Prosím o preventivku díky

Zpráva

Rohl · #1 Příspěvek od **Rohl** » 14 dub 2011 17:29

Logfile of random's system information tool 1.06 (written by random/random)
Run by Míra at 2011-04-14 18:27:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (1%) free of 300 GB
Total RAM: 3070 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:28, on 14.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17096)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Míra\Plocha\RSIT.exe
C:\Program Files\trend micro\Míra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avg.com/ww.special-toolbar-first-run-tlbrf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Softonic English TC - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe"
O4 - HKCU\..\Run: [PowerBar] "C:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - D:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10AC536B-6538-4BEE-87F5-8F046027C3F6}: NameServer = 10.8.136.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{10AC536B-6538-4BEE-87F5-8F046027C3F6}: NameServer = 10.8.136.1
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Secunia PSI Agent - Secunia - D:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - D:\Program Files\Secunia\PSI\sua.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 8441 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton Security Scan for Majitel.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1006.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
Softonic English TC Toolbar - C:\Program Files\Softonic_English_TC\prxtbSof0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-08-13 757192]
{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - Softonic English TC Toolbar - C:\Program Files\Softonic_English_TC\prxtbSof0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-03 16841216]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-04 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-04 81920]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"RemoteControl"=C:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-02-23 3451496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe [2005-06-02 1957888]
"PowerBar"=C:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe [2004-04-21 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
C:\Program Files\Sony EricssonG700\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Míra^Nabídka Start^Programy^Po spuštění^Jádro Plánovače úloh SolidWorks.lnk]
D:\Program Files\swScheduler\swBOEngine.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Míra^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Java\jdk1.6.0_07\jre\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\QIP\qip.exe"="D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\Hooligans\Hooligans.exe"="D:\Hooligans\Hooligans.exe:*:Enabled:Hooligans"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Disabled:mRouterRuntime Module"
"C:\Program Files\Sony EricssonG700\Mobile4\Sync Manager\DXP SyncML.exe"="C:\Program Files\Sony EricssonG700\Mobile4\Sync Manager\DXP SyncML.exe:*:Disabled:DXP SyncML Module"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\WINDOWS\system32\HPZipm12.exe"="C:\WINDOWS\system32\HPZipm12.exe:*:Enabled:ENABLE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ENABLE"
"D:\Program Files\Xfire\Xfire.exe"="D:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Call of Duty 2\CoD2MP_s.exe"="D:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Miranda IM KP v5.0.8.5\miranda32.exe"="D:\Program Files\Miranda IM KP v5.0.8.5\miranda32.exe:*:Enabled:Miranda IM"
"D:\age of empires 2\age2_x1.exe"="D:\age of empires 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"D:\Call of Duty - World at War\CoDWaWmp.exe"="D:\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\Call of Duty - World at War\CoDWaW.exe"="D:\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\Call of Duty - Black Ops\BlackOps.exe"="D:\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c7b6fc3-b5ac-11df-a693-001fd05da792}]
shell\AutoRun\command - G:\EmDesk.exe
shell\EmDesk\command - G:\EmDesk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d74fbf8-e267-11dd-9813-001fd05da792}]
shell\AutoRun\command - ji83j.exe
shell\open\command - ji83j.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70e39991-ea02-11dd-981b-001fd05da792}]
shell\AutoRun\command - H:\setupSNK.exe

======List of files/folders created in the last 1 months======

2011-04-14 18:21:23 ----D---- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoft
2011-04-14 16:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-14 16:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-14 16:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-14 16:49:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-14 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-14 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-14 16:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-14 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-14 16:48:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-14 16:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-14 16:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-14 16:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2011-04-08 12:42:05 ----D---- C:\Documents and Settings\Míra\Data aplikací\PriceGong
2011-03-25 17:08:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-18 19:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$

