Dobrý večer ted veer mi najednou při spuštění mozilli začal bláznit počítač,nejdřív trojan a pak vir zachycen v truhle Mpokoa.exe a sshnas21.dll
zde log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jakub at 2010-04-09 23:51:10
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 26 GB (33%) free of 78 GB
Total RAM: 1024 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:38, on 9.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Jakub.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\VOLNY\akcelerator\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\VOLNY\akcelerator\originalAll.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A43005-71F7-4573-99E9-BB127039AF78}: NameServer = 160.218.43.200 160.218.10.200
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 7985 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-16 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-16 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2004-08-17 136704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"C:\Program Files\BitLord2\BitLord.exe"="C:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{928b6e16-fbd8-11de-a356-000c6ee59751}]
shell\AutoRun\command - "G:\WD SmartWare.exe" autoplay=true
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 2 months======
2010-04-09 23:51:10 ----D---- C:\rsit
2010-04-09 23:51:10 ----D---- C:\Program Files\trend micro
2010-04-08 22:40:51 ----D---- C:\Program Files\High-Logic
2010-04-07 23:03:31 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FontCreator
2010-04-01 07:50:29 ----D---- C:\Program Files\Rising Research
2010-03-11 23:26:57 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 00:37:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-03 19:03:42 ----D---- C:\Program Files\True Sword 5
2010-03-03 19:03:13 ----D---- C:\Program Files\Active Shield 5
2010-03-03 19:03:13 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Active Shield
2010-02-25 10:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-21 12:08:41 ----A---- C:\WINDOWS\disckeys.ini
2010-02-13 19:59:01 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\avidemux
2010-02-13 01:17:41 ----D---- C:\Temp
2010-02-13 01:15:58 ----D---- C:\Program Files\Winnydows
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-02-13 01:08:19 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-02-13 01:08:18 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-02-13 01:08:17 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FreeAudioPack
2010-02-13 01:08:17 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-02-13 01:08:17 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-02-13 01:08:17 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-02-10 23:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:43:35 ----D---- C:\d477299060703a4f4176eb48e0
2010-02-10 09:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 01:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 01:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 01:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 01:32:41 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
======List of files/folders modified in the last 2 months======
2010-04-09 23:51:12 ----D---- C:\WINDOWS\Prefetch
2010-04-09 23:51:10 ----RD---- C:\Program Files
2010-04-09 23:49:59 ----A---- C:\WINDOWS\ModemLog_Axesstel USB Modem.txt
2010-04-09 23:48:33 ----D---- C:\WINDOWS\temp
2010-04-09 23:47:40 ----D---- C:\Program Files\Mozilla Firefox
2010-04-09 23:47:15 ----D---- C:\WINDOWS
2010-04-09 23:44:25 ----AD---- C:\WINDOWS\system32
2010-04-09 23:43:32 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-09 23:43:26 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-09 23:32:23 ----SD---- C:\WINDOWS\Tasks
2010-04-09 23:13:44 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\vlc
2010-04-09 19:09:35 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\dvdcss
2010-04-08 23:40:20 ----SHD---- C:\WINDOWS\Installer
2010-04-08 23:39:22 ----SHD---- C:\Config.Msi
2010-04-08 23:39:11 ----D---- C:\Program Files\Common Files\ACD Systems
2010-04-06 23:10:05 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Adobe
2010-04-05 22:39:45 ----RSD---- C:\WINDOWS\Fonts
2010-04-04 21:06:38 ----A---- C:\WINDOWS\LEXICON.INI
2010-04-03 16:53:01 ----D---- C:\WINDOWS\system32\oodag
2010-03-30 22:42:35 ----HD---- C:\WINDOWS\inf
2010-03-30 22:42:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-30 22:42:22 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-30 22:42:22 ----D---- C:\Program Files\Internet Explorer
2010-03-30 22:42:10 ----D---- C:\WINDOWS\ie7updates
2010-03-30 22:12:02 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 08:11:21 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Canon
2010-03-28 12:08:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 09:27:23 ----A---- C:\WINDOWS\wincmd.ini
2010-03-19 00:44:24 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-11 14:36:24 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:36:23 ----N---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:36:22 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:36:22 ----N---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:36:21 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-11 00:56:32 ----D---- C:\WINDOWS\Debug
2010-03-10 15:17:16 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 15:17:16 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 00:37:43 ----D---- C:\Program Files\Movie Maker
2010-03-09 08:47:58 ----D---- C:\WINDOWS\Help
2010-03-02 07:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-27 18:42:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DVD Shrink
2010-02-23 18:35:47 ----D---- C:\WINDOWS\system32\drivers
2010-02-23 07:18:28 ----N---- C:\WINDOWS\system32\ieakui.dll
2010-02-19 18:39:53 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\DAEMON Tools Pro
2010-02-13 01:10:10 ----D---- C:\WINDOWS\system32\CatRoot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 DriverAS;Active Shield Kernel Part; \??\C:\Program Files\Active Shield 5\ActiveShield.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-06-27 3456]
R3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-06-27 40064]
R3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-09-20 38784]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-16 40960]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-03 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys []
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys []
S3 a0x9kuq8;a0x9kuq8; C:\WINDOWS\system32\drivers\a0x9kuq8.sys []
S3 aamydvuc;aamydvuc; C:\WINDOWS\system32\drivers\aamydvuc.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\catchme.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-03-31 27136]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-17 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-16 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EHttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-22 655360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zničeho nic, trojan a červ
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
Zdravím 
Doporučuji odinstalovat:
C:\Program Files\BitLord2\BitLord.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Doporučuji odinstalovat:C:\Program Files\BitLord2\BitLord.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe- Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
- Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
- Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
- Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
- Během skenování může být počítač restartován.
Re: zničeho nic, trojan a červ
dobrý den hledal jsem ten bitlord a nenešel jsem ho
ComboFix 10-04-09.06 - Jakub 10.04.2010 12:12:25.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1024.595 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100409-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall Pro *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-10 do 2010-04-10 )))))))))))))))))))))))))))))))
.
