Prosim o kontrolu-problem s pripojenim k serverom

jeesl · Příspěvekod **jeesl** » 03 čer 2010 18:37

Dobry den.Prosim o kontrolu logu HijackThis.Mam problem s pripojenim niektorych programov k netu (serverom).Internet mi ide cez prehliadac normalne ale ak sa potrebuje niektory program co je nainstalovany v PC pripojit na net a stiahnut nejake data tak sa nepripoji.
napr.program 365dni vypise hlasku "Chyba spojeni ze serverem" podobne aj GoogleEarth,TagRename,Zoner.Ako by mi nieco blokovalo porty tych programov.
Dakujem.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:00, on 3. 6. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\365dni\365dniNET.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jozef\Plocha\Preberanie\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = webproxy.dsidata.sk:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\WINDOWS\system32\cgmopenbho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [365dni] C:\Program Files\365dni\365dniNET.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5674 bytes

Reklama

Damned · Příspěvekod **Damned** » 03 čer 2010 18:44

Kerio to nedělá?

Odinstaluj si DAEMON Tools Toolbar a Download Direct. Vypni si TeaTimer u Spybota. Nainstaluj si, i když nebudeš používat IE8. Co ti hlásí červený štít v systray?

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

jeesl · Příspěvekod **jeesl** » 03 čer 2010 20:34

Kerio som skusal,ale nepomohlo.
DAEMON Tools Toolbar som odinstaloval,Download Direct som nenasiel,Tea Timer som vypol v Spravci uloh systemu Windows.a ten cerveny stit-brana firewall-zapnuta,Aut.Aktualizacie-vypnute,Ochrana proti virom-zapnuta.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4167

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

3. 6. 2010 20:26:34
mbam-log-2010-06-03 (20-26-34).txt

Typ skenu: Rychlý sken
Skenované objekty: 121884
Uplynulý čas: 11 minuta(y), 15 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56b38f40-4e70-11d4-a076-0080ad86ba2f} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{56b38f40-4e70-11d4-a076-0080ad86ba2f} (Trojan.BHO) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\WINDOWS\system32\cgmopenbho.dll (Trojan.BHO) -> No action taken.

Damned · Příspěvekod **Damned** » 03 čer 2010 20:40

Na BHO sedí šmejd, může to být jím.

Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit vybrané
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

jeesl · Příspěvekod **jeesl** » 03 čer 2010 21:07

tu je zatial log z MbAM idem teraz na ten ComboFix

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4167

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

3. 6. 2010 21:04:19
mbam-log-2010-06-03 (21-04-19).txt

Typ skenu: Rychlý sken
Skenované objekty: 121874
Uplynulý čas: 10 minuta(y), 32 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56b38f40-4e70-11d4-a076-0080ad86ba2f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{56b38f40-4e70-11d4-a076-0080ad86ba2f} (Trojan.BHO) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\WINDOWS\system32\cgmopenbho.dll (Trojan.BHO) -> Delete on reboot.

Damned · Příspěvekod **Damned** » 03 čer 2010 21:18

Výborně, teď Combofix.

jeesl · Příspěvekod **jeesl** » 03 čer 2010 21:52

Log z Combofix...po restarte uz zacal program 365dni stahovat data.

ComboFix 10-06-02.04 - Jozef . 06. 2010 21:22:54.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1029.18.639.367 [GMT 2:00]
Running from: c:\documents and settings\Jozef\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Kerio Personal Firewall *enabled* {A990EAA7-8941-4621-BC27-4F16261D3180}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\Cache
c:\windows\system32\taskmgr.com
c:\windows\system32\winlogon.bak
F:\resycled

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP
-------\Service_Iprip

((((((((((((((((((((((((( Files Created from 2010-05-03 to 2010-06-03 )))))))))))))))))))))))))))))))
.