======List of files/folders modified in the last 1 months======

2011-04-14 18:27:25 ----D---- C:\Program Files\Trend Micro
2011-04-14 18:27:24 ----D---- C:\rsit
2011-04-14 18:21:29 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-04-14 18:16:08 ----D---- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers
2011-04-14 18:12:48 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-14 17:33:16 ----D---- C:\WINDOWS\Temp
2011-04-14 17:19:07 ----D---- C:\WINDOWS\Prefetch
2011-04-14 17:19:07 ----D---- C:\WINDOWS
2011-04-14 17:17:23 ----D---- C:\WINDOWS\system32
2011-04-14 17:17:23 ----D---- C:\Program Files\Internet Explorer
2011-04-14 17:17:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-14 17:16:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-14 17:16:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-14 17:12:52 ----RASH---- C:\boot.ini
2011-04-14 17:12:52 ----A---- C:\WINDOWS\win.ini
2011-04-14 17:12:52 ----A---- C:\WINDOWS\system.ini
2011-04-14 17:12:51 ----D---- C:\WINDOWS\pss
2011-04-14 17:04:06 ----D---- C:\Program Files\Spyware Terminator
2011-04-14 17:04:05 ----D---- C:\WINDOWS\system32\drivers
2011-04-14 17:02:46 ----D---- C:\WINDOWS\Minidump
2011-04-14 17:02:46 ----D---- C:\WINDOWS\Debug
2011-04-14 17:00:27 ----D---- C:\Program Files\Common Files
2011-04-14 17:00:20 ----SHD---- C:\WINDOWS\Installer
2011-04-14 17:00:20 ----HD---- C:\Config.Msi
2011-04-14 17:00:20 ----D---- C:\Program Files\Real
2011-04-14 17:00:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2011-04-14 17:00:13 ----SD---- C:\WINDOWS\Tasks
2011-04-14 17:00:06 ----D---- C:\Documents and Settings\Míra\Data aplikací\Real
2011-04-14 16:56:47 ----D---- C:\WINDOWS\WinSxS
2011-04-14 16:55:32 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-14 16:55:29 ----RSD---- C:\WINDOWS\assembly
2011-04-14 16:54:46 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-14 16:54:42 ----HD---- C:\WINDOWS\inf
2011-04-14 16:54:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-14 16:52:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-14 16:49:23 ----D---- C:\WINDOWS\system32\cs-cz
2011-04-14 16:49:13 ----D---- C:\WINDOWS\ie7updates
2011-04-14 16:49:06 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-10 20:08:53 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-04-08 12:44:47 ----D---- C:\WINDOWS\system32\Adobe
2011-04-08 12:44:26 ----D---- C:\WINDOWS\system32\Macromed
2011-04-08 12:44:26 ----D---- C:\Documents and Settings\Míra\Data aplikací\Macromedia
2011-04-08 12:44:26 ----D---- C:\Documents and Settings\Míra\Data aplikací\Adobe
2011-04-08 12:42:39 ----D---- C:\Program Files\Softonic_English_TC
2011-04-08 12:42:37 ----D---- C:\Program Files\ConduitEngine
2011-04-08 12:42:35 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-03-31 14:55:52 ----D---- C:\Program Files\Mozilla Firefox
2011-03-18 18:16:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-04 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-06-28 45824]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-06-28 20480]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-02 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S3 apt8bv5q;apt8bv5q; C:\WINDOWS\system32\drivers\apt8bv5q.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\MRA~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2008-10-04 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2008-10-04 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2008-10-04 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2008-10-04 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2008-10-04 79488]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-04 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-02-17 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-02-17 189248]
R2 Secunia Update Agent;Secunia Update Agent; D:\Program Files\Secunia\PSI\sua.exe [2011-01-10 399416]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; D:\Program Files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-11-08 79360]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 14 dub 2011 18:06

Zdravim a pekny den preji

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Spustte a kliknete na Deletion
Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Rohl · #3 Příspěvek od **Rohl** » 14 dub 2011 18:50

############################## | UsbFix 7.014 | [Deletion]

User: Míra (Administrator) # DOM-EC1C75A1A7E [ ]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 19:45:08 | 14/04/2011
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 7.0.5730.13

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.100664296 [Enabled | Updated]
RAM -> 3070 Mb
C:\ (%systemdrive%) -> Fixed drive # 293 Gb (3 Mb free - 1%) [] # NTFS
D:\ -> Fixed drive # 173 Gb (70 Mb free - 40%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Fixed drive # 75 Gb (1 Mb free - 1%) [] # FAT32
G:\ -> Removable drive # 2 Gb (2 Mb free - 97%) [] # FAT32
H:\ -> CD-ROM
I:\ -> Fixed drive # 932 Gb (681 Mb free - 73%) [My Book AV] # NTFS

################## | Files # Infected Folders |

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{5c7b6fc3-b5ac-11df-a693-001fd05da792}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{6d74fbf8-e267-11dd-9813-001fd05da792}