2010-04-01 05:50 . 2010-04-01 05:50 -------- d-----w- c:\program files\Rising Research
2010-03-11 21:26 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-08 21:39 . 2008-12-12 11:59 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-28 10:08 . 2001-10-25 14:00 75176 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 10:08 . 2001-10-25 14:00 423234 ----a-w- c:\windows\system32\perfh005.dat
2010-03-11 12:36 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2010-03-03 21:19 . 2010-03-03 17:03 -------- d-----w- c:\program files\Active Shield 5
2010-03-03 21:17 . 2010-03-03 17:03 -------- d-----w- c:\program files\True Sword 5
2010-02-13 17:53 . 2010-02-12 23:15 -------- d-----w- c:\program files\Winnydows
2007-09-20 02:45 . 2008-09-29 17:49 90112 -c--a-r- c:\program files\axesstel.dll
2007-09-20 02:45 . 2008-09-29 17:49 118784 ----a-r- c:\program files\MSP_Uninstall.exe
2009-05-23 12:54 . 2009-03-30 18:34 44040224 --sha-w- c:\windows\system32\drivers\fidbox.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 335872]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-17 136704]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0d
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2009 20:09 717296]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.10.2009 18:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.10.2009 18:58 20560]
R2 DriverAS;Active Shield Kernel Part;c:\program files\Active Shield 5\ActiveShield.sys [3.3.2010 19:03 20992]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 15:23 727720]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [7.10.2009 20:19 33792]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys --> c:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys --> c:\windows\system32\DRIVERS\cmdhlp.sys [?]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [28.3.2009 14:12 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [28.3.2009 14:45 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [28.3.2009 14:12 38784]
S3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [31.3.2009 19:29 27136]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Zobrazit originál - c:\program files\VOLNY\akcelerator\original.htm
IE: Zobrazit vše jako originál - c:\program files\VOLNY\akcelerator\originalAll.htm
FF - ProfilePath - c:\documents and settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\Musicnotes\npmusicn.dll
FF - plugin: c:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\program files\trend micro\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 12:23
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x867DB1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872fc3
\Driver\ACPI -> ACPI.sys @ 0xf76cdcb8
\Driver\atapi -> 0x867db1f8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf757dba0
PacketIndicateHandler -> NDIS.sys @ 0xf756ca0b
SendHandler -> NDIS.sys @ 0xf7580b31
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="810D3E11881EBD90DCD9538418B4AF0B25E3FCEE716A9DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D6794F30AB5D03473AE2A935D71AD6F5CF4EF430A105DC970AADC28E05BD8D48829C3AD7796BE806B49095D1351DB841E7ED0D056C40256FE82FCAF4BCEB32CAE8D85C135EE989852228E8435D8CA2F9CE662643F996AB72D13ABF1DD47097A38E589B7C9C6629287B3EC13489A63D346804DA7E5C8034618262458F7C86BA79016425C708C7305E31DEBD6050EE1DCFB41CD8921718E5C502DB7142BBBC22013A734BF9991F68D311E64DED70B57389745B03C7896A2D7D8BA4917BD6CC8D212457936688AECCC2B9EC50261D12A56624B5AB4ACA1289C2A085198AA8A0CB1D1C2BE57B3122AE606A79058F585112D1DB5432D2B5CDE8F3070DD1321AB71B70B14C50088245686E6675CBF1E2B1838798B74A51D77D69C4B720D4782C72D5EEAD1625025A36C55E82ED3D8962C23F11E7810DDD98476324EB493B766BA4B2593B87FAB7DD3BB859874348950D9E35F264AC65EEEFB77C2827DBAAA95C52A91982B99B939E0694C7852D0FA6E64E404A2F4E0EF9FB867C5A3B85DAC900D7CA804ABC269B3566C617F078E99CAE10369148EB89FDF7BA8B4E1766D0D0A994AF8D1649EE77CA6110295F2691670CE6E9E73D1BFC15AE5700F61EAEDDCE6D56C0FF323E8AB5626F6EE9B1D6EE722082CB4A99E776CEA0048D6B96E777442159281CF566CEABA0F90EBE030BFC4D25014C018F677F7A4B60F9376FAB66F6A884066BC168B2253FDA8C12DF714AD2C4ED4DC90036B044DD7F54E18B1EA2DE14BCBD889183C9201F4D7BE3AE636E0890D6DA6598B9271DB16029793D66A4FDF585EF9F6BB0640565910B0359483E37BF833402F813FE7010B8E80CF521BBECF8FF8EC380088F11B74136F41B8EE01C665CECDBFF5DA501CB04822A82F7A25CD376DD8F88BF235CA74FA50F3B27EC5E409BD7A2F225ED9C466B0936F9E98F22E76E26A54A60B5915E8B133D683CC81017F5074935F5A7642EE9E76E6F299D9765AD3CF5C3E2B73DD49F8F669D108CAFB44AA6BF72DF1DB93733A6CC725B652E1528FBD95E2405A3B6DE2001C66F0796BBC47965CAD5B84E8FE041B3E51BA18DE33B76B7949C92BFA9356B75531DF2C96AC71AE3228E3AD2901CA2F693707288FB54315F4CADF461B5C120BEEC2BEC2F9C0C9F1E208E8DA6D4B3656DDB88F474AF57EF96764A94FCE4EA3E938D08B634786C621C65B5E5104963F4223E0DCFB9A7407DD283665ADFED27049F2B5587762EE2F03AED54C9BECFDB3AAB6D90B913E96CE880086638E45362E2153EECAAA63D22160DC4E4D875E0236C987F3C917"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(480)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\oodag.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\CNAB4RPK.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-04-10 12:31:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-10 10:31
Před spuštěním: Volných bajtů: 26 697 453 568
Po spuštění: Volných bajtů: 26 570 215 424
- - End Of File - - 94B1C8B72D55E394653950099C1E774F
ComboFix 10-04-09.06 - Jakub 10.04.2010 12:12:25.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1024.595 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100409-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall Pro *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-10 do 2010-04-10 )))))))))))))))))))))))))))))))
.
