Prosím o kontrolu logu - problémy pri startu.

seal. · Příspěvekod **seal.** » 06 pro 2011 22:54

Prosím o kontrolu logu - problémy pri startu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:53:54, on 6.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\Probe\ASUSPROB.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tn.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pravednes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Windows Internet Explorer: TV Nova
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StrSystem] C:\WINDOWS\strs.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Probe V2.19.04.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TUXRDBUN - Unknown owner - C:\DOCUME~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O24 - Desktop Component 0: (no name) - file:///G:/opsys/wmakeup/obsahy/hl19.jpg

--
End of file - 8000 bytes

Reklama

Příspěvekod **memphisto** » 06 pro 2011 23:03

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

seal. · Příspěvekod **seal.** » 06 pro 2011 23:28

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6.12.2011 23:27:25
mbam-log-2011-12-06 (23-27-11).txt

Typ: Rychlá kontrola
Kontrolované objekty: 161685
Uplynulý čas: 6 minut, 4 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **memphisto** » 06 pro 2011 23:29

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštìní se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynù, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by mìl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

seal. · Příspěvekod **seal.** » 07 pro 2011 00:26

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6.12.2011 23:43:57
mbam-log-2011-12-06 (23-43-57).txt

Typ: Rychlá kontrola
Kontrolované objekty: 161697
Uplynulý čas: 5 minut, 11 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