################## | Listing |

[29/03/2009 - 22:24:10 | HD ] C:\$AVG8.VAULT$
[22/08/2008 - 03:41:17 | A | 0] C:\AUTOEXEC.BAT
[31/03/2009 - 16:59:31 | D ] C:\Avenger
[31/01/2009 - 15:34:24 | A | 4763] C:\avi_log.txt
[30/03/2009 - 16:17:55 | A | 223] C:\Boot.bak
[14/04/2011 - 17:12:52 | RASH | 293] C:\boot.ini
[02/03/2006 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[31/03/2009 - 17:25:58 | RASHD ] C:\cmdcons
[03/08/2004 - 23:00:04 | A | 261312] C:\cmldr
[14/04/2011 - 17:00:20 | HD ] C:\Config.Msi
[22/08/2008 - 03:41:17 | A | 0] C:\CONFIG.SYS
[22/08/2008 - 03:48:20 | A | 206] C:\csb.log
[19/01/2010 - 17:22:03 | D ] C:\Documents and Settings
[20/11/2010 - 13:11:25 | D ] C:\hry
[22/08/2008 - 03:41:17 | RASH | 0] C:\IO.SYS
[22/08/2008 - 03:41:17 | RASH | 0] C:\MSDOS.SYS
[07/09/2008 - 19:07:27 | RHD ] C:\MSOCache
[20/09/2008 - 14:29:10 | D ] C:\MyWorks
[02/03/2006 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM
[21/08/2008 - 22:56:20 | RASH | 250576] C:\ntldr
[14/04/2011 - 19:37:20 | ASH | 2145386496] C:\pagefile.sys
[27/12/2010 - 00:12:12 | RD ] C:\Program Files
[24/12/2010 - 12:37:13 | D ] C:\Programy
[14/04/2011 - 19:46:54 | SHD ] C:\RECYCLER
[22/08/2008 - 03:48:20 | A | 429] C:\RHDSetup.log
[14/04/2011 - 18:27:30 | D ] C:\rsit
[12/06/2009 - 00:04:03 | SHD ] C:\System Volume Information
[14/04/2011 - 19:46:54 | D ] C:\UsbFix
[14/04/2011 - 19:46:57 | A | 1306] C:\UsbFix.txt
[14/04/2011 - 17:19:07 | D ] C:\WINDOWS
[31/01/2009 - 17:26:25 | A | 0] C:\________
[09/11/2009 - 16:56:02 | D ] D:\9eac5e48ba59336dfde3a5e25b77f5
[14/01/2011 - 13:09:09 | D ] D:\Airport Mania - First Flight
[12/05/2009 - 17:22:24 | D ] D:\Bestgames
[08/04/2011 - 10:32:29 | D ] D:\Call of Duty - Black Ops
[02/09/2010 - 20:19:13 | D ] D:\Call of Duty - Modern Warfare 2
[13/09/2010 - 13:36:51 | D ] D:\Call of Duty - World at War
[15/02/2011 - 17:24:12 | D ] D:\Call of Duty 2
[14/01/2011 - 12:40:48 | D ] D:\Call of Duty 4 - Modern Warfare
[10/09/2010 - 14:49:28 | D ] D:\Governor of Poker 2 Premium Edition
[12/03/2010 - 19:27:25 | D ] D:\Hooligans
[22/06/2010 - 11:37:55 | D ] D:\Mafia
[17/02/2011 - 13:35:01 | D ] D:\Medal of Honor
[16/02/2011 - 21:05:49 | D ] D:\Mirek
[05/05/2010 - 17:27:35 | D ] D:\Populous
[14/04/2011 - 18:21:54 | D ] D:\Program Files
[14/04/2011 - 19:46:54 | SHD ] D:\RECYCLER
[03/08/2010 - 13:08:44 | D ] D:\S.T.A.L.K.E.R. - Call of Pripyat
[21/06/2010 - 12:06:01 | A | 194517500] D:\San Antonio 1992.mpg
[27/03/2010 - 17:10:29 | D ] D:\Skies of War
[12/06/2009 - 00:11:33 | SHD ] D:\System Volume Information
[07/10/2004 - 17:29:12 | SHD ] F:\RECYCLED
[07/10/2004 - 21:26:26 | D ] F:\DVD FILMY
[11/10/2004 - 19:03:48 | D ] F:\Dokumenty David
[02/03/2004 - 20:01:52 | A | 34280200] F:\Orion Hall - part 4 Ladida.mp3
[01/03/2004 - 20:34:22 | A | 49546263] F:\Orion Hall part 2 Orbith + Lucca.mp3
[07/03/2004 - 22:01:20 | A | 31720722] F:\Orion hall-part5 Carl Cox.mp3
[02/03/2004 - 17:04:38 | A | 34304650] F:\Orion Hall - part 3 Lucca + Ladida.mp3
[29/02/2004 - 14:13:42 | A | 49536650] F:\Orion Hall -part1 Skipworker + Orbith.mp3
[12/10/2004 - 19:59:32 | D ] F:\Filmy
[26/08/2008 - 13:10:12 | D ] F:\sranda
[16/11/2004 - 16:08:30 | D ] F:\Postal 2 - Share the Pain
[23/11/2004 - 18:06:02 | D ] F:\MS Office Pro Enterprise 2003 CZ
[10/06/2007 - 20:50:14 | A | 20480] F:\Ukoly.doc
[01/02/2005 - 20:24:18 | A | 500654080] F:\RCT3.iso
[27/03/2005 - 13:51:42 | H | 33721] F:\TREEINFO.WC
[19/06/2005 - 21:24:40 | D ] F:\Hotride EP
[21/03/2005 - 20:03:00 | D ] F:\prodigy
[07/04/2005 - 19:55:12 | D ] F:\programy
[11/04/2005 - 19:07:08 | D ] F:\OWAss
[11/04/2005 - 19:08:18 | D ] F:\URA ss
[13/10/2004 - 15:49:50 | N | 46371348] F:\sexplosion_mix.mp3
[01/03/2005 - 18:09:02 | N | 190494208] F:\Dejw vs. The Prodigy.avi
[19/02/2005 - 17:21:44 | A | 4579915] F:\Hledáme název-Normální pátek.mp3
[11/04/2005 - 19:32:28 | D ] F:\OtsCDScratch1200
[09/04/2005 - 21:33:02 | A | 1923072] F:\bbarak.cz_Sasa_Superskleroza.mp3
[02/06/2006 - 09:24:28 | D ] F:\hh mp3
[17/10/2005 - 21:14:36 | D ] F:\DVDvyp
[30/01/2006 - 19:45:42 | SH | 198] F:\Desktop.ini
[05/03/2006 - 12:15:56 | D ] F:\pb
[07/10/2001 - 14:41:14 | A | 22005] F:\spirala.exe
[20/04/2007 - 20:45:28 | D ] F:\Nová složka
[21/04/2006 - 08:09:58 | D ] F:\Nova slozka (2)
[24/03/2008 - 13:47:12 | D ] F:\mp3 brezen08
[19/06/2005 - 21:24:56 | D ] F:\Hotride US Promo
[25/05/2006 - 11:18:46 | D ] F:\V seznamu
[20/06/2005 - 18:35:26 | D ] F:\Girls
[20/06/2005 - 12:20:50 | A | 15330732] F:\video-lubos.zip
[31/01/2009 - 16:26:26 | A | 0] F:\________
[27/08/2006 - 09:34:00 | D ] F:\dvd obaly
[19/05/2006 - 10:43:16 | D ] F:\Géniové
[17/12/2006 - 11:22:06 | D ] F:\Nova slozka
[23/12/2006 - 15:42:34 | D ] F:\Na vypalovani
[26/08/2008 - 13:11:40 | D ] F:\plakaty
[26/08/2008 - 14:18:38 | D ] F:\17_underworld livepa-at-loveparade dortmund germany 19.08.2008
[23/03/2008 - 14:42:40 | A | 5944259] F:\martz_dew_-_prave_vcas.mp3
[30/01/2008 - 13:23:14 | A | 4816214] F:\moje videjko.mpg
[02/02/2008 - 11:26:30 | A | 5264378] F:\Performer.wmv
[23/03/2008 - 12:35:46 | A | 3724347] F:\kkk.wmv
[12/01/2008 - 12:15:20 | A | 3459792] F:\domaciakce.wmv
[26/08/2008 - 15:27:48 | D ] F:\Foto
[20/01/2008 - 15:40:36 | A | 921654] F:\1.bmp
[09/12/2007 - 12:54:32 | A | 3743411] F:\cikani_do_nebe.mp3
[26/08/2008 - 15:28:04 | D ] F:\3D_festival_park
[01/05/2008 - 16:14:24 | A | 10984] F:\hiphopkemp_200.jpg
[27/04/2008 - 21:50:38 | A | 4135288] F:\mr.oizo-vs.-balloon-pussylovers-mix-skyi.mp3
[05/01/2008 - 16:53:22 | A | 7934580] F:\Sokol feat Pono - nie lekcewaz nas.mp3
[11/04/2008 - 19:33:48 | A | 35328] F:\tabsirka.xls
[05/04/2008 - 14:51:02 | A | 20992] F:\votvirak line up.doc
[30/08/2008 - 14:54:54 | HD ] F:\$AVG8.VAULT$
[30/08/2008 - 14:54:54 | SHD ] F:\System Volume Information
[23/06/2007 - 11:06:52 | A | 16257486] F:\ArtAttack_Freestyle_Battle_2006_-_Finale_Strapo_a_Zverina.mp3
[15/09/2007 - 10:59:32 | A | 8918959] F:\ArtAttack_Freestyle_Battle_2006_-_Zverina_a_Jedlee_Wonder.mp3
[25/12/2008 - 12:01:14 | D ] F:\Videoklipy
[03/11/2001 - 16:42:32 | A | 21492] F:\2x_bb-kafes.gif
[30/09/2001 - 17:18:20 | A | 738432] F:\darecek_pro_igracky.mp3
[07/10/2001 - 17:20:52 | A | 59846] F:\deejay.gif
[16/09/2001 - 15:27:14 | A | 3971576] F:\Patrick_Kicken_Radio3FM-eminemvsbritney.mp3
[11/05/2008 - 17:38:02 | A | 3838581] F:\dixxx---plachty.mp3
[11/05/2008 - 17:19:36 | A | 18440192] F:\Strapo_VS_Ledko_-_Nesutazny_battle_z_BA_kvalifikacie_ArtAttack_Freestyle_Battle_2008.mp3
[11/05/2008 - 17:19:46 | A | 4384653] F:\mc zuzka-proti-vsem-devkam.mp3
[11/05/2008 - 17:43:54 | A | 6469172] F:\affrofil feat[1]. smack tafrob diss.mp3
[11/05/2008 - 17:29:30 | A | 2407004] F:\hugo-toxxx-exclusive-shit.mp3
[17/02/2008 - 12:56:14 | A | 1266005] F:\clip2.wmv
[24/01/2009 - 14:51:14 | D ] F:\video unor
[04/10/2009 - 13:41:10 | D ] F:\video-lubos
[19/09/2009 - 11:28:46 | A | 10083310] F:\Kde si ty.mp3
[05/04/2011 - 22:40:56 | D ] G:\Karlos
[14/04/2011 - 18:25:36 | A | 412928] G:\Projizdel se zabak.mp3
[14/04/2011 - 19:45:32 | SHD ] I:\$RECYCLE.BIN
[15/01/2011 - 23:38:16 | D ] I:\Dokumenty
[28/01/2011 - 15:39:55 | D ] I:\Filmy
[30/01/2011 - 00:00:20 | D ] I:\Fotky
[01/04/2011 - 13:59:00 | D ] I:\Hry
[01/04/2011 - 13:54:58 | D ] I:\Programy
[14/04/2011 - 19:46:54 | SHD ] I:\RECYCLER
[01/04/2011 - 14:01:06 | D ] I:\Serialy
[16/02/2011 - 20:52:01 | SHD ] I:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