2010-06-03 18:11 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-03 18:11 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-03 18:11 . 2010-06-03 18:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-03 17:49 . 2010-06-03 17:49 -------- d-sh--w- c:\documents and settings\Jozef\PrivacIE
2010-06-03 17:47 . 2010-06-03 17:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-06-03 17:47 . 2010-06-03 17:47 -------- d-sh--w- c:\documents and settings\Jozef\IETldCache
2010-06-03 17:43 . 2010-06-03 17:45 -------- d-----w- c:\windows\system32\cs-CZ
2010-06-03 17:43 . 2010-06-03 17:44 -------- dc-h--w- c:\windows\ie8
2010-06-03 17:27 . 2010-06-03 17:27 -------- d-----w- c:\program files\trend micro
2010-06-03 17:27 . 2010-06-03 17:27 -------- d-----w- C:\rsit
2010-05-30 11:35 . 2010-05-30 11:35 -------- d-----w- c:\program files\Mobile Action
2010-05-29 16:15 . 2009-12-20 13:53 57216 ----a-w- c:\windows\system32\drivers\gpslc.sys
2010-05-29 16:15 . 2010-05-29 16:15 -------- d-----w- c:\windows\Application Data
2010-05-29 15:27 . 2010-05-29 15:27 -------- d-----w- c:\program files\365dni
2010-05-29 15:17 . 2010-05-29 15:17 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-02 13:59 . 2004-08-18 12:00 73330 ----a-w- c:\windows\system32\perfc005.dat
2010-06-02 13:59 . 2004-08-18 12:00 397956 ----a-w- c:\windows\system32\perfh005.dat
2010-05-29 15:33 . 2009-10-28 20:11 -------- d-----w- c:\program files\PokerStars
2010-05-04 13:14 . 2010-03-15 15:34 -------- d-----w- c:\program files\Google
2010-03-21 11:28 . 2010-03-21 11:28 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-12 12:25 . 2010-03-12 12:25 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-02-19 18:26 . 2009-02-19 15:12 45088 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

------- Sigcheck -------

[-] 2009-02-22 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"365dni"="c:\program files\365dni\365dniNET.exe" [2010-05-13 858624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2005-09-30 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2002-09-27 06:44 47104 ----a-r- c:\windows\SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\365dni\\365dniNET.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16. 5. 2009 21:00 717296]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1. 7. 2008 10:04 34312]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [15. 12. 2005 19:13 274432]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [15. 12. 2005 19:01 81920]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [1. 7. 2008 10:02 468224]
R3 ip100xp;ASUS NX1001 Network Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [29. 4. 2009 11:54 26752]
R3 NtApm;Ovladač rozhraní služby NT Apm/Legacy;c:\windows\system32\drivers\NtApm.sys [16. 2. 2009 18:46 9472]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [9. 10. 2009 13:08 9446]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15. 3. 2010 17:35 135664]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [18. 8. 2004 14:00 3584]
S3 gpslc;gpslc;c:\windows\system32\drivers\gpslc.sys [29. 5. 2010 18:15 57216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder

2010-06-03 c:\windows\Tasks\User_Feed_Synchronization-{91442BBA-2649-47E0-B3C5-AF8CC9F28DCE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = webproxy.dsidata.sk:3128
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Jozef\Data aplikací\Mozilla\Firefox\Profiles\ww0i3jtg.default\
FF - prefs.js: network.proxy.ftp - 193.68.154.193:80
FF - prefs.js: network.proxy.gopher - 193.68.154.193:80
FF - prefs.js: network.proxy.http - 193.68.154.193:80
FF - prefs.js: network.proxy.socks - 193.68.154.193:80
FF - prefs.js: network.proxy.ssl - 193.68.154.193:80
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-OEXPRESS - (no file)
HKCU-Run-WEBTRAN - (no file)
HKCU-Run-DLD.EXE - c:\program files\Download Direct\DLD.exe
Notify-WgaLogon - (no file)
MSConfigStartUp-365dni - c:\program files\365dníNET\365dniNET.exe
AddRemove-PC Translator - c:\docume~1\Jozef\LOCALS~1\Temp\UN32.EXE
AddRemove-ProSavage - c:\program files\S3\ProSavage\ProSavage.isu

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-03 21:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\docume~1\Jozef\LOCALS~1\Temp\~365DNI\un\televize_program_20100605_ČT4 Sport 3965 bytes

scan completed successfully
hidden files: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82B521F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf8bf4fc3
\Driver\atapi -> 0x82b521f8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a1afe
ParseProcedure -> ntoskrnl.exe @ 0x80570a6e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a1afe
ParseProcedure -> ntoskrnl.exe @ 0x80570a6e
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1144)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Completion time: 2010-06-03 21:44:56 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-03 19:44

Pre-Run: 5 293 162 496
Post-Run: 5 151 850 496

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 37BA62C106DB8DB00869CE61E1B93118