combofix
ComboFix 11-12-06.01 - Rosťa 06.12.2011 23:54:39.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.512.134 [GMT 1:00]
Spuštěný z: c:\documents and settings\Rosťa\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *Enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\system\BCBSMP35.BPL
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-06 do 2011-12-06 )))))))))))))))))))))))))))))))
.
.
2011-12-06 22:17 . 2011-08-31 16:00 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-12-06 22:10 . 2011-12-06 22:10 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{4AD2BA43-FDDE-4440-8D04-23E7DC5F5069}\offreg.dll
2011-12-06 21:47 . 2011-12-06 21:47 388096 -c--a-r- c:\documents and settings\Rosťa\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-06 21:47 . 2011-12-06 21:47 -------- dc----w- c:\program files\Trend Micro
2011-12-06 21:40 . 2007-03-07 16:44 2321288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-06 21:40 . 2011-12-06 21:40 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{4AD2BA43-FDDE-4440-8D04-23E7DC5F5069}\mpengine.dll
2011-12-06 21:30 . 2011-12-06 21:30 -------- dc----w- c:\windows\system32\wbem\Repository
2011-12-06 21:29 . 2011-12-06 21:29 -------- dcs---w- c:\documents and settings\Rosťa\UserData
2011-12-06 21:29 . 2011-12-06 21:29 -------- dc----w- c:\program files\DIFX
2011-12-06 21:29 . 2011-12-06 21:29 -------- dc----w- c:\program files\PC Connectivity Solution
2011-12-06 16:34 . 2011-12-06 16:34 -------- dc----w- c:\documents and settings\Rosťa\Data aplikací\Malwarebytes
2011-12-06 16:33 . 2011-12-06 16:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-06 16:33 . 2011-12-06 22:17 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-06 15:15 . 2011-12-06 15:16 -------- dc----w- c:\program files\Windows Defender
2011-12-06 15:03 . 2011-12-06 15:03 -------- dc----w- c:\program files\Sophos
2011-11-30 19:52 . 2011-11-30 19:52 -------- dc----w- c:\program files\Common Files\InstallShield
2011-11-30 19:02 . 2011-11-30 19:03 -------- dc----w- c:\documents and settings\Rosťa\Data aplikací\Download Manager
2011-11-27 07:09 . 2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2011-11-27 07:09 . 2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2011-11-27 07:09 . 2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2011-11-27 07:09 . 2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2011-11-27 07:09 . 2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
2011-11-27 07:09 . 2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2011-11-27 07:09 . 2011-12-06 08:23 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\Strazca systemu
2011-11-27 07:09 . 2011-11-27 07:08 709668 -c--a-w- c:\windows\unins000.exe
2011-11-27 07:09 . 2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 21:40 . 2009-10-04 07:33 222080 -c----w- c:\windows\system32\MpSigStub.exe
2011-11-28 18:01 . 2011-06-15 14:25 41184 -c--a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2006-04-27 12:35 199816 -c--a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-06-15 14:25 435032 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2008-04-01 16:41 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2005-02-23 22:44 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2006-04-27 12:35 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2006-04-27 12:35 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2006-04-27 12:35 105176 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2008-04-01 16:41 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2006-04-27 12:35 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-27 07:09 . 2011-01-28 22:58 24064 -c--a-w- c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys
2011-10-10 14:22 . 2004-03-02 11:18 692736 -c--a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-25 09:06 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2010-12-28 07:05 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2002-09-23 12:00 602112 -c--a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2011-09-26 09:41 613376 -c----w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2002-09-23 12:00 22528 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2002-09-23 12:00 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-17 07:48 . 2010-12-11 10:10 752128 -c--a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-09-17 07:48 . 2010-12-11 10:09 600928 -c--a-w- c:\windows\system32\drivers\timntr.sys
2011-09-09 16:23 . 2011-09-17 09:25 2469760 -c--a-w- c:\windows\system32\BootMan.exe
2011-11-27 07:46 . 2011-05-11 17:36 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"StrSystem"="c:\windows\strs.exe" [2010-08-12 2588160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Probe V2.19.04.lnk - c:\program files\ASUS\Probe\ASUSPROB.EXE [2003-7-6 617984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ASUS\\WL-500gPv2 Wireless Router Utilities\\Discovery.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\strs.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.6.2011 15:25 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.4.2008 17:41 314456]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 9:21 286720]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [28.1.2011 23:58 24064]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 9:21 81920]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [30.7.2004 11:24 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 17:41 20568]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [7.1.2006 12:21 164992]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [7.1.2006 12:21 12544]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [6.7.2003 13:23 6528]
R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [5.8.2006 15:44 47360]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\System32\drivers\ASUSHWIO.sys --> c:\windows\System32\drivers\ASUSHWIO.sys [?]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [17.9.2011 10:25 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [17.9.2011 10:25 8456]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [6.7.2006 19:56 49399]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\18.tmp --> c:\windows\system32\18.tmp [?]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [25.12.2010 10:49 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [25.12.2010 10:49 32800]
S3 TUXRDBUN;TUXRDBUN;c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe --> c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.pravednes.cz/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://pravednes.cz/#!home
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=

FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 00:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\18.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1390067357-1972579041-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="8203809B1A46CD5F1AA28CF092622CE7D327CE8570F10BF060C7CF29082A45F2A75F47717534EA255F35AEF45286348CE45E2A26C8C8529575ABB7ACDFCB8C3C2AA9395EAC90A9C847AA45C346DE311ADF6BCC9F0F69F2FEC53B8D9CCE076622C8C1DAFD99F6560447C3AFDB8939DD03108E127BC474347A10D7C82FD9EAC86A5849614B6585B1B2E88501A40C6367DB51CC8BA83F87CEF428A719F9DC0B1BFAC128372590607255C7B6806790B5715E18EF7E79A6CCF581F395DE77037C39E0008AFB526B31BF1296E3A9D0310511EA6A05E125F6EAC8D76FCEB089CFD974CA24DE817A9E20B6311BDC2DF357B14F01E15CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB3452C038D530D6EB34529DB7CE019D40AA5CDA43B52009D1C730B7389434FAAF5B9CDFC39930F4C61B8DB0B120B2144E301BACBADC945CA3644C8C3B1C3D2CD07FFA240D488B14307BC1196742CCE88B02F668D2083FB6DFBC41342AAF2CFBA278AEEFABB00E36209369D2A179473CE0BE74970D57E36D280E77176C36F6AB7ED8A0A9919D7EABC96A905EF992D70D7A03DC79CB3F49C941A99A5052649571E1467CE893A9A536859B84F0F0B13BC9A7804100D8043D8815739AAE0C4885776EFA34F86EC5518E4B5557746AC9AFD7DC7973D2E0C28C5B2EE6ADB62F3FC65A6B46FD5C3F39525CBB5DDE07AC26F60D32478A4BF2680EE5BE8F4A9F34805E2DC08952C5099901C19A083779E4645837E256E2F7853717C29C8F2CD4F99053F6FCBBEE9F31D6B3D1CC42BB519F769D96D0A51B9C6EC883FDBE1C54F640CCB43052E65304042FCA11DE0A11495321965E7C4B95AE6C86B398C37D87D72E65924718A8C545ADB8267C7F759ACD5600163610ED7AD81FAD8B096C924C00CC5D001F45B34F6841DA2B8200A8850062FE713AD74BB3798AD271B69BCBEFA9088B188C7ACE3D253554458659603EB519E084FBC1B2F1A3165CD27E5C2E02C6329EF55A77D3A0676534605F25EBF6F8FCBA2DFDE309281F90059D335BD3577802933AC624B04DCF0E6070D723AE2787F5774D3875458CE229DA4617E86987970EBE090309E8DF34539168AF352086D24ED34E17D0761AA0F3424566F9AFEEAFD6498C355311329B3A54439863C9157F36E298FAF7B99039E97094CB27FD2E7F3BAC717857D466432E89FEBBD74C15E741099AB88DC4F3C3E77034692E3B28FA82BB665909F1E11B7DE41D31615B8C98678048165A5F0A8BAC21A8D36FE5854A551722DA83BACC49D8EFA18A733EC454025618D04967DE0E5DB67914F00E334741B8DBF1839417A5598819C9A54FCB10D16E0418EACAC07E04B6B128595BE084B6EB518A6BFA6EBAF7DD0FE5B0FEF4F47B7C0A11F2"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1700)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-07 00:15:35
ComboFix-quarantined-files.txt 2011-12-06 23:15
.
Před spuštěním: Volných bajtů: 11 257 630 720
Po spuštění: Volných bajtů: 11 226 312 704
.
- - End Of File - - D0EA6540B76347FE93C3028248A80D77

Příspěvekod **jaro3** » 07 pro 2011 09:57

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StrSystem] C:\WINDOWS\strs.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O24 - Desktop Component 0: (no name) - file:///G:/opsys/wmakeup/obsahy/hl19.jpg

Odstraněn obrázek z plochy , pak si ho tam můžeš vrátit...

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\strs.exe
c:\windows\system32\18.tmp
c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe

Driver::
ASUSHWIO
MEMSWEEP2
TUXRDBUN

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]

DDS::
uInternet Settings,ProxyOverride = <local>

Firefox::
FF - ProfilePath - c:\documents and settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