#4 Příspěvek od **vyosek** » 14 dub 2011 19:29

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Rohl · #5 Příspěvek od **Rohl** » 14 dub 2011 19:51

OTL.txt:

OTL logfile created on: 14.4.2011 20:41:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Míra\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292,97 Gb Total Space | 2,44 Gb Free Space | 0,83% Space Free | Partition Type: NTFS
Drive D: | 172,78 Gb Total Space | 71,23 Gb Free Space | 41,23% Space Free | Partition Type: NTFS
Drive F: | 74,51 Gb Total Space | 1,04 Gb Free Space | 1,39% Space Free | Partition Type: FAT32

Computer Name: DOM-EC1C75A1A7E | User Name: Míra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.04.14 20:39:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Míra\Plocha\OTL.exe
PRC - [2011.03.31 14:55:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.02.23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011.04.14 20:39:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Míra\Plocha\OTL.exe
MOD - [2011.02.23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.01.10 16:24:20 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- D:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011.01.10 16:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- D:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2009.11.08 19:07:32 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011.02.23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.02.23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.02.23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.02.23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.02.23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.02.23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.02.23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.02.08 14:49:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.10.04 13:30:05 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2008.10.04 13:30:05 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2008.10.04 13:30:04 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2008.10.04 13:30:04 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2008.10.04 13:30:04 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2008.08.22 03:49:24 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.01.15 11:44:14 | 000,091,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce)
DRV - [2008.01.15 11:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2008.01.15 11:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2008.01.15 11:44:10 | 000,014,848 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2008.01.15 11:44:08 | 000,083,200 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2008.01.15 11:44:08 | 000,063,360 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV - [2007.09.05 11:31:30 | 004,611,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.06.28 12:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.06.28 12:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.06.18 23:59:28 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.14 17:00:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.14 17:00:22 | 000,000,000 | ---D | M]