2010-04-01 05:50 . 2010-04-01 05:50 -------- d-----w- c:\program files\Rising Research
2010-03-11 21:26 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-08 21:39 . 2008-12-12 11:59 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-28 10:08 . 2001-10-25 14:00 75176 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 10:08 . 2001-10-25 14:00 423234 ----a-w- c:\windows\system32\perfh005.dat
2010-03-11 12:36 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2010-03-03 21:19 . 2010-03-03 17:03 -------- d-----w- c:\program files\Active Shield 5
2010-03-03 21:17 . 2010-03-03 17:03 -------- d-----w- c:\program files\True Sword 5
2010-02-13 17:53 . 2010-02-12 23:15 -------- d-----w- c:\program files\Winnydows
2007-09-20 02:45 . 2008-09-29 17:49 90112 -c--a-r- c:\program files\axesstel.dll
2007-09-20 02:45 . 2008-09-29 17:49 118784 ----a-r- c:\program files\MSP_Uninstall.exe
2009-05-23 12:54 . 2009-03-30 18:34 44040224 --sha-w- c:\windows\system32\drivers\fidbox.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 335872]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-17 136704]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0d
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2009 20:09 717296]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.10.2009 18:58 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.10.2009 18:58 20560]
R2 DriverAS;Active Shield Kernel Part;c:\program files\Active Shield 5\ActiveShield.sys [3.3.2010 19:03 20992]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 15:23 727720]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [7.10.2009 20:19 33792]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys --> c:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys --> c:\windows\system32\DRIVERS\cmdhlp.sys [?]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [28.3.2009 14:12 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [28.3.2009 14:45 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [28.3.2009 14:12 38784]
S3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [31.3.2009 19:29 27136]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Zobrazit originál - c:\program files\VOLNY\akcelerator\original.htm
IE: Zobrazit vše jako originál - c:\program files\VOLNY\akcelerator\originalAll.htm
FF - ProfilePath - c:\documents and settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\Musicnotes\npmusicn.dll
FF - plugin: c:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\program files\trend micro\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 12:23
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x867DB1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872fc3
\Driver\ACPI -> ACPI.sys @ 0xf76cdcb8
\Driver\atapi -> 0x867db1f8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf757dba0
PacketIndicateHandler -> NDIS.sys @ 0xf756ca0b
SendHandler -> NDIS.sys @ 0xf7580b31
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="810D3E11881EBD90DCD9538418B4AF0B25E3FCEE716A9DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D6794F30AB5D03473AE2A935D71AD6F5CF4EF430A105DC970AADC28E05BD8D48829C3AD7796BE806B49095D1351DB841E7ED0D056C40256FE82FCAF4BCEB32CAE8D85C135EE989852228E8435D8CA2F9CE662643F996AB72D13ABF1DD47097A38E589B7C9C6629287B3EC13489A63D346804DA7E5C8034618262458F7C86BA79016425C708C7305E31DEBD6050EE1DCFB41CD8921718E5C502DB7142BBBC22013A734BF9991F68D311E64DED70B57389745B03C7896A2D7D8BA4917BD6CC8D212457936688AECCC2B9EC50261D12A56624B5AB4ACA1289C2A085198AA8A0CB1D1C2BE57B3122AE606A79058F585112D1DB5432D2B5CDE8F3070DD1321AB71B70B14C50088245686E6675CBF1E2B1838798B74A51D77D69C4B720D4782C72D5EEAD1625025A36C55E82ED3D8962C23F11E7810DDD98476324EB493B766BA4B2593B87FAB7DD3BB859874348950D9E35F264AC65EEEFB77C2827DBAAA95C52A91982B99B939E0694C7852D0FA6E64E404A2F4E0EF9FB867C5A3B85DAC900D7CA804ABC269B3566C617F078E99CAE10369148EB89FDF7BA8B4E1766D0D0A994AF8D1649EE77CA6110295F2691670CE6E9E73D1BFC15AE5700F61EAEDDCE6D56C0FF323E8AB5626F6EE9B1D6EE722082CB4A99E776CEA0048D6B96E777442159281CF566CEABA0F90EBE030BFC4D25014C018F677F7A4B60F9376FAB66F6A884066BC168B2253FDA8C12DF714AD2C4ED4DC90036B044DD7F54E18B1EA2DE14BCBD889183C9201F4D7BE3AE636E0890D6DA6598B9271DB16029793D66A4FDF585EF9F6BB0640565910B0359483E37BF833402F813FE7010B8E80CF521BBECF8FF8EC380088F11B74136F41B8EE01C665CECDBFF5DA501CB04822A82F7A25CD376DD8F88BF235CA74FA50F3B27EC5E409BD7A2F225ED9C466B0936F9E98F22E76E26A54A60B5915E8B133D683CC81017F5074935F5A7642EE9E76E6F299D9765AD3CF5C3E2B73DD49F8F669D108CAFB44AA6BF72DF1DB93733A6CC725B652E1528FBD95E2405A3B6DE2001C66F0796BBC47965CAD5B84E8FE041B3E51BA18DE33B76B7949C92BFA9356B75531DF2C96AC71AE3228E3AD2901CA2F693707288FB54315F4CADF461B5C120BEEC2BEC2F9C0C9F1E208E8DA6D4B3656DDB88F474AF57EF96764A94FCE4EA3E938D08B634786C621C65B5E5104963F4223E0DCFB9A7407DD283665ADFED27049F2B5587762EE2F03AED54C9BECFDB3AAB6D90B913E96CE880086638E45362E2153EECAAA63D22160DC4E4D875E0236C987F3C917"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(480)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\oodag.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\CNAB4RPK.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-04-10 12:31:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-10 10:31
Před spuštěním: Volných bajtů: 26 697 453 568
Po spuštění: Volných bajtů: 26 570 215 424
- - End Of File - - 94B1C8B72D55E394653950099C1E774F
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
Použijte odinstalátor ESETu http://www.viry.cz/forum/viewtopic.php?f=29&t=42886 Odinstalujte všechny emulátory virtuálních mechanik. Stáhněte SPTD http://www.duplexsecure.com/en/downloads
- Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
- zvolte možnost Uninstall a restartujte PC.
Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
- Klikněte na "Disable" a restartujte PC.
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Re: zničeho nic, trojan a červ
dobrý den všechny kroky provedeny, ale byl jsem velmi neuspěšný
odinstalátor jsem nepochopil a ten bitlord tam prostě už není..
duplex nefungueje píše není platná aplikace win 32 a to jsem stáhnul tu správnou verzi
s tou mechanikou a emulátoramato snad prošlo a odpojil jsem to
poslední ukol proběhnul během chvilešky a na nic je mě to neptalo, ani jsem nic nevkládal, tady je log
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
odinstalátor jsem nepochopil a ten bitlord tam prostě už není..
duplex nefungueje píše není platná aplikace win 32 a to jsem stáhnul tu správnou verzi
s tou mechanikou a emulátoramato snad prošlo a odpojil jsem to
poslední ukol proběhnul během chvilešky a na nic je mě to neptalo, ani jsem nic nevkládal, tady je log
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
OK
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe
Start > Spustit (Win + R)
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Re: zničeho nic, trojan a červ
probíhá to stejně, divně jen asi na1/10 sekundy vyskočí taková tabulka a konec, jinak nevím co to je win+R
ještě taková zvláštnost když jsem ráno zapnul počítač tak šly všechny zvuky - písničky i video velmi potichu, pouštim to přes věž, ted je to už dobré...