seal. · Příspěvekod **seal.** » 07 pro 2011 18:41

Tak jsem to vsechno podle pokynu provedl a posílám logy

ComboFix 11-12-06.02 - Rosťa 07.12.2011 18:13:50.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.512.203 [GMT 1:00]
Spuštěný z: c:\combofix\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\RosŁa\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *Enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-07 do 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 16:53 . 2011-12-07 16:53 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{4AD2BA43-FDDE-4440-8D04-23E7DC5F5069}\offreg.dll
2011-12-06 15:15 . 2011-12-06 15:16 -------- dc----w- c:\program files\Windows Defender
2011-12-06 15:03 . 2011-12-06 15:03 -------- dc----w- c:\program files\Sophos
2011-11-30 19:52 . 2011-11-30 19:52 -------- dc----w- c:\program files\Common Files\InstallShield
2011-11-30 19:02 . 2011-11-30 19:03 -------- dc----w- c:\documents and settings\Rosťa\Data aplikací\Download Manager
2011-11-27 07:09 . 2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2011-11-27 07:09 . 2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2011-11-27 07:09 . 2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2011-11-27 07:09 . 2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2011-11-27 07:09 . 2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
2011-11-27 07:09 . 2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2011-11-27 07:09 . 2011-12-06 08:23 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\Strazca systemu
2011-11-27 07:09 . 2011-11-27 07:08 709668 -c--a-w- c:\windows\unins000.exe
2011-11-27 07:09 . 2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 21:40 . 2009-10-04 07:33 222080 -c----w- c:\windows\system32\MpSigStub.exe
2011-11-28 18:01 . 2011-06-15 14:25 41184 -c--a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2006-04-27 12:35 199816 -c--a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-06-15 14:25 435032 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2008-04-01 16:41 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2005-02-23 22:44 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2006-04-27 12:35 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2006-04-27 12:35 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2006-04-27 12:35 105176 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2008-04-01 16:41 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2006-04-27 12:35 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-27 07:09 . 2011-01-28 22:58 24064 -c--a-w- c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys
2011-10-10 14:22 . 2004-03-02 11:18 692736 -c--a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-25 09:06 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2010-12-28 07:05 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2002-09-23 12:00 602112 -c--a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2011-09-26 09:41 613376 -c----w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2002-09-23 12:00 22528 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2002-09-23 12:00 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-17 07:48 . 2010-12-11 10:10 752128 -c--a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-09-17 07:48 . 2010-12-11 10:09 600928 -c--a-w- c:\windows\system32\drivers\timntr.sys
2011-09-09 16:23 . 2011-09-17 09:25 2469760 -c--a-w- c:\windows\system32\BootMan.exe
2011-11-27 07:46 . 2011-05-11 17:36 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-06_23.10.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-07 16:54 . 2011-12-07 16:54 16384 c:\windows\Temp\Perflib_Perfdata_640.dat
+ 2011-12-07 16:54 . 2011-12-07 16:54 16384 c:\windows\Temp\Perflib_Perfdata_368.dat
+ 2010-06-11 16:27 . 2011-12-07 17:14 32768 c:\windows\Cookies\index.dat
- 2010-06-11 16:27 . 2011-12-06 22:55 32768 c:\windows\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Probe V2.19.04.lnk - c:\program files\ASUS\Probe\ASUSPROB.EXE [2003-7-6 617984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ASUS\\WL-500gPv2 Wireless Router Utilities\\Discovery.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\strs.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.6.2011 15:25 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.4.2008 17:41 314456]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 9:21 286720]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [28.1.2011 23:58 24064]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 9:21 81920]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [30.7.2004 11:24 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 17:41 20568]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [7.1.2006 12:21 164992]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [7.1.2006 12:21 12544]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [6.7.2003 13:23 6528]
R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [5.8.2006 15:44 47360]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\System32\drivers\ASUSHWIO.sys --> c:\windows\System32\drivers\ASUSHWIO.sys [?]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [17.9.2011 10:25 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [17.9.2011 10:25 8456]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [6.7.2006 19:56 49399]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\18.tmp --> c:\windows\system32\18.tmp [?]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [25.12.2010 10:49 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [25.12.2010 10:49 32800]
S3 TUXRDBUN;TUXRDBUN;c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe --> c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.pravednes.cz/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://pravednes.cz/#!home
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=

FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 18:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\18.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1390067357-1972579041-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="8203809B1A46CD5F1AA28CF092622CE7D327CE8570F10BF060C7CF29082A45F2A75F47717534EA255F35AEF45286348CE45E2A26C8C8529575ABB7ACDFCB8C3C2AA9395EAC90A9C847AA45C346DE311ADF6BCC9F0F69F2FEC53B8D9CCE076622C8C1DAFD99F6560447C3AFDB8939DD03108E127BC474347A10D7C82FD9EAC86A5849614B6585B1B2E88501A40C6367DB51CC8BA83F87CEF428A719F9DC0B1BFAC128372590607255C7B6806790B5715E18EF7E79A6CCF581F395DE77037C39E0008AFB526B31BF1296E3A9D0310511EA6A05E125F6EAC8D76FCEB089CFD974CA24DE817A9E20B6311BDC2DF357B14F01E15CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB3452C038D530D6EB34529DB7CE019D40AA5CDA43B52009D1C730B7389434FAAF5B9CDFC39930F4C61B8DB0B120B2144E301BACBADC945CA3644C8C3B1C3D2CD07FFA240D488B14307BC1196742CCE88B02F668D2083FB6DFBC41342AAF2CFBA278AEEFABB00E36209369D2A179473CE0BE74970D57E36D280E77176C36F6AB7ED8A0A9919D7EABC96A905EF992D70D7A03DC79CB3F49C941A99A5052649571E1467CE893A9A536859B84F0F0B13BC9A7804100D8043D8815739AAE0C4885776EFA34F86EC5518E4B5557746AC9AFD7DC7973D2E0C28C5B2EE6ADB62F3FC65A6B46FD5C3F39525CBB5DDE07AC26F60D32478A4BF2680EE5BE8F4A9F34805E2DC08952C5099901C19A083779E4645837E256E2F7853717C29C8F2CD4F99053F6FCBBEE9F31D6B3D1CC42BB519F769D96D0A51B9C6EC883FDBE1C54F640CCB43052E65304042FCA11DE0A11495321965E7C4B95AE6C86B398C37D87D72E65924718A8C545ADB8267C7F759ACD5600163610ED7AD81FAD8B096C924C00CC5D001F45B34F6841DA2B8200A8850062FE713AD74BB3798AD271B69BCBEFA9088B188C7ACE3D253554458659603EB519E084FBC1B2F1A3165CD27E5C2E02C6329EF55A77D3A0676534605F25EBF6F8FCBA2DFDE309281F90059D335BD3577802933AC624B04DCF0E6070D723AE2787F5774D3875458CE229DA4617E86987970EBE090309E8DF34539168AF352086D24ED34E17D0761AA0F3424566F9AFEEAFD6498C355311329B3A54439863C9157F36E298FAF7B99039E97094CB27FD2E7F3BAC717857D466432E89FEBBD74C15E741099AB88DC4F3C3E77034692E3B28FA82BB665909F1E11B7DE41D31615B8C98678048165A5F0A8BAC21A8D36FE5854A551722DA83BACC49D8EFA18A733EC454025618D04967DE0E5DB67914F00E334741B8DBF1839417A5598819C9A54FCB10D16E0418EACAC07E04B6B128595BE084B6EB518A6BFA6EBAF7DD0FE5B0FEF4F47B7C0A11F2"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1556)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4044)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-12-07 18:35:48
ComboFix-quarantined-files.txt 2011-12-07 17:35
ComboFix2.txt 2011-12-06 23:15
.
Před spuštěním: Volných bajtů: 11 187 888 128
Po spuštění: Volných bajtů: 11 065 524 224
.
- - End Of File - - D29DEF9443F2EB998475639FE0646C50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:30, on 7.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pravednes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Probe V2.19.04.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TUXRDBUN - Unknown owner - C:\DOCUME~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 6589 bytes

Příspěvekod **jaro3** » 07 pro 2011 19:40

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\strs.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Ten script v Combofixu zopakuj ještě jednou.