[2008.09.13 16:38:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Extensions
[2010.03.09 23:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.04.08 12:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\extensions
[2011.04.08 12:36:59 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.04.28 10:05:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.24 10:32:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.07 18:51:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-10.xml
[2009.08.07 19:29:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-11.xml
[2009.09.25 11:40:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-12.xml
[2009.10.18 20:23:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-13.xml
[2009.11.07 19:09:02 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-14.xml
[2009.12.17 13:30:02 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-15.xml
[2008.12.22 00:05:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-2.xml
[2009.02.11 22:38:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-3.xml
[2009.03.08 17:41:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-4.xml
[2009.03.29 11:06:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-5.xml
[2009.04.25 21:43:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-6.xml
[2009.04.28 14:50:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-7.xml
[2009.06.13 18:27:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-8.xml
[2009.08.03 18:05:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-9.xml
[2008.11.18 14:56:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin.xml
[2010.08.31 09:15:21 | 000,002,091 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
[2011.03.26 17:31:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.13 16:48:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.15 15:21:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.01 13:44:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MĂRA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\BNBOS1NU.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
[2010.10.13 16:47:58 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.03.31 14:55:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011.03.31 14:55:36 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.03.31 14:55:36 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.03.31 14:53:39 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.31 14:55:36 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.31 14:55:36 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.31 14:55:36 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.04.21 20:47:32 | 000,000,091 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 q4master.idsoftware.com
O1 - Hosts: 127.0.0.1 idnet.ua-corp.com
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic English TC Toolbar) - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll (Conduit Ltd.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic English TC Toolbar) - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\Toolbar\WebBrowser: (Softonic English TC Toolbar) - {4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Programy\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006..\Run: [PowerBar] C:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe (Cyberlink, Corp.)
O4 - HKLM..\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Míra\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Míra\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.08.22 03:41:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.04.14 19:46:57 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011.04.14 19:46:57 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011.04.14 19:46:58 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{70e39991-ea02-11dd-981b-001fd05da792}\Shell\AutoRun\command - "" = H:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)