ještě taková zvláštnost když jsem ráno zapnul počítač tak šly všechny zvuky - písničky i video velmi potichu, pouštim to přes věž, ted je to už dobré...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-10 14:19:33
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\kgdyqkoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-10 20:03:52
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\kgdyqkoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwAssignProcessToJobObject [0xEC5F35F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEEEB56B8]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwCreateFile [0xEC5F3A3A]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwCreateKey [0xEC5F3EBC]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteFile [0xEC5F3CBE]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteKey [0xEC5F40A0]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteValueKey [0xEC5F41AE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xEEEB514C]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwLoadDriver [0xEC5F465C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEEEB564E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwOpenProcess [0xEC5F335C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xEEEB50F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEEEB576E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwReplaceKey [0xEC5F42CE]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwRestoreKey [0xEC5F43F4]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwSetInformationFile [0xEC5F3B88]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwSetValueKey [0xEC5F4520]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwTerminateProcess [0xEC5F5416]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwUnloadDriver [0xEC5F472E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwWriteVirtualMemory [0xEC5F3D9C]
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[504] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003C0002
IAT C:\WINDOWS\system32\services.exe[504] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003C0000
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0xF3 0x3E 0x86 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x58 0x21 0xE7 0xF4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF9 0x1E 0xA2 0x3D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0xF3 0x3E 0x86 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x58 0x21 0xE7 0xF4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF9 0x1E 0xA2 0x3D ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION 810D3E11881EBD90DCD9538418B4AF0B25E3FCEE716A9DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D6794F30AB5D03473AE2A935D71AD6F5CF4EF430A105DC970AADC28E05BD8D48829C3AD7796BE806B49095D1351DB841E7ED0D056C40256FE82FCAF4BCEB32CAE8D85C135EE989852228E8435D8CA2F9CE662643F996AB72D13ABF1DD47097A38E589B7C9C6629287B3EC13489A63D346804DA7E5C8034618262458F7C86BA79016425C708C7305E31DEBD6050EE1DCFB41CD8921718E5C502DB7142BBBC22013A734BF9991F68D311E64DED70B57389745B03C7896A2D7D8BA4917BD6CC8D212457936688AECCC2B9EC50261D12A56624B5AB4ACA1289C2A085198AA8A0CB1D1C2BE57B3122AE606A79058F585112D1DB5432D2B5CDE8F3070DD1321AB71B70B14C50088245686E6675CBF1E2B1838798B74A51D77D69C4B720D4782C72D5EEAD1625025A36C55E82ED3D8962C23F11E7810DDD98476324EB493B766BA4B2593B87FAB7DD3BB859874348950D9E35F264AC65EEEFB77C2827DBAAA95C52A91982B99B939E0694C7852D0FA6E64E404A2F4E0EF9FB867C5A3B85DAC900D7CA804ABC269B3566C617F078E99CAE10369148EB89FDF7BA8B4E1766D0
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2010-04-10 14:19:33
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\kgdyqkoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-10 20:03:52
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\kgdyqkoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwAssignProcessToJobObject [0xEC5F35F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEEEB56B8]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwCreateFile [0xEC5F3A3A]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwCreateKey [0xEC5F3EBC]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteFile [0xEC5F3CBE]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteKey [0xEC5F40A0]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwDeleteValueKey [0xEC5F41AE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xEEEB514C]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwLoadDriver [0xEC5F465C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEEEB564E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwOpenProcess [0xEC5F335C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xEEEB50F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEEEB576E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwReplaceKey [0xEC5F42CE]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwRestoreKey [0xEC5F43F4]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwSetInformationFile [0xEC5F3B88]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwSetValueKey [0xEC5F4520]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwTerminateProcess [0xEC5F5416]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwUnloadDriver [0xEC5F472E]
SSDT \??\C:\Program Files\Active Shield 5\ActiveShield.sys ZwWriteVirtualMemory [0xEC5F3D9C]
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\JAKUB~1.JAK\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[504] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003C0002
IAT C:\WINDOWS\system32\services.exe[504] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003C0000
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0xF3 0x3E 0x86 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x58 0x21 0xE7 0xF4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF9 0x1E 0xA2 0x3D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0xF3 0x3E 0x86 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x58 0x21 0xE7 0xF4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xF9 0x1E 0xA2 0x3D ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION 810D3E11881EBD90DCD9538418B4AF0B25E3FCEE716A9DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D6794F30AB5D03473AE2A935D71AD6F5CF4EF430A105DC970AADC28E05BD8D48829C3AD7796BE806B49095D1351DB841E7ED0D056C40256FE82FCAF4BCEB32CAE8D85C135EE989852228E8435D8CA2F9CE662643F996AB72D13ABF1DD47097A38E589B7C9C6629287B3EC13489A63D346804DA7E5C8034618262458F7C86BA79016425C708C7305E31DEBD6050EE1DCFB41CD8921718E5C502DB7142BBBC22013A734BF9991F68D311E64DED70B57389745B03C7896A2D7D8BA4917BD6CC8D212457936688AECCC2B9EC50261D12A56624B5AB4ACA1289C2A085198AA8A0CB1D1C2BE57B3122AE606A79058F585112D1DB5432D2B5CDE8F3070DD1321AB71B70B14C50088245686E6675CBF1E2B1838798B74A51D77D69C4B720D4782C72D5EEAD1625025A36C55E82ED3D8962C23F11E7810DDD98476324EB493B766BA4B2593B87FAB7DD3BB859874348950D9E35F264AC65EEEFB77C2827DBAAA95C52A91982B99B939E0694C7852D0FA6E64E404A2F4E0EF9FB867C5A3B85DAC900D7CA804ABC269B3566C617F078E99CAE10369148EB89FDF7BA8B4E1766D0
---- EOF - GMER 1.0.15 ----
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
Zvuku už jde normálně hlasitě, vypalovačka funguje, zdá se vše ok.Ale ten předchozí test trval uřčitě 2 hodiny...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jakub at 2010-04-11 17:48:54
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (40%) free of 78 GB
Total RAM: 1024 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:46:14, on 10.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\VOLNY\akcelerator\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\VOLNY\akcelerator\originalAll.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A43005-71F7-4573-99E9-BB127039AF78}: NameServer = 160.218.43.200 160.218.10.200
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 7998 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-16 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-16 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2004-08-17 136704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
======List of files/folders created in the last 1 months======
2010-04-11 17:48:54 ----D---- C:\rsit
2010-04-10 13:37:13 ----SHD---- C:\RECYCLER