Damned · Příspěvekod **Damned** » 03 čer 2010 23:17

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\drivers\fidbox.dat

Folder::
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\Download Direct

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

jeesl · Příspěvekod **jeesl** » 04 čer 2010 15:55

novy log z ComboFixu

ComboFix 10-06-02.04 - Jozef . 06. 2010 15:34:31.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1029.18.639.373 [GMT 2:00]
Running from: c:\documents and settings\Jozef\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Jozef\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Kerio Personal Firewall *enabled* {A990EAA7-8941-4621-BC27-4F16261D3180}
* Resident AV is active

FILE ::
"c:\windows\system32\drivers\fidbox.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\fidbox.dat

.
((((((((((((((((((((((((( Files Created from 2010-05-04 to 2010-06-04 )))))))))))))))))))))))))))))))
.

2010-06-03 18:11 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-03 18:11 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-03 18:11 . 2010-06-03 18:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-03 17:49 . 2010-06-03 17:49 -------- d-sh--w- c:\documents and settings\Jozef\PrivacIE
2010-06-03 17:47 . 2010-06-03 17:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-06-03 17:47 . 2010-06-03 17:47 -------- d-sh--w- c:\documents and settings\Jozef\IETldCache
2010-06-03 17:43 . 2010-06-03 17:45 -------- d-----w- c:\windows\system32\cs-CZ
2010-06-03 17:43 . 2010-06-03 17:44 -------- dc-h--w- c:\windows\ie8
2010-06-03 17:27 . 2010-06-03 17:27 -------- d-----w- c:\program files\trend micro
2010-06-03 17:27 . 2010-06-03 17:27 -------- d-----w- C:\rsit
2010-05-30 11:35 . 2010-05-30 11:35 -------- d-----w- c:\program files\Mobile Action
2010-05-29 16:15 . 2009-12-20 13:53 57216 ----a-w- c:\windows\system32\drivers\gpslc.sys
2010-05-29 16:15 . 2010-05-29 16:15 -------- d-----w- c:\windows\Application Data
2010-05-29 15:27 . 2010-05-29 15:27 -------- d-----w- c:\program files\365dni
2010-05-29 15:17 . 2010-05-29 15:17 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-02 13:59 . 2004-08-18 12:00 73330 ----a-w- c:\windows\system32\perfc005.dat
2010-06-02 13:59 . 2004-08-18 12:00 397956 ----a-w- c:\windows\system32\perfh005.dat
2010-05-29 15:33 . 2009-10-28 20:11 -------- d-----w- c:\program files\PokerStars
2010-05-04 13:14 . 2010-03-15 15:34 -------- d-----w- c:\program files\Google
2010-03-21 11:28 . 2010-03-21 11:28 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-12 12:25 . 2010-03-12 12:25 411368 ----a-w- c:\windows\system32\deploytk.dll
.

------- Sigcheck -------

[-] 2009-02-22 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-06-03_19.35.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-04 13:30 . 2010-06-04 13:30 16384 c:\windows\Temp\Perflib_Perfdata_788.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"365dni"="c:\program files\365dni\365dniNET.exe" [2010-05-13 858624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2005-09-30 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2002-09-27 06:44 47104 ----a-r- c:\windows\SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\365dni\\365dniNET.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1. 7. 2008 10:04 34312]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [15. 12. 2005 19:13 274432]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [15. 12. 2005 19:01 81920]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [1. 7. 2008 10:02 468224]
R3 ip100xp;ASUS NX1001 Network Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [29. 4. 2009 11:54 26752]
R3 NtApm;Ovladač rozhraní služby NT Apm/Legacy;c:\windows\system32\drivers\NtApm.sys [16. 2. 2009 18:46 9472]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16. 5. 2009 21:00 717296]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15. 3. 2010 17:35 135664]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [18. 8. 2004 14:00 3584]
S3 gpslc;gpslc;c:\windows\system32\drivers\gpslc.sys [29. 5. 2010 18:15 57216]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [9. 10. 2009 13:08 9446]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder

2010-06-04 c:\windows\Tasks\User_Feed_Synchronization-{91442BBA-2649-47E0-B3C5-AF8CC9F28DCE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = webproxy.dsidata.sk:3128
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Jozef\Data aplikací\Mozilla\Firefox\Profiles\ww0i3jtg.default\
FF - prefs.js: network.proxy.ftp - 193.68.154.193:80
FF - prefs.js: network.proxy.gopher - 193.68.154.193:80
FF - prefs.js: network.proxy.http - 193.68.154.193:80
FF - prefs.js: network.proxy.socks - 193.68.154.193:80
FF - prefs.js: network.proxy.ssl - 193.68.154.193:80
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-04 15:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-06-04 15:51:39
ComboFix-quarantined-files.txt 2010-06-04 13:51
ComboFix2.txt 2010-06-03 19:45

Pre-Run: 5 164 720 128
Post-Run: 5 184 020 480

- - End Of File - - 37E86012AD5FBA8AD34BF85EE7470098

Damned · Příspěvekod **Damned** » 04 čer 2010 16:03

Vypni antivir a pokud máš i Antispyware a odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup.Pod Běžné registry změň na Vše, Specifické registry na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

jeesl · Příspěvekod **jeesl** » 04 čer 2010 16:28

OTL.txt

OTL logfile created on: 4. 6. 2010 16:22:42 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Jozef\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

639,00 Mb Total Physical Memory | 221,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 960 1920 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,17 Gb Total Space | 5,97 Gb Free Space | 15,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 134,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 152,66 Gb Total Space | 8,78 Gb Free Space | 5,75% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM
Current User Name: Jozef
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Jozef\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\system32\Crypserv.exe (CrypKey (Canada) Ltd.)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (Sunbelt Software)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe (Sunbelt Software)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Jozef\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Bonjour Service) -- File not found
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (CrypKey (Canada) Ltd.)
SRV - (KPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (Sunbelt Software)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (SimpTcp) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
SRV - (NOD32FiXTemDono) -- C:\WINDOWS\System32\regedt32.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (gpslc) -- C:\WINDOWS\system32\drivers\gpslc.sys (Mobile Action Technology Inc.)
DRV - (ROCKEYNT) -- C:\WINDOWS\system32\drivers\Rockey4.sys (Feitian Technologies Co., Ltd.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys ()
DRV - (easdrv) -- C:\WINDOWS\system32\drivers\easdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
DRV - (ip100xp) -- C:\WINDOWS\system32\drivers\ipfnd51.sys (ASUSTek Computer Inc. )
DRV - (NetworkX) -- C:\WINDOWS\system32\ckldrv.sys ()
DRV - (fwdrv) -- C:\WINDOWS\system32\drivers\fwdrv.sys (Sunbelt Software)
DRV - (khips) -- C:\WINDOWS\system32\drivers\khips.sys ()
DRV - (CX23880) -- C:\WINDOWS\system32\drivers\cx88vid.sys (Leadtek Research Inc.)
DRV - (CXTUNE) -- C:\WINDOWS\system32\drivers\cx88tune.sys (Leadtek Research Inc.)
DRV - (CXAVXBAR) -- C:\WINDOWS\system32\drivers\cxavxbar.sys (Leadtek Research Inc.)
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys (Leadtek Research Inc.)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ALCXWDM) Service for Avance AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Avance Logic, Inc.)
DRV - (NtApm) -- C:\WINDOWS\system32\drivers\NtApm.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = webproxy.dsidata.sk:3128

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3
FF - prefs.js..network.proxy.backup.ftp: "193.68.154.193:80"
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: "193.68.154.193:80"
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: "193.68.154.193:80"
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: "193.68.154.193:80"
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "193.68.154.193:80"
FF - prefs.js..network.proxy.gopher: "193.68.154.193:80"
FF - prefs.js..network.proxy.http: "193.68.154.193:80"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "193.68.154.193:80"
FF - prefs.js..network.proxy.ssl: "193.68.154.193:80"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.03.12 14:25:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.02 19:00:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.02 19:00:30 | 000,000,000 | ---D | M]