========== Files/Folders - Created Within 7 Days ==========

[2011.04.14 20:39:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Míra\Plocha\OTL.exe
[2011.04.14 19:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Míra\Plocha\Nová složka
[2011.04.14 19:46:57 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011.04.14 19:44:52 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011.04.14 18:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoft
[2011.04.14 17:02:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Míra\Recent
[2011.04.08 12:42:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Míra\Data aplikací\PriceGong
[2011.04.08 12:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Míra\Local Settings\Data aplikací\ConduitEngine
[2011.04.08 10:20:51 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.04.14 20:39:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Míra\Plocha\OTL.exe
[2011.04.14 20:05:09 | 000,199,680 | ---- | M] () -- C:\Documents and Settings\Míra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.14 19:37:41 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
[2011.04.14 19:37:41 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1006.job
[2011.04.14 19:37:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.14 18:21:29 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Míra\Plocha\DVDVideoSoft Free Studio.lnk
[2011.04.14 18:12:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.04.14 17:20:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.14 17:17:25 | 000,153,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.14 17:12:52 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2011.04.14 17:03:35 | 000,254,472 | ---- | M] () -- C:\Documents and Settings\Míra\Dokumenty\cc_20110414_170325.reg
[2011.04.14 17:00:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1006.job
[2011.04.14 16:52:14 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.14 16:52:14 | 000,429,024 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.04.14 16:52:14 | 000,078,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.04.14 16:52:14 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.10 14:40:43 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
[2011.04.08 17:26:39 | 000,000,558 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Majitel.job
[2011.04.08 10:20:51 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.14 17:03:30 | 000,254,472 | ---- | C] () -- C:\Documents and Settings\Míra\Dokumenty\cc_20110414_170325.reg
[2011.02.17 00:41:35 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.02.17 00:38:54 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.02.17 00:38:53 | 002,601,752 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_moh.exe
[2011.02.17 00:38:53 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.02.16 20:59:26 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2011.02.16 20:58:18 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2011.01.15 16:12:55 | 000,000,029 | ---- | C] () -- C:\WINDOWS\pslabeler3.ini
[2010.09.27 19:39:24 | 000,255,344 | ---- | C] () -- C:\WINDOWS\System32\imagxpr3.dll
[2010.09.27 19:39:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Eztw32.dll
[2010.05.07 23:15:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2010.05.05 17:24:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ealtest.exe
[2010.03.14 16:53:12 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Míra\Data aplikací\vso_ts_preview.xml
[2010.03.12 19:27:25 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini
[2009.12.07 00:34:33 | 000,000,098 | ---- | C] () -- C:\WINDOWS\h3maped.INI
[2009.11.08 19:08:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2009.05.11 21:07:38 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2009.04.21 12:08:15 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.03.31 17:21:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.03.31 17:21:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.03.31 17:21:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.03.31 17:21:24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009.03.30 21:32:32 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009.03.24 23:46:12 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Míra\Data aplikací\PnkBstrK.sys
[2009.03.18 00:55:59 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009.03.18 00:55:59 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009.03.18 00:55:59 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009.03.03 14:55:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009.02.28 17:33:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009.02.21 17:11:40 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2009.02.21 14:56:53 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2009.01.31 15:44:29 | 000,000,044 | ---- | C] () -- C:\WINDOWS\RMwmac.ini
[2009.01.31 15:44:10 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySRMWMA.dat
[2009.01.31 15:32:41 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009.01.31 15:32:41 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009.01.31 15:32:41 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009.01.31 15:32:41 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009.01.31 01:21:10 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.01.31 01:20:39 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2008.11.20 00:12:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.25 15:29:05 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2008.09.20 14:29:03 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008.09.19 16:55:45 | 000,199,680 | ---- | C] () -- C:\Documents and Settings\Míra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.12 21:10:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.09.12 20:33:31 | 000,113,335 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2008.09.12 20:33:31 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2008.08.30 15:15:12 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.08.22 05:34:46 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.08.22 05:32:14 | 000,153,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.08.22 03:48:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.08.22 03:47:04 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008.08.22 03:42:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.08.22 03:39:39 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.12.04 19:41:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.12.04 19:41:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007.12.04 19:41:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.12.04 19:41:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007.12.04 19:41:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.12.04 19:41:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.12.04 19:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007.12.04 19:41:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007.12.04 19:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.03.02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 14:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 14:00:00 | 000,429,024 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 14:00:00 | 000,078,052 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 14:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.12.31 16:19:08 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.12.31 16:13:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.11.30 13:49:56 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001.07.06 15:30:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2010.05.12 14:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.02.08 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.11.08 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
[2009.03.17 22:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2008.12.14 21:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.09.07 18:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2009.09.25 13:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ludia
[2009.03.30 21:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2008.10.04 13:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.04.28 21:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.25 21:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Aegisub
[2009.11.05 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Any Video Converter
[2009.02.11 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Ashampoo Cover Studio 2009
[2009.01.14 20:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Audacity
[2010.01.19 23:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\AVCutty
[2010.01.19 17:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Broad Intelligence
[2008.09.19 17:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\BSplayer
[2008.09.19 17:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\BSplayer Pro
[2009.03.16 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools
[2010.02.08 14:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools Lite
[2009.03.16 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools Pro
[2009.11.08 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DassaultSystemes
[2009.04.21 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Desktopicon
[2011.04.14 18:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoft
[2011.04.14 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers
[2009.11.08 19:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DWGeditor
[2010.04.16 16:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\foobar2000
[2008.12.14 21:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\ICQ
[2010.06.17 14:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Image Zone Express
[2010.05.16 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Leadertech
[2009.09.25 13:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Ludia
[2011.04.14 17:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\PriceGong
[2009.03.30 00:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\QIP
[2010.09.17 14:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Red Alert 3
[2008.10.05 21:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Teleca
[2010.03.09 23:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Thunderbird
[2010.10.11 21:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Vso
[2010.09.04 13:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\YoudaGames

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"NBJ" = "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe" -- [2005.06.02 16:03:08 | 001,957,888 | ---- | M] (Ahead Software AG)
"PowerBar" = "C:\Programy\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime -- [2004.04.21 10:26:28 | 000,086,016 | ---- | M] (Cyberlink, Corp.)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.08 12:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Adobe
[2009.03.25 21:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Aegisub
[2008.09.19 16:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Ahead
[2009.11.05 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Any Video Converter
[2009.02.11 20:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Ashampoo Cover Studio 2009
[2009.01.14 20:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Audacity
[2010.01.19 23:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\AVCutty
[2010.01.19 17:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Broad Intelligence
[2008.09.19 17:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\BSplayer
[2008.09.19 17:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\BSplayer Pro
[2008.10.06 10:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\CyberLink
[2009.03.16 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools
[2010.02.08 14:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools Lite
[2009.03.16 18:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DAEMON Tools Pro
[2009.11.08 19:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DassaultSystemes
[2009.04.21 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Desktopicon
[2010.05.17 11:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\dvdcss
[2011.04.14 18:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoft
[2011.04.14 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DVDVideoSoftIEHelpers
[2009.11.08 19:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\DWGeditor
[2010.01.19 23:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\FastStone
[2010.04.16 16:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\foobar2000
[2008.11.20 00:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Help
[2008.09.12 20:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\HP
[2008.12.14 21:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\ICQ
[2008.09.07 18:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Identities
[2010.06.17 14:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Image Zone Express
[2010.05.16 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Leadertech
[2009.09.25 13:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Ludia
[2011.04.08 12:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Macromedia
[2009.01.15 20:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Media Player Classic
[2009.06.17 12:50:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Míra\Data aplikací\Microsoft
[2009.11.17 20:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Mozilla
[2011.04.14 17:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\PriceGong
[2009.03.30 00:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\QIP
[2011.04.14 17:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Real
[2010.09.17 14:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Red Alert 3
[2009.03.17 03:14:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Míra\Data aplikací\SecuROM
[2010.02.08 22:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\SolidWorks
[2009.11.08 19:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\SolidWorks 2008
[2009.03.01 20:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Sony Ericsson
[2008.10.06 11:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Sun
[2009.11.17 20:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Talkback
[2008.10.05 21:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Teleca
[2010.03.09 23:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Thunderbird
[2010.05.27 17:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\vlc
[2010.10.11 21:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Vso
[2010.08.21 13:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\Winamp
[2008.09.25 15:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\WinRAR
[2010.09.04 13:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Míra\Data aplikací\YoudaGames