2010-04-10 13:03:39 ----A---- C:\WINDOWS\rafazon.bat
2010-04-10 13:03:38 ----AD---- C:\rafazon
2010-04-07 23:03:31 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FontCreator
2010-04-01 07:50:29 ----D---- C:\Program Files\Rising Research
======List of files/folders modified in the last 1 months======
2010-04-11 17:48:41 ----A---- C:\WINDOWS\ModemLog_Axesstel USB Modem.txt
2010-04-11 17:46:27 ----D---- C:\Program Files\Mozilla Firefox
2010-04-11 16:43:26 ----D---- C:\WINDOWS\temp
2010-04-11 16:43:20 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\vlc
2010-04-11 16:14:12 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Adobe
2010-04-11 16:03:14 ----D---- C:\WINDOWS\Prefetch
2010-04-11 14:42:55 ----D---- C:\WINDOWS
2010-04-11 10:52:53 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-10 21:02:19 ----SHD---- C:\System Volume Information
2010-04-10 21:02:19 ----D---- C:\WINDOWS\system32\Restore
2010-04-10 14:28:54 ----A---- C:\WINDOWS\wincmd.ini
2010-04-10 13:16:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\FLEXnet
2010-04-10 13:15:20 ----D---- C:\Documents and Settings
2010-04-10 13:13:14 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-10 12:31:57 ----D---- C:\WINDOWS\system32\drivers
2010-04-10 12:30:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-10 12:22:10 ----A---- C:\WINDOWS\system.ini
2010-04-10 12:19:14 ----D---- C:\WINDOWS\system32\config
2010-04-10 12:18:00 ----SD---- C:\WINDOWS\Tasks
2010-04-10 12:15:56 ----D---- C:\WINDOWS\AppPatch
2010-04-10 12:15:56 ----AD---- C:\WINDOWS\system32
2010-04-10 12:15:53 ----D---- C:\Program Files\Common Files
2010-04-10 00:05:40 ----RD---- C:\Program Files
2010-04-09 19:09:35 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\dvdcss
2010-04-08 23:40:20 ----SHD---- C:\WINDOWS\Installer
2010-04-08 23:39:22 ----D---- C:\Config.Msi
2010-04-08 23:39:11 ----D---- C:\Program Files\Common Files\ACD Systems
2010-04-05 22:39:45 ----RSD---- C:\WINDOWS\Fonts
2010-04-04 21:06:38 ----A---- C:\WINDOWS\LEXICON.INI
2010-04-03 16:53:01 ----D---- C:\WINDOWS\system32\oodag
2010-03-30 22:42:35 ----HD---- C:\WINDOWS\inf
2010-03-30 22:42:22 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-30 22:42:22 ----D---- C:\Program Files\Internet Explorer
2010-03-30 22:42:10 ----D---- C:\WINDOWS\ie7updates
2010-03-30 22:12:02 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 08:11:21 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Canon
2010-03-28 12:08:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-19 00:44:24 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 DriverAS;Active Shield Kernel Part; \??\C:\Program Files\Active Shield 5\ActiveShield.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-16 40960]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-03 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys []
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys []
S3 aamydvuc;aamydvuc; C:\WINDOWS\system32\drivers\aamydvuc.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-06-27 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-06-27 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-09-20 38784]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-03-31 27136]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-03-31 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-16 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-22 655360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Jakub at 2010-04-11 17:48:54
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (40%) free of 78 GB
Total RAM: 1024 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:46:14, on 10.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\VOLNY\akcelerator\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\VOLNY\akcelerator\originalAll.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A43005-71F7-4573-99E9-BB127039AF78}: NameServer = 160.218.43.200 160.218.10.200
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 7998 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-16 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-16 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2004-08-17 136704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
======List of files/folders created in the last 1 months======
2010-04-11 17:48:54 ----D---- C:\rsit
2010-04-10 13:37:13 ----SHD---- C:\RECYCLER
2010-04-10 13:03:39 ----A---- C:\WINDOWS\rafazon.bat
2010-04-10 13:03:38 ----AD---- C:\rafazon
2010-04-07 23:03:31 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FontCreator
2010-04-01 07:50:29 ----D---- C:\Program Files\Rising Research
======List of files/folders modified in the last 1 months======
2010-04-11 17:48:41 ----A---- C:\WINDOWS\ModemLog_Axesstel USB Modem.txt
2010-04-11 17:46:27 ----D---- C:\Program Files\Mozilla Firefox
2010-04-11 16:43:26 ----D---- C:\WINDOWS\temp
2010-04-11 16:43:20 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\vlc
2010-04-11 16:14:12 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Adobe
2010-04-11 16:03:14 ----D---- C:\WINDOWS\Prefetch
2010-04-11 14:42:55 ----D---- C:\WINDOWS
2010-04-11 10:52:53 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-10 21:02:19 ----SHD---- C:\System Volume Information
2010-04-10 21:02:19 ----D---- C:\WINDOWS\system32\Restore
2010-04-10 14:28:54 ----A---- C:\WINDOWS\wincmd.ini
2010-04-10 13:16:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\FLEXnet
2010-04-10 13:15:20 ----D---- C:\Documents and Settings
2010-04-10 13:13:14 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-10 12:31:57 ----D---- C:\WINDOWS\system32\drivers
2010-04-10 12:30:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-10 12:22:10 ----A---- C:\WINDOWS\system.ini
2010-04-10 12:19:14 ----D---- C:\WINDOWS\system32\config
2010-04-10 12:18:00 ----SD---- C:\WINDOWS\Tasks
2010-04-10 12:15:56 ----D---- C:\WINDOWS\AppPatch
2010-04-10 12:15:56 ----AD---- C:\WINDOWS\system32
2010-04-10 12:15:53 ----D---- C:\Program Files\Common Files
2010-04-10 00:05:40 ----RD---- C:\Program Files
2010-04-09 19:09:35 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\dvdcss
2010-04-08 23:40:20 ----SHD---- C:\WINDOWS\Installer
2010-04-08 23:39:22 ----D---- C:\Config.Msi
2010-04-08 23:39:11 ----D---- C:\Program Files\Common Files\ACD Systems
2010-04-05 22:39:45 ----RSD---- C:\WINDOWS\Fonts
2010-04-04 21:06:38 ----A---- C:\WINDOWS\LEXICON.INI
2010-04-03 16:53:01 ----D---- C:\WINDOWS\system32\oodag
2010-03-30 22:42:35 ----HD---- C:\WINDOWS\inf
2010-03-30 22:42:22 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-30 22:42:22 ----D---- C:\Program Files\Internet Explorer
2010-03-30 22:42:10 ----D---- C:\WINDOWS\ie7updates
2010-03-30 22:12:02 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 08:11:21 ----D---- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Canon
2010-03-28 12:08:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-19 00:44:24 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 DriverAS;Active Shield Kernel Part; \??\C:\Program Files\Active Shield 5\ActiveShield.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-16 40960]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-03 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys []
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys []
S3 aamydvuc;aamydvuc; C:\WINDOWS\system32\drivers\aamydvuc.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-06-27 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-06-27 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-09-20 38784]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-03-31 27136]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-03-31 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-16 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-22 655360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zničeho nic, trojan a červ
Jaký budete používat antivir 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte program, poté klikněte na Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: zničeho nic, trojan a červ
používám ted avast, po tom co jsem měl zkušební verzi nod32 , která nešla odistalovat.....