[2009.02.16 20:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Mozilla\Extensions
[2009.02.16 20:52:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jozef\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.06.02 19:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Mozilla\Firefox\Profiles\ww0i3jtg.default\extensions
[2009.05.15 21:14:55 | 000,000,000 | ---D | M] (WebTran) -- C:\Documents and Settings\Jozef\Data aplikací\Mozilla\Firefox\Profiles\ww0i3jtg.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2009.10.15 01:06:28 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Jozef\Data aplikací\Mozilla\Firefox\Profiles\ww0i3jtg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.06.02 16:35:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.02 19:00:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.02.27 17:08:48 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010.03.12 14:25:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.04.01 20:07:08 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.04.01 20:07:08 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.03.12 14:25:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.09.06 21:57:08 | 000,746,592 | ---- | M] (www.devalvr.com) -- C:\Program Files\Mozilla Firefox\plugins\npdevalvr.dll
[2010.04.01 20:07:08 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003.07.15 05:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008.06.11 23:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.04.01 19:40:34 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.04.01 19:40:34 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.04.01 19:40:34 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.04.01 19:40:34 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010.04.01 19:40:34 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.04.01 19:40:34 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.04.01 19:40:34 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.04.01 19:40:34 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010.06.04 15:44:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [365dni] C:\Program Files\365dni\365dniNET.exe (Microsoft)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jozef\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jozef\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.12 07:09:52 | 000,015,086 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2005.11.11 13:01:56 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.06.04 16:19:11 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jozef\Plocha\OTL.exe
[2010.06.03 21:19:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.06.03 20:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Data aplikací\Malwarebytes
[2010.06.03 20:11:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.03 20:11:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.03 20:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.06.03 20:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.06.03 19:49:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Jozef\PrivacIE
[2010.06.03 19:47:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Jozef\IETldCache
[2010.06.03 19:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010.06.03 19:43:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.06.03 19:43:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-CZ
[2010.06.03 15:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Dokumenty\Preberanie
[2010.06.02 20:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Plocha\Preberanie
[2010.06.02 18:54:46 | 008,680,648 | ---- | C] (Mozilla) -- C:\Documents and Settings\Jozef\Plocha\Firefox Setup 3.6.3.exe
[2010.06.02 17:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Plocha\DU.Meter.v4.01.R3076.0.WinAll.Cracked-CRD
[2010.05.30 13:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mobile Action
[2010.05.30 00:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Plocha\gpx
[2010.05.29 18:15:48 | 000,057,216 | ---- | C] (Mobile Action Technology Inc.) -- C:\WINDOWS\System32\drivers\gpslc.sys
[2010.05.29 18:15:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data
[2010.05.29 17:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Data aplikací\365dni
[2010.05.29 17:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\365dni
[2010.05.28 12:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Data aplikací\Mobile Action
[2010.05.26 11:40:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jozef\Data aplikací\365dni(2)
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.06.04 16:22:55 | 004,718,592 | ---- | M] () -- C:\Documents and Settings\Jozef\ntuser.dat
[2010.06.04 16:19:16 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jozef\Plocha\OTL.exe
[2010.06.04 15:55:30 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{91442BBA-2649-47E0-B3C5-AF8CC9F28DCE}.job
[2010.06.04 15:51:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.04 15:45:24 | 000,000,277 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.04 15:44:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.04 15:32:03 | 000,000,623 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.04 15:30:14 | 000,000,429 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010.06.04 15:29:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.04 15:29:57 | 670,617,600 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.04 15:29:09 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jozef\ntuser.ini
[2010.06.03 21:19:28 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.06.03 20:11:46 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.06.02 19:00:33 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.06.02 18:58:36 | 000,256,516 | ---- | M] () -- C:\Documents and Settings\Jozef\Plocha\Záložky 2010-06-02.json
[2010.06.02 18:58:00 | 008,680,648 | ---- | M] (Mozilla) -- C:\Documents and Settings\Jozef\Plocha\Firefox Setup 3.6.3.exe
[2010.06.02 16:00:05 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.02 15:59:17 | 000,400,624 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.02 15:59:17 | 000,397,956 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.02 15:59:17 | 000,073,330 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.02 15:59:17 | 000,062,286 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.02 15:59:16 | 000,944,294 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.31 15:17:01 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.30 13:49:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.05.30 13:48:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SportAppExe.INI
[2010.05.30 13:41:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\WhereIamExe.INI
[2010.05.30 13:36:29 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\@trip PC.lnk
[2010.05.30 13:36:29 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Where I Am.lnk
[2010.05.30 13:36:29 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Sports Analyzer.lnk
[2010.05.30 13:12:59 | 168,290,558 | ---- | M] () -- C:\Documents and Settings\Jozef\Plocha\i-gotU_Suite_Full.exe
[2010.05.30 11:29:18 | 000,002,490 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.05.29 21:02:27 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Zem.lnk
[2010.05.29 19:22:42 | 001,104,061 | ---- | M] () -- C:\Documents and Settings\Jozef\Plocha\pppoexp.pdf
[2010.05.29 18:35:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\GpsPlatformExe.INI
[2010.05.29 17:46:51 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nokia PC Suite.lnk
[2010.05.29 17:27:41 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\365dní.lnk
[2010.05.29 17:18:20 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.28 12:04:14 | 000,521,216 | ---- | M] () -- C:\Documents and Settings\Jozef\Plocha\um00007_manual.doc
[2010.05.26 11:40:04 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2010.05.21 16:50:30 | 000,048,755 | ---- | M] () -- C:\Documents and Settings\Jozef\Plocha\or.priehrada.jpg
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.03 21:19:28 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.06.03 21:19:23 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010.06.03 20:11:46 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.06.03 19:51:56 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{91442BBA-2649-47E0-B3C5-AF8CC9F28DCE}.job
[2010.06.02 19:00:33 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.06.02 18:58:35 | 000,256,516 | ---- | C] () -- C:\Documents and Settings\Jozef\Plocha\Záložky 2010-06-02.json
[2010.05.30 13:48:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SportAppExe.INI
[2010.05.30 13:41:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WhereIamExe.INI
[2010.05.30 13:36:29 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\@trip PC.lnk
[2010.05.30 13:36:29 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Where I Am.lnk
[2010.05.30 13:36:29 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Sports Analyzer.lnk
[2010.05.30 12:32:19 | 168,290,558 | ---- | C] () -- C:\Documents and Settings\Jozef\Plocha\i-gotU_Suite_Full.exe
[2010.05.29 21:02:27 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Zem.lnk
[2010.05.29 19:22:41 | 001,104,061 | ---- | C] () -- C:\Documents and Settings\Jozef\Plocha\pppoexp.pdf
[2010.05.29 18:35:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\GpsPlatformExe.INI
[2010.05.29 17:27:41 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\365dní.lnk
[2010.05.28 12:04:11 | 000,521,216 | ---- | C] () -- C:\Documents and Settings\Jozef\Plocha\um00007_manual.doc
[2010.05.26 11:40:04 | 000,000,108 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2010.05.21 16:50:29 | 000,048,755 | ---- | C] () -- C:\Documents and Settings\Jozef\Plocha\or.priehrada.jpg
[2010.01.26 16:40:44 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.10.06 09:22:46 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.09.25 23:54:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Ry4CoInst.dll
[2009.06.25 19:11:33 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.06.21 19:02:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2009.06.21 19:02:52 | 000,031,846 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2009.06.21 19:02:52 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2009.06.16 09:35:03 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.05.15 21:13:51 | 000,002,490 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.02.26 21:28:04 | 000,000,079 | ---- | C] () -- C:\WINDOWS\Serial.ini
[2009.02.23 00:23:55 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.21 21:24:36 | 001,481,728 | ---- | C] () -- C:\WINDOWS\System32\LegitCheckControl.dll
[2009.02.21 21:24:36 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\wgalogon.dll.old
[2008.07.01 10:04:40 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2005.12.15 19:01:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\khips.sys
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.11.19 10:56:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\RYDLL32.DLL
[2004.08.18 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003.04.07 11:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.15 04:58:48 | 000,618,496 | ---- | C] () -- C:\WINDOWS\System32\dXQGridEdit.dll
[1996.08.20 16:08:46 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\angel32.dll

