:04 | 000,000,029 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.03.13 14:35:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007.05.15 20:06:58 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.14 16:57:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.14 16:57:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.14 16:57:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.14 16:57:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.12.07 11:27:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.12.06 21:39:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouclass.sys
[2005.08.05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.08.13 04:56:20 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2001.01.12 11:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1980.01.01 02:00:00 | 000,000,844 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== LOP Check ==========

[2010.03.13 00:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.04.18 16:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.05.11 06:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2010.05.31 20:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaTech Network
[2010.05.24 15:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.05.08 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Souptoys
[2010.06.04 14:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010.05.28 14:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.04.01 13:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\AltrixSoft
[2010.05.20 20:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\BinarySense
[2010.05.20 20:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\BITS
[2010.03.25 17:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Charles
[2010.04.12 06:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Doit.im.2A4FBC65A8766CA36EFEAC67D621E1CEDF0FC84D.1
[2010.03.28 16:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\eBookPro6
[2010.05.20 17:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\FlashGet
[2010.05.20 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO
[2010.03.29 17:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\GHISLER
[2010.06.02 18:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\GlarySoft
[2010.03.13 03:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\IObit
[2010.03.13 16:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Leadertech
[2010.05.03 16:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\MAXON
[2010.03.22 20:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Miranda
[2010.03.15 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\OpenOffice.org
[2010.04.28 15:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Opera
[2010.05.08 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Souptoys
[2010.06.04 14:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Spyware Terminator
[2010.06.03 20:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Unity
[2010.05.22 13:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\VitySoft
[2010.06.04 18:11:13 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========

John10 · #4 Příspěvek od **John10** » 04 čer 2010 21:30

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.10.09 12:28:56 | 000,139,264 | ---- | M] (Nero AG)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Komjútr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2010.06.04 13:43:39 | 000,136,176 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.05.07 23:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.03.13 00:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.05.03 19:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.06.04 14:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2006.12.07 11:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010.04.18 16:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.03.27 17:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2010.03.19 18:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.11 06:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2010.06.04 18:19:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.05.15 23:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.04.01 11:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.04.01 11:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.05.31 20:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaTech Network
[2010.05.24 15:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.05.08 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Souptoys
[2010.06.04 14:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010.04.26 15:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.05.01 23:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.04.01 11:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.05.28 14:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.13 01:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2010.03.04 04:00:34 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
[2010.05.20 06:28:44 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe

< %APPDATA%\*. >
[2010.05.29 02:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Adobe
[2010.04.20 14:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Ahead
[2010.04.01 13:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\AltrixSoft
[2010.06.04 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Apple Computer
[2010.05.20 20:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\BinarySense
[2010.05.20 20:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\BITS
[2010.03.25 17:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Charles
[2006.12.07 11:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\CyberLink
[2010.04.12 06:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Doit.im.2A4FBC65A8766CA36EFEAC67D621E1CEDF0FC84D.1
[2010.03.28 16:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\eBookPro6
[2010.05.20 17:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\FlashGet
[2010.05.20 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO
[2010.03.29 17:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\GHISLER
[2010.06.02 18:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\GlarySoft
[2010.03.20 14:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Help
[2006.12.06 21:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Identities
[2010.03.13 03:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\IObit
[2010.03.13 16:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Leadertech
[2010.04.01 09:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Macromedia
[2010.03.19 18:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Malwarebytes
[2010.05.03 16:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\MAXON
[2010.06.04 13:19:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Komjútr\Application Data\Microsoft
[2010.03.22 20:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Miranda
[2010.03.13 02:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Mozilla
[2010.03.15 16:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\OpenOffice.org
[2010.04.28 15:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Opera
[2010.03.20 20:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\PSpad
[2010.05.08 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Souptoys
[2010.06.04 14:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Spyware Terminator
[2010.03.13 02:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Sun
[2010.06.03 20:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\Unity
[2010.05.22 13:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\VitySoft
[2010.03.13 04:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Komjútr\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2010.04.12 06:17:27 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.03.22 21:23:51 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Komjútr\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ClearMem.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ClickCleaner.exe
[2010.06.04 13:19:48 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ContextMenuManager.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DesktopCleaner.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DiskAnalyzer.exe
[2010.06.04 13:19:48 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DuplicateFilesFinder.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\FileSecurity.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\FileSplitter.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\IconManager.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\IEManager.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\JunkFileCleaner.exe
[2010.06.04 13:19:48 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\LiveUpdate.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\OptimizationWizard.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\PrivacyProtector.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ProcessManager.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RegistryCleaner.exe
[2010.06.04 13:19:48 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RegistryDefrag.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RepairCenter.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RunShortcutCreator.exe
[2010.06.04 13:19:48 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ServiceManager.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\Shutdown.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\StartupManager.exe
[2010.06.04 13:19:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\SystemFolder_msiexec.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\SystemInfo.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\Uninstaller.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\WallpaperChanger.exe
[2010.06.04 13:19:48 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Komjútr\Application Data\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\WinXP_Manager.exe