OTL
OTL logfile created on: 11.4.2010 23:00:17 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 024,00 Mb Total Physical Memory | 578,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 30,32 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 74,53 Gb Total Space | 1,96 Gb Free Space | 2,63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB-B72ACBE07
Current User Name: Jakub
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.11 22:59:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.08 22:38:34 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.09.04 06:02:24 | 001,295,616 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2008.09.01 00:50:20 | 000,062,848 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB4RPK.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.05.11 02:46:02 | 000,200,069 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
PRC - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (SafeList) ==========
MOD - [2010.04.11 22:59:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.22 12:39:15 | 000,655,360 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.09.04 06:02:24 | 001,295,616 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - [2009.12.24 13:38:16 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Active Shield 5\ActiveShield.sys -- (DriverAS)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.03.31 20:09:32 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.03.31 19:29:18 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2007.09.20 04:46:02 | 000,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV - [2007.06.27 17:31:22 | 000,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.06.27 17:31:22 | 000,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV - [2006.05.03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.08 22:38:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.08 22:38:40 | 000,000,000 | ---D | M]
[2009.04.05 10:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Extensions
[2010.04.11 14:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\extensions
[2009.09.02 22:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.05.29 19:41:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.02.28 14:47:13 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.28 14:47:13 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.28 14:47:13 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.28 14:47:13 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.28 14:47:13 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.10 12:21:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Přidat do stávajícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\VOLNY\akcelerator\original.htm ()
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\VOLNY\akcelerator\originalall.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\ACD Systems\ACDSee\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\ACD Systems\ACDSee\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.02 23:06:59 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.03.02 23:06:59 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{928b6e16-fbd8-11de-a356-000c6ee59751}\Shell - "" = AutoRun
O33 - MountPoints2\{928b6e16-fbd8-11de-a356-000c6ee59751}\Shell\AutoRun\command - "" = E:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (d) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.11 17:48:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.11 15:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\akce
[2010.04.11 14:50:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\duben stavba
[2010.04.11 14:43:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Recent
[2010.04.10 13:37:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.10 13:03:38 | 000,000,000 | ---D | C] -- C:\rafazon
[2010.04.07 23:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FontCreator
[2010.04.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\inpirace obal
[2010.04.03 23:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\rw2
[2010.04.01 07:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Rising Research
[2010.03.28 23:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\kavka foto
[2010.03.17 23:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\covers cd
[2010.03.15 18:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\piano videa
[2009.04.03 22:56:56 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.sys
[2008.09.29 19:49:05 | 000,090,112 | R--- | C] (Axesstel) -- C:\Program Files\axesstel.dll
[2008.04.06 12:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2006.08.06 21:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2006.08.06 21:15:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2006.08.06 21:15:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.11 20:57:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.11 20:57:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.11 20:56:53 | 1073,319,936 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.11 20:56:50 | 001,116,098 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.11 17:51:52 | 014,942,208 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat
[2010.04.11 17:51:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.ini
[2010.04.11 16:14:09 | 000,032,331 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo-prac.jpg
[2010.04.11 16:13:26 | 017,093,934 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo prac.psd
[2010.04.11 15:19:04 | 000,000,544 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2010.04.11 15:07:56 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Microsoft Office Word 2003 (2).lnk
[2010.04.10 22:07:06 | 003,481,073 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo1.psd
[2010.04.10 22:06:19 | 000,640,817 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo.psd
[2010.04.10 14:28:54 | 000,005,281 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.04.10 13:46:54 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\defogger_reenable
[2010.04.10 13:32:36 | 000,000,048 | ---- | M] () -- C:\WINDOWS\rafazon.bat
[2010.04.10 12:22:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.08 22:40:58 | 000,000,146 | ---- | M] () -- C:\WINDOWS\fcp5.cfg
[2010.04.06 22:49:37 | 001,476,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.06 22:49:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.05 22:44:36 | 000,034,768 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.04.04 21:06:38 | 000,000,269 | ---- | M] () -- C:\WINDOWS\LEXICON.INI
[2010.04.03 14:23:58 | 000,002,780 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\mainhst.zgh
[2010.04.01 23:12:53 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Jak na MYSPACE.doc
[2010.03.28 12:08:22 | 001,003,168 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 12:08:22 | 000,426,070 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 12:08:22 | 000,423,234 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 12:08:22 | 000,075,176 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 12:08:22 | 000,065,080 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.19 00:44:24 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.16 19:30:34 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Zástupce - Stažené soubory.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.11 16:14:08 | 000,032,331 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo-prac.jpg
[2010.04.11 08:44:20 | 017,093,934 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo prac.psd
[2010.04.10 22:07:06 | 003,481,073 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo1.psd
[2010.04.10 22:06:19 | 000,640,817 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo.psd
[2010.04.10 13:46:43 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\defogger_reenable
[2010.04.10 13:20:06 | 1073,319,936 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.10 13:03:39 | 000,000,048 | ---- | C] () -- C:\WINDOWS\rafazon.bat
[2010.04.07 23:03:40 | 000,000,146 | ---- | C] () -- C:\WINDOWS\fcp5.cfg
[2010.04.01 23:12:53 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Jak na MYSPACE.doc
[2010.03.16 19:30:34 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Zástupce - Stažené soubory.lnk
[2010.02.21 12:08:41 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disckeys.ini
[2009.10.23 23:21:19 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.10.09 19:51:38 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC.dll
[2009.09.29 20:50:26 | 014,942,208 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat
[2009.09.09 18:15:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.08.22 18:32:41 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\wiaserva.log
[2009.07.24 22:41:49 | 000,000,269 | ---- | C] () -- C:\WINDOWS\LEXICON.INI
[2009.07.20 17:23:11 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Musician.INI
[2009.06.17 21:58:34 | 000,001,160 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2009.06.12 18:12:58 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\.rnd
[2009.06.09 20:03:54 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.06.07 13:42:25 | 000,005,281 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.02 20:59:20 | 000,044,098 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\usrlgo.bmp
[2009.05.29 17:10:48 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\default.pls
[2009.05.08 19:53:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009.05.08 19:53:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\cygz.dll
[2009.04.19 21:58:40 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.04.11 21:02:29 | 000,002,780 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\mainhst.zgh
[2009.04.10 22:21:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.03 22:57:10 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.log
[2009.04.03 22:56:56 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.cat
[2009.04.03 22:56:56 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.inf
[2009.04.02 19:30:23 | 000,003,572 | ---- | C] () -- C:\WINDOWS\System32\CNAB4UN.INI
[2009.04.01 18:56:02 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009.04.01 18:54:50 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PS_setup.ini
[2009.03.30 22:36:36 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.03.29 12:51:36 | 000,003,289 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.03.29 12:51:29 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.03.29 12:18:55 | 000,146,944 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.28 13:39:07 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat.LOG
[2009.03.28 13:39:07 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.29 19:49:05 | 000,118,784 | R--- | C] () -- C:\Program Files\MSP_Uninstall.exe
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
========== Files - Unicode (All) ==========
[2009.06.12 18:26:29 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
[2009.06.12 18:26:29 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
[2009.06.12 18:26:28 | 000,000,000 | ---D | M](C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
[2009.06.12 18:26:28 | 000,000,000 | ---D | M](C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
(C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
(C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
< End of report >
EXTRA
OTL Extras logfile created on: 11.4.2010 23:00:17 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 024,00 Mb Total Physical Memory | 578,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 30,32 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 74,53 Gb Total Space | 1,96 Gb Free Space | 2,63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB-B72ACBE07
Current User Name: Jakub
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}" = Canon CanoScan Toolbox 4.5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{230CCBE9-14B0-4008-97AF-30C10F99E42C}" = ArcSoft PhotoStudio 5.5
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{739CE62B-2893-4D89-8BF8-9B4034633DB6}" = Adobe Setup
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7EDFCB74-81C0-4FB6-9FDF-1BC7CD098638}" = Adobe InDesign CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{87AE7C09-B0B4-4BAC-AADB-50A1EAD03768}" = Adobe Flash Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5FB086B-B602-4452-8FE9-DF6BFBCE3D09}" = Steinberg Cubase Studio 4
"{AC76BA86-1029-0000-7760-000000000003}" = Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AE6BE2FE-5D3D-4FA0-98BC-57B7B78493F4}" = Adobe Flash CS3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.83
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E2C00C8C-3D0C-40DF-BC67-44321C9E1029}" = Nero 8
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}" = O&O Defrag Professional Edition
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{ED95B55C-4759-4242-85DE-EAD1DA7AB090}" = Adobe Dreamweaver CS3
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0703991-E476-4997-98C6-239E67FC9944}" = Adobe Creative Suite 3 Design Premium
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak" = Adobe Acrobat 8.1.2 Professional
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_1e533f03b8b42b2b6a1aba5a0b9d358" = Přidat nebo odebrat Adobe Creative Suite 3 Design Premium
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"All ATI Software" = ATI - Software Uninstall Utility
"AMP Font Viewer" = AMP Font Viewer
"AsusUpdate" = AsusUpdate
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"Axesstel Data Modem Driver" = Axesstel Data Modem Driver
"Canon LBP2900" = Canon LBP2900
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2
"GonVisor_is1" = GonVisor 1.73
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"MetroGnome_is1" = MetroGnome
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Porsche Design Studio" = Porsche Design Studio Screen Saver
"Reason4_is1" = Reason 4.0
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Switch" = Switch Sound File Converter
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.2
"VOLNÝ internet akcelerátor_is1" = VOLNÝ internet akcelerátor 1.0
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 7.11.2009 17:41:49 | Computer Name = JAKUB-B72ACBE07 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.cz/complete/sear ... ghar&cp=13
failed, 0000A413.