========== LOP Check ==========

[2009.02.28 09:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2009.06.21 18:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.02.16 23:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.03.09 20:31:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2010.01.26 20:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
[2009.02.20 14:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.09.25 18:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2009.05.15 21:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.03.27 14:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.10.15 12:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.09 13:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.06.21 19:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WorkshopData
[2010.06.03 21:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\365dni
[2010.05.29 17:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\365dni(2)
[2009.06.21 18:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\DAEMON Tools
[2009.06.21 18:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\DAEMON Tools Lite
[2009.06.21 18:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\DAEMON Tools Pro
[2010.03.09 20:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\GARMIN
[2010.01.26 17:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\GrabPro
[2009.05.15 21:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\LangSoft
[2010.05.28 12:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Mobile Action
[2010.03.12 14:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Mobile Atlas Creator
[2009.03.27 14:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Nokia
[2009.06.20 16:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Nokia Multimedia Player
[2010.01.26 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Orbit
[2010.03.09 20:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Pathcz
[2010.03.12 18:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\PC Suite
[2009.02.21 00:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jozef\Data aplikací\Zoner
[2010.06.04 15:55:30 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{91442BBA-2649-47E0-B3C5-AF8CC9F28DCE}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
< End of report >

jeesl · Příspěvekod **jeesl** » 04 čer 2010 16:29

Extras.txt

OTL Extras logfile created on: 4. 6. 2010 16:22:42 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Jozef\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