< MD5 for: AGP440.SYS >
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.15 16:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.15 16:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.15 16:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.03.15 16:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.15 16:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.15 16:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:Changer.sys
[2006.03.15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.03.13 01:45:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 14:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.03.15 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.15 16:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.15 16:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.15 16:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.15 16:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.03.15 16:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=9A98937A980831729D21343754FF9D59 -- C:\I386\SYSTEM32\SMSS.EXE
[2006.03.15 16:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.03.15 16:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.03.15 16:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.15 16:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.03.15 16:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 02:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.12.06 22:31:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.12.06 22:31:44 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.12.06 22:31:44 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 02:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.06.04 14:38:50 | 000,138,968 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys

< %systemroot%\system32\*.* /3 >
[2010.06.04 14:28:16 | 000,020,168 | -H-- | M] () -- C:\WINDOWS\system32\mlfcache.dat
[2010.06.04 14:18:29 | 015,366,482 | ---- | M] () -- C:\WINDOWS\system32\OFG
[2010.06.04 18:10:44 | 000,317,921 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2010.06.04 14:38:41 | 000,214,592 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2010.06.04 14:38:41 | 000,214,592 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[2010.06.04 18:01:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

========== Files - Unicode (All) ==========
[2010.03.17 07:58:11 | 000,000,000 | ---D | M](C:\Documents and Settings\Komj?tr\Application Data\Opera) -- C:\Documents and Settings\Komj�tr\Application Data\Opera

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BE9FEFC
< End of report >

#5 Příspěvek od **vyosek** » 04 čer 2010 21:48

Jeste poprosim o log Extras.txt

John10 · #6 Příspěvek od **John10** » 04 čer 2010 22:16

Na ploše mám jen OTL.Txt ...

#7 Příspěvek od **vyosek** » 04 čer 2010 23:48

Jeste pred mazanim si neco overim...

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

C:\WINDOWS\system32\pwdrvio.sys
C:\WINDOWS\system32\pwdspio.sys
C:\WINDOWS\System32\rmc_fixasf.exe
C:\WINDOWS\System32\drivers\KHCAP.sys
C:\WINDOWS\System32\pbsvc.exe
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
Kliknete na Otestovat soubor
Vysledek analyzy sem vlozte (jako odkaz)

John10 · #8 Příspěvek od **John10** » 05 čer 2010 00:07

http://www.virustotal.com/cs/analisis/1 ... 1275692469
http://www.virustotal.com/cs/analisis/a ... 1275692555
http://www.virustotal.com/cs/analisis/e ... 1275692622
http://www.virustotal.com/cs/analisis/b ... 1275692678
http://www.virustotal.com/cs/analisis/d ... 1275692775

#9 Příspěvek od **vyosek** » 05 čer 2010 00:10

Tak ani v logu z OTL neni nejaka havet videt, jen drobnosti...

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRman000&ptb=dbgMhoVAeNz4PSe00zIwlA&psa=&ind=2010040410&ptnrS=GRman000&si=&st=kwd&n=77cec85a&searchfor="
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetAllUrl.htm ()
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BE9FEFC

:file

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
""=-

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

John10 · #10 Příspěvek od **John10** » 05 čer 2010 00:19

Zvláštní no... nevim proč ten Chrome nejede. Zkoušel jsem Googlit, ale nic moc jsem nenašel, jenom že někomu pomohlo odstranit trojana (pomocí antiviru od Microsoftu)

All processes killed
========== OTL ==========
Prefs.js: "MyWebSearch" removed from browser.search.selectedEngine
Prefs.js: "http://search.mywebsearch.com/mywebsear ... searchfor=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载\ deleted successfully.
C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetUrl.htm moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接\ deleted successfully.
C:\Documents and Settings\Komjútr\Application Data\FlashGetBHO\GetAllUrl.htm moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2BE9FEFC deleted successfully.
Error: Unable to interpret <:file> in the current context!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater\\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 41620 bytes

User: Komjútr
->Temp folder emptied: 4606468 bytes
->Temporary Internet Files folder emptied: 80537283 bytes
->Java cache emptied: 5625507 bytes
->FireFox cache emptied: 89073508 bytes
->Google Chrome cache emptied: 856432 bytes
->Apple Safari cache emptied: 33923668 bytes
->Flash cache emptied: 2081678 bytes

User: Komj�tr

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 3482 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6955474 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 214,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Komjútr
->Flash cache emptied: 0 bytes

User: Komj�tr

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.5.3 log created on 06052010_011142

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

#11 Příspěvek od **vyosek** » 05 čer 2010 00:25

zkus ten chrome, ale nevim nevim...v logu nic nebylo spatneho...

John10 · #12 Příspěvek od **John10** » 05 čer 2010 00:27

John10 píše:Zvláštní no... nevim proč ten Chrome nejede. Zkoušel jsem Googlit, ale nic moc jsem nenašel, jenom že někomu pomohlo odstranit trojana (pomocí antiviru od Microsoftu)

#13 Příspěvek od **vyosek** » 05 čer 2010 00:28

Jenze zadny trojan v logu neni...

Neblokuje ti ho FW

John10 · #14 Příspěvek od **John10** » 05 čer 2010 00:30

No právě to jsem taky zkoušel vypnout všechny štíty včetně Firewallu...taky nepomohlo.

#15 Příspěvek od **vyosek** » 05 čer 2010 00:34

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Zkus jeste jednou odinstalovat (napr. pomoci CCleaneru) a pak znovu nainstalovat. Ja se poptam jeste kolegu..

VIRY.CZ

Nefunguje Google Chrome

Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome

Re: Nefunguje Google Chrome