Error - 8.11.2009 6:07:41 | Computer Name = JAKUB-B72ACBE07 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://suggestqueries.google.com/comple ... tera&cp=22
failed, 0000A413.
[ Application Events ]
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 7:43:46 | Computer Name = JAKUB-B72ACBE07 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 10.4.2010 18:04:48 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\MSAxp.dll na řádku 9.
Error - 10.4.2010 18:04:48 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\MSAxp.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 10.4.2010 18:25:12 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\msa.dll na řádku 9.
Error - 10.4.2010 18:25:12 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\msa.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 10.4.2010 18:25:13 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\MSAxp.dll na řádku 9.
Error - 10.4.2010 18:25:13 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\MSAxp.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 11.4.2010 2:31:42 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 4:38:03 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 7:44:03 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 14:58:25 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
< End of report >
OTL
OTL logfile created on: 11.4.2010 23:00:17 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 024,00 Mb Total Physical Memory | 578,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 30,32 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 74,53 Gb Total Space | 1,96 Gb Free Space | 2,63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB-B72ACBE07
Current User Name: Jakub
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.11 22:59:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.08 22:38:34 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.09.04 06:02:24 | 001,295,616 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2008.09.01 00:50:20 | 000,062,848 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB4RPK.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.05.11 02:46:02 | 000,200,069 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
PRC - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (SafeList) ==========
MOD - [2010.04.11 22:59:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.22 12:39:15 | 000,655,360 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.09.04 06:02:24 | 001,295,616 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - [2009.12.24 13:38:16 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Active Shield 5\ActiveShield.sys -- (DriverAS)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.03.31 20:09:32 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.03.31 19:29:18 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2007.09.20 04:46:02 | 000,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV - [2007.06.27 17:31:22 | 000,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.06.27 17:31:22 | 000,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV - [2006.05.03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.08 22:38:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.08 22:38:40 | 000,000,000 | ---D | M]
[2009.04.05 10:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Extensions
[2010.04.11 14:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\extensions
[2009.09.02 22:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\Mozilla\Firefox\Profiles\fqlqu7yq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.05.29 19:41:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.02.28 14:47:13 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.28 14:47:13 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.28 14:47:13 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.28 14:47:13 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.28 14:47:13 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.10 12:21:43 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Přidat do stávajícího PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\VOLNY\akcelerator\original.htm ()
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\VOLNY\akcelerator\originalall.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\ACD Systems\ACDSee\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\ACD Systems\ACDSee\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.02 23:06:59 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.03.02 23:06:59 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{928b6e16-fbd8-11de-a356-000c6ee59751}\Shell - "" = AutoRun
O33 - MountPoints2\{928b6e16-fbd8-11de-a356-000c6ee59751}\Shell\AutoRun\command - "" = E:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (d) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.11 17:48:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.11 15:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\akce
[2010.04.11 14:50:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\duben stavba
[2010.04.11 14:43:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Recent
[2010.04.10 13:37:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.10 13:03:38 | 000,000,000 | ---D | C] -- C:\rafazon
[2010.04.07 23:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\FontCreator
[2010.04.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\inpirace obal
[2010.04.03 23:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\rw2
[2010.04.01 07:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Rising Research
[2010.03.28 23:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\kavka foto
[2010.03.17 23:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\covers cd
[2010.03.15 18:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\piano videa
[2009.04.03 22:56:56 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.sys
[2008.09.29 19:49:05 | 000,090,112 | R--- | C] (Axesstel) -- C:\Program Files\axesstel.dll
[2008.04.06 12:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2006.08.06 21:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2006.08.06 21:15:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2006.08.06 21:15:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.11 20:57:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.11 20:57:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.11 20:56:53 | 1073,319,936 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.11 20:56:50 | 001,116,098 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.11 17:51:52 | 014,942,208 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat
[2010.04.11 17:51:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.ini
[2010.04.11 16:14:09 | 000,032,331 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo-prac.jpg
[2010.04.11 16:13:26 | 017,093,934 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo prac.psd
[2010.04.11 15:19:04 | 000,000,544 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2010.04.11 15:07:56 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Microsoft Office Word 2003 (2).lnk
[2010.04.10 22:07:06 | 003,481,073 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo1.psd
[2010.04.10 22:06:19 | 000,640,817 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo.psd
[2010.04.10 14:28:54 | 000,005,281 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.04.10 13:46:54 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\defogger_reenable
[2010.04.10 13:32:36 | 000,000,048 | ---- | M] () -- C:\WINDOWS\rafazon.bat
[2010.04.10 12:22:10 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.08 22:40:58 | 000,000,146 | ---- | M] () -- C:\WINDOWS\fcp5.cfg
[2010.04.06 22:49:37 | 001,476,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.06 22:49:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.05 22:44:36 | 000,034,768 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.04.04 21:06:38 | 000,000,269 | ---- | M] () -- C:\WINDOWS\LEXICON.INI
[2010.04.03 14:23:58 | 000,002,780 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\mainhst.zgh
[2010.04.01 23:12:53 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Jak na MYSPACE.doc
[2010.03.28 12:08:22 | 001,003,168 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 12:08:22 | 000,426,070 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 12:08:22 | 000,423,234 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 12:08:22 | 000,075,176 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 12:08:22 | 000,065,080 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.19 00:44:24 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.16 19:30:34 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Zástupce - Stažené soubory.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.11 16:14:08 | 000,032,331 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo-prac.jpg
[2010.04.11 08:44:20 | 017,093,934 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo prac.psd