639,00 Mb Total Physical Memory | 221,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 960 1920 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38,17 Gb Total Space | 5,97 Gb Free Space | 15,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 134,49 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 152,66 Gb Total Space | 8,78 Gb Free Space | 5,75% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM
Current User Name: Jozef
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\365dni\365dniNET.exe" = C:\Program Files\365dni\365dniNET.exe:*:Enabled:365dniNET2 -- (Microsoft)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0E81AAC1-44D4-41d5-0100-000000000000}" = i-gotU Suite
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{229AC843-98B6-4BDE-919A-30587C698D23}" = Slovakia Roads v6
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7514727A-3ECA-40A1-A73E-9CF9D8463CB3}" = ESET NOD32 Antivirus
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{9012041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9A4CBA78-CFAD-4058-9AB8-532F5DF44682}_is1" = Program 365dní
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0FB354-3D85-483A-A899-99FB3084942D}" = Garmin MapSource
"{A1E15B5F-E414-4595-A1B5-94A2F07EF9CB}" = Slovakia TOPO v2
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A990EAA7-8941-4621-BC27-4F16261D3180}" = Sunbelt Kerio Personal Firewall
"{AA1C2742-4732-46BD-A194-018B3FC7CAC4}" = CENKROSplus
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{B1914510-38B5-4835-83D8-A188073E542F}" = Cheetah Audio Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCB873D5-94BD-4ADC-B80A-A3B381D7E8FA}" = ITEDO IsoView 5
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}" = WinFast PVR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Zem
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Balíček ovladače systému Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"365dní6.0.7" = 365dní
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"AoA Audio Extractor_is1" = AoA Audio Extractor 2.0
"bwin Poker_is1" = bwin Poker
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DevalVR for Netscape" = DevalVR plugin for Netscape and compatible browsers
"DVDFab Ghosthunter release_is1" = DVDFab Ghosthunter release 5.3.1.0 Beta
"Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Google Earth Pro 4.2" = Google Earth Pro 4.2
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MobileVideo For 3GP_is1" = MobileVideo For 3GP 3.62
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neat Image_is1" = Neat Image v6.0 Pro+
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nokia PC Suite" = Nokia PC Suite
"PokerStars" = PokerStars
"Tag&Rename_is1" = Tag&Rename 3.5.1
"Vivid WorkshopData ATI" = Vivid WorkshopData ATI
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archivátor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Vietcong 2" = Vietcong 2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3. 6. 2010 13:58:55 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 3. 6. 2010 15:04:06 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 3. 6. 2010 15:16:08 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 3. 6. 2010 15:20:57 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 3. 6. 2010 15:37:22 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 3. 6. 2010 15:46:26 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 4. 6. 2010 8:48:13 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 4. 6. 2010 9:01:05 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 4. 6. 2010 9:31:48 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

Error - 4. 6. 2010 9:38:22 | Computer Name = DOM | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 3. 6. 2010 15:34:40 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 3. 6. 2010 15:34:46 | Computer Name = DOM | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.27,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 4. 6. 2010 8:45:23 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%3

Error - 4. 6. 2010 8:45:23 | Computer Name = DOM | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 4. 6. 2010 8:45:23 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4. 6. 2010 8:45:32 | Computer Name = DOM | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.27,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 4. 6. 2010 9:30:10 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%3

Error - 4. 6. 2010 9:30:10 | Computer Name = DOM | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 4. 6. 2010 9:30:10 | Computer Name = DOM | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 4. 6. 2010 9:30:14 | Computer Name = DOM | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.27,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

< End of report >

Prosim o kontrolu-problem s pripojenim k serverom Vyřešeno

Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Re: Prosim o kontrolu-problem s pripojenim k serverom

Kdo je online