< %APPDATA%\*.exe /s >
[2008.10.28 18:20:32 | 000,089,088 | ---- | M] () --
[2009.03.26 14:42:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.06.29 16:42:04 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Míra\Data aplikací\Real\Update\setup3.10\setup.exe
[2010.09.15 11:58:39 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Míra\Data aplikací\Real\Update\setup3.12\setup.exe
[2011.01.27 17:06:50 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Míra\Data aplikací\Real\Update\setup3.14\setup.exe

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.21 22:54:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.08 14:49:34 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2008.08.22 05:31:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.08.22 05:31:29 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.08.22 05:31:29 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2011.04.14 17:17:25 | 000,153,176 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.04.14 16:54:46 | 039,828,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2011.04.14 16:52:14 | 000,078,052 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.04.14 16:52:14 | 000,067,448 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.04.14 16:52:14 | 000,429,024 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.04.14 16:52:14 | 000,432,492 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.04.14 16:52:14 | 000,978,772 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.04.14 17:20:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:88050731
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5F1019FF

< End of report >

Rohl · #6 Příspěvek od **Rohl** » 14 dub 2011 19:52

Extras.txt:

OTL Extras logfile created on: 14.4.2011 20:41:12 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Míra\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292,97 Gb Total Space | 2,44 Gb Free Space | 0,83% Space Free | Partition Type: NTFS
Drive D: | 172,78 Gb Total Space | 71,23 Gb Free Space | 41,23% Space Free | Partition Type: NTFS
Drive F: | 74,51 Gb Total Space | 1,04 Gb Free Space | 1,39% Space Free | Partition Type: FAT32

Computer Name: DOM-EC1C75A1A7E | User Name: Míra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "D:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Java\jdk1.6.0_07\jre\bin\java.exe" = C:\Program Files\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
"D:\Program Files\QIP\qip.exe" = D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"D:\Hooligans\Hooligans.exe" = D:\Hooligans\Hooligans.exe:*:Enabled:Hooligans -- (the XIIIth productions bv)
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe" = C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Disabled:mRouterRuntime Module -- (Intuwave Ltd.)
"C:\Program Files\Sony EricssonG700\Mobile4\Sync Manager\DXP SyncML.exe" = C:\Program Files\Sony EricssonG700\Mobile4\Sync Manager\DXP SyncML.exe:*:Disabled:DXP SyncML Module -- (Teleca Sweden AB)
"D:\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\WINDOWS\system32\HPZipm12.exe" = C:\WINDOWS\system32\HPZipm12.exe:*:Enabled:ENABLE -- (HP)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Program Files\Xfire\Xfire.exe" = D:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire
"D:\Call of Duty 2\CoD2MP_s.exe" = D:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"D:\Program Files\Miranda IM KP v5.0.8.5\miranda32.exe" = D:\Program Files\Miranda IM KP v5.0.8.5\miranda32.exe:*:Enabled:Miranda IM
"D:\age of empires 2\age2_x1.exe" = D:\age of empires 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion
"D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe" = D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI) -- (GSC Game World)
"D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe" = D:\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV) -- (GSC Game World)
"D:\Call of Duty - World at War\CoDWaWmp.exe" = D:\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"D:\Call of Duty - World at War\CoDWaW.exe" = D:\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"D:\Call of Duty - Black Ops\BlackOps.exe" = D:\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2AABA840-1F82-11D5-B3FA-0050BA013CD3}" = iCD CoolBeLa
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.8.0.193h
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C67F36D2-DE45-40B4-8D87-DF4A66A59532}" = PC Suite for Sony Ericsson
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.77
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}" = LightScribe System Software 1.12.29.2
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EABF2170-CA2F-4C48-9921-3D5050F30EBA}" = Hooligans - Storm over Europe
"{EDA2E9CA-8B7E-4BC0-9B0F-34B299555BF3}" = Retail Virtual EVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ant Movie Catalog_is1" = Ant Movie Catalog
"Any Video Converter_is1" = Any Video Converter 2.7.8
"Ashampoo Cover Studio 2009_is1" = Ashampoo Cover Studio 2009
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"BS.Player ControlBar" = BS.Player ControlBar
"BSPlayer1" = BSPlayer
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner (remove only)
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 6_is1" = DVDFab 6.0.7.0 (18/09/2009)
"DXTXTRA" = Microsoft DirectX Transform optional components
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.4
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.2.19.324
"Free YouTube Download_is1" = Free YouTube Download version 2.10.33.324
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"mRouterRuntime" =
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Popisovač CD/DVD 3.20_is1" = Popisovač CD/DVD 3.20
"Populous: The Beginning" = Populous: The Beginning
"PunkBusterSvc" = PunkBuster Services
"RollerCoaster Tycoon Setup" = Roll
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"Seznam DVD 2008_is1" = Seznam DVD 2008
"Softonic_English_TC Toolbar" = Softonic_English_TC Toolbar
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"The KMPlayer" = The KMPlayer (remove only)
"The Suffering" = The Suffering (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"Usbfix" = Usbfix By C_XX & El Desaparecido
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XRECODE_is1" = XRECODE

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 30.4.2010 11:21:17 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 30.4.2010 11:21:17 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 30.4.2010 11:21:17 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 1.5.2010 6:23:32 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

Error - 3.5.2010 6:54:20 | Computer Name = DOM-EC1C75A1A7E | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 1.1.2010 15:26:30 | Computer Name = DOM-EC1C75A1A7E | Source = LightScribeService | ID = 1
Description = Generic Error : [HurricaneClientProxy::DoOpenDrive] Connection 0:
m_pPipe->Write returned an error 10ac

Error - 1.1.2010 15:26:30 | Computer Name = DOM-EC1C75A1A7E | Source = LightScribeService | ID = 1
Description = Generic Error : [HurricaneClientProxy] Connection 0: HurricaneClientProxy::HurricaneClientProxy
HURRICANE_COMMAND_OPEN_DRIVE Error 10ac

Error - 10.1.2010 15:05:26 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace nbj.exe, verze 1.2.0.53, chybující modul advrcntr.dll,
verze 1.2.10.2305, adresa chyby 0x0001d140.