[2010.04.10 22:07:06 | 003,481,073 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo1.psd
[2010.04.10 22:06:19 | 000,640,817 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\logo.psd
[2010.04.10 13:46:43 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\defogger_reenable
[2010.04.10 13:20:06 | 1073,319,936 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.10 13:03:39 | 000,000,048 | ---- | C] () -- C:\WINDOWS\rafazon.bat
[2010.04.07 23:03:40 | 000,000,146 | ---- | C] () -- C:\WINDOWS\fcp5.cfg
[2010.04.01 23:12:53 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Jak na MYSPACE.doc
[2010.03.16 19:30:34 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Plocha\Zástupce - Stažené soubory.lnk
[2010.02.21 12:08:41 | 000,000,121 | ---- | C] () -- C:\WINDOWS\disckeys.ini
[2009.10.23 23:21:19 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.10.09 19:51:38 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC.dll
[2009.09.29 20:50:26 | 014,942,208 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat
[2009.09.09 18:15:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.08.22 18:32:41 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\wiaserva.log
[2009.07.24 22:41:49 | 000,000,269 | ---- | C] () -- C:\WINDOWS\LEXICON.INI
[2009.07.20 17:23:11 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Musician.INI
[2009.06.17 21:58:34 | 000,001,160 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2009.06.12 18:12:58 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\.rnd
[2009.06.09 20:03:54 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.06.07 13:42:25 | 000,005,281 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.02 20:59:20 | 000,044,098 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\usrlgo.bmp
[2009.05.29 17:10:48 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\default.pls
[2009.05.08 19:53:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009.05.08 19:53:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\cygz.dll
[2009.04.19 21:58:40 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.04.11 21:02:29 | 000,002,780 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\mainhst.zgh
[2009.04.10 22:21:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.03 22:57:10 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.log
[2009.04.03 22:56:56 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.cat
[2009.04.03 22:56:56 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Data aplikací\pcouffin.inf
[2009.04.02 19:30:23 | 000,003,572 | ---- | C] () -- C:\WINDOWS\System32\CNAB4UN.INI
[2009.04.01 18:56:02 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009.04.01 18:54:50 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PS_setup.ini
[2009.03.30 22:36:36 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.03.29 12:51:36 | 000,003,289 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.03.29 12:51:29 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.03.29 12:18:55 | 000,146,944 | ---- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.28 13:39:07 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.dat.LOG
[2009.03.28 13:39:07 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\ntuser.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.29 19:49:05 | 000,118,784 | R--- | C] () -- C:\Program Files\MSP_Uninstall.exe
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
========== Files - Unicode (All) ==========
[2009.06.12 18:26:29 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
[2009.06.12 18:26:29 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
[2009.06.12 18:26:28 | 000,000,000 | ---D | M](C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
[2009.06.12 18:26:28 | 000,000,000 | ---D | M](C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
(C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikac??) -- C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\data aplikacᅢᆳ
(C:\Documents and Settings\All Users.WINDOWS\data aplikac??) -- C:\Documents and Settings\All Users.WINDOWS\data aplikacᅢᆳ
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
< End of report >
EXTRA
OTL Extras logfile created on: 11.4.2010 23:00:17 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Jakub.JAKUB-B72ACBE07\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 024,00 Mb Total Physical Memory | 578,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 30,32 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 74,53 Gb Total Space | 1,96 Gb Free Space | 2,63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB-B72ACBE07
Current User Name: Jakub
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}" = Canon CanoScan Toolbox 4.5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{230CCBE9-14B0-4008-97AF-30C10F99E42C}" = ArcSoft PhotoStudio 5.5
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{739CE62B-2893-4D89-8BF8-9B4034633DB6}" = Adobe Setup
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7EDFCB74-81C0-4FB6-9FDF-1BC7CD098638}" = Adobe InDesign CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{87AE7C09-B0B4-4BAC-AADB-50A1EAD03768}" = Adobe Flash Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5FB086B-B602-4452-8FE9-DF6BFBCE3D09}" = Steinberg Cubase Studio 4
"{AC76BA86-1029-0000-7760-000000000003}" = Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AE6BE2FE-5D3D-4FA0-98BC-57B7B78493F4}" = Adobe Flash CS3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.83
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E2C00C8C-3D0C-40DF-BC67-44321C9E1029}" = Nero 8
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}" = O&O Defrag Professional Edition
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{ED95B55C-4759-4242-85DE-EAD1DA7AB090}" = Adobe Dreamweaver CS3
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0703991-E476-4997-98C6-239E67FC9944}" = Adobe Creative Suite 3 Design Premium
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"7-Zip" = 7-Zip 4.57
"Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak" = Adobe Acrobat 8.1.2 Professional
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_1e533f03b8b42b2b6a1aba5a0b9d358" = Přidat nebo odebrat Adobe Creative Suite 3 Design Premium
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"All ATI Software" = ATI - Software Uninstall Utility
"AMP Font Viewer" = AMP Font Viewer
"AsusUpdate" = AsusUpdate
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"Axesstel Data Modem Driver" = Axesstel Data Modem Driver
"Canon LBP2900" = Canon LBP2900
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2
"GonVisor_is1" = GonVisor 1.73
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"MetroGnome_is1" = MetroGnome
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Porsche Design Studio" = Porsche Design Studio Screen Saver
"Reason4_is1" = Reason 4.0
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Switch" = Switch Sound File Converter
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.2
"VOLNÝ internet akcelerátor_is1" = VOLNÝ internet akcelerátor 1.0
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 7.11.2009 17:41:49 | Computer Name = JAKUB-B72ACBE07 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.cz/complete/sear ... ghar&cp=13
failed, 0000A413.
Error - 8.11.2009 6:07:41 | Computer Name = JAKUB-B72ACBE07 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://suggestqueries.google.com/comple ... tera&cp=22
failed, 0000A413.
[ Application Events ]
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 2:45:02 | Computer Name = JAKUB-B72ACBE07 | Source = Adobe Version Cue CS3 | ID = 3
Description =
Error - 11.4.2010 7:43:46 | Computer Name = JAKUB-B72ACBE07 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 10.4.2010 18:04:48 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\MSAxp.dll na řádku 9.
Error - 10.4.2010 18:04:48 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\MSAxp.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 10.4.2010 18:25:12 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\msa.dll na řádku 9.
Error - 10.4.2010 18:25:12 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\msa.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 10.4.2010 18:25:13 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842810
Description = Chyba syntaxe v souboru manifestu nebo zásady C:\Program Files\Common
Files\Nero\AudioPlugins\MSAxp.dll na řádku 9.
Error - 10.4.2010 18:25:13 | Computer Name = JAKUB-B72ACBE07 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Common Files\Nero\AudioPlugins\MSAxp.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 11.4.2010 2:31:42 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 4:38:03 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 7:44:03 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
Error - 11.4.2010 14:58:25 | Computer Name = JAKUB-B72ACBE07 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cmdGuard cmdHlp Inspect
< End of report >
Přispějete na provoz fóra?