Error - 18.1.2010 11:04:58 | Computer Name = DOM-EC1C75A1A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1434, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.1.2010 17:15:02 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace videosplitter.exe, verze 5.1.6.1, chybující modul
bsaviutil.dll, verze 0.0.0.0, adresa chyby 0x00035e75.

Error - 19.1.2010 17:15:11 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace videosplitter.exe, verze 5.1.6.1, chybující modul
bsaviutil.dll, verze 0.0.0.0, adresa chyby 0x00035e75.

Error - 28.1.2010 9:59:47 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3sp.exe, verze 0.0.0.0, chybující modul iw3sp.exe,
verze 0.0.0.0, adresa chyby 0x00180e27.

Error - 1.2.2010 2:41:52 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace powerbar.exe, verze 1.1.0.421, chybující modul
powerbar.exe, verze 1.1.0.421, adresa chyby 0x00005108.

Error - 3.2.2010 17:44:24 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x5d000b93.

Error - 3.2.2010 17:44:37 | Computer Name = DOM-EC1C75A1A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

[ OSession Events ]
Error - 25.3.2011 10:22:36 | Computer Name = DOM-EC1C75A1A7E | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Pml Driver HPZ12 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrB byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Secunia Update Agent byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Windows User Mode Driver Framework byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7031
Description = Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.4.2011 13:45:10 | Computer Name = DOM-EC1C75A1A7E | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

< End of report >

#7 Příspěvek od **vyosek** » 14 dub 2011 20:32

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1409082233-1580436667-725345543-1006\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2009.08.07 18:51:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-10.xml
[2009.08.07 19:29:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-11.xml
[2009.09.25 11:40:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-12.xml
[2009.10.18 20:23:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-13.xml
[2009.11.07 19:09:02 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-14.xml
[2009.12.17 13:30:02 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-15.xml
[2008.12.22 00:05:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-2.xml
[2009.02.11 22:38:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-3.xml
[2009.03.08 17:41:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-4.xml
[2009.03.29 11:06:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-5.xml
[2009.04.25 21:43:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-6.xml
[2009.04.28 14:50:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-7.xml
[2009.06.13 18:27:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-8.xml
[2009.08.03 18:05:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-9.xml
[2008.11.18 14:56:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin.xml
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MĂRA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\BNBOS1NU.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O4 - HKLM..\RunOnce: [] File not found
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:88050731
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5F1019FF

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NBJ"=-
"PowerBar"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"RemoteControl"=-
"NeroFilterCheck"=-
 
:files
ji83j.exe /s
C:\WINDOWS\tasks\Norton Security Scan for Majitel.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1006.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Rohl · #8 Příspěvek od **Rohl** » 14 dub 2011 21:08

All processes killed
========== OTL ==========
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1409082233-1580436667-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1409082233-1580436667-725345543-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1580436667-725345543-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}\ deleted successfully.
C:\Program Files\Softonic_English_TC\prxtbSof0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-1580436667-725345543-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Ask" removed from browser.search.order.1
Prefs.js: "http://search.icq.com/search/afe_result ... id=afex&q=" removed from keyword.URL
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Míra\Data aplikací\Mozilla\Firefox\Profiles\bnbos1nu.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Documents and Settings\Míra\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}\ deleted successfully.
C:\Program Files\BS.Player ControlBar\BSToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
C:\WINDOWS\002530_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\ConduitEngine.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\drivers\OLDCC.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:88050731 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5F1019FF deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NBJ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PowerBar deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
========== FILES ==========
File\Folder ji83j.exe not found.
C:\WINDOWS\tasks\Norton Security Scan for Majitel.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1580436667-725345543-1006.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1580436667-725345543-1006.job moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP234.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP280.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A.tmp folder moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Majitel

User: Míra
->Temp folder emptied: 19211728 bytes
->Temporary Internet Files folder emptied: 165823 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 60206792 bytes
->Flash cache emptied: 1982 bytes

User: MÝra

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 53524832 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4998707 bytes

Total Files Cleaned = 132,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Majitel

User: Míra
->Flash cache emptied: 0 bytes

User: MÝra

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 04142011_220350

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 14 dub 2011 21:14

Jak se chova PC

Rohl · #10 Příspěvek od **Rohl** » 14 dub 2011 21:24

Šlape v pohodě.

#11 Příspěvek od **vyosek** » 14 dub 2011 21:28

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse

Rohl · #12 Příspěvek od **Rohl** » 14 dub 2011 21:37

Hotovo. Díky moc. Přeji hezký zbytek večera.

#13 Příspěvek od **vyosek** » 14 dub 2011 21:37

Nemate zac, rad jsem pomohl

Pekny vecer i Vam

Zase nekdy Obrázek

VIRY.CZ

Prosím o preventivku díky

Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky

Re: Prosím o preventivku díky