Log z HJT už nedávej.

seal. · Příspěvekod **seal.** » 07 pro 2011 21:02

http://www.virustotal.com/file-scan/rep ... 323284519#

ComboFix 11-12-06.02 - Rosťa 07.12.2011 20:35:30.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.512.231 [GMT 1:00]
Spuštěný z: c:\documents and settings\Rosťa\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Rosťa\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *Enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.
FILE ::
"c:\docume~1\ROSA~1\LOCALS~1\Temp\TUXRDBUN.exe"
"c:\windows\strs.exe"
"c:\windows\system32\18.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ASUSHWIO
-------\Legacy_MEMSWEEP2
-------\Legacy_TUXRDBUN
-------\Service_ASUSHWIO
-------\Service_MEMSWEEP2
-------\Service_TUXRDBUN
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-07 do 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 19:51 . 2011-12-07 19:51 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{4AD2BA43-FDDE-4440-8D04-23E7DC5F5069}\offreg.dll
2011-12-06 22:17 . 2011-08-31 16:00 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-12-06 21:47 . 2011-12-06 21:47 388096 -c--a-r- c:\documents and settings\Rosťa\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-06 21:47 . 2011-12-06 21:47 -------- dc----w- c:\program files\Trend Micro
2011-12-06 21:40 . 2007-03-07 16:44 2321288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-06 21:40 . 2011-12-06 21:40 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{4AD2BA43-FDDE-4440-8D04-23E7DC5F5069}\mpengine.dll
2011-12-06 21:30 . 2011-12-06 21:30 -------- dc----w- c:\windows\system32\wbem\Repository
2011-12-06 21:29 . 2011-12-07 18:10 -------- dcs---w- c:\documents and settings\Rosťa\UserData
2011-12-06 21:29 . 2011-12-06 21:29 -------- dc----w- c:\program files\DIFX
2011-12-06 21:29 . 2011-12-06 21:29 -------- dc----w- c:\program files\PC Connectivity Solution
2011-12-06 16:34 . 2011-12-06 16:34 -------- dc----w- c:\documents and settings\Rosťa\Data aplikací\Malwarebytes
2011-12-06 16:33 . 2011-12-06 16:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-06 16:33 . 2011-12-06 22:17 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-06 15:15 . 2011-12-06 15:16 -------- dc----w- c:\program files\Windows Defender
2011-12-06 15:03 . 2011-12-06 15:03 -------- dc----w- c:\program files\Sophos
2011-11-30 19:52 . 2011-11-30 19:52 -------- dc----w- c:\program files\Common Files\InstallShield
2011-11-30 19:02 . 2011-11-30 19:03 -------- dc----w- c:\documents and settings\Rosťa\Data aplikací\Download Manager
2011-11-27 07:09 . 2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2011-11-27 07:09 . 2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2011-11-27 07:09 . 2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2011-11-27 07:09 . 2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2011-11-27 07:09 . 2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
2011-11-27 07:09 . 2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2011-11-27 07:09 . 2011-12-06 08:23 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\Strazca systemu
2011-11-27 07:09 . 2011-11-27 07:08 709668 -c--a-w- c:\windows\unins000.exe
2011-11-27 07:09 . 2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-07 18:59 . 2010-12-28 07:05 128000 -c--a-w- c:\windows\system32\javacpl.cpl
2011-12-07 18:59 . 2010-04-25 09:06 544656 -c--a-w- c:\windows\system32\deployJava1.dll
2011-12-06 21:40 . 2009-10-04 07:33 222080 -c----w- c:\windows\system32\MpSigStub.exe
2011-11-28 18:01 . 2011-06-15 14:25 41184 -c--a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2006-04-27 12:35 199816 -c--a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-06-15 14:25 435032 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2008-04-01 16:41 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2005-02-23 22:44 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2006-04-27 12:35 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2006-04-27 12:35 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2006-04-27 12:35 105176 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2008-04-01 16:41 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2006-04-27 12:35 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-27 07:09 . 2011-01-28 22:58 24064 -c--a-w- c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys
2011-10-10 14:22 . 2004-03-02 11:18 692736 -c--a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2002-09-23 12:00 602112 -c--a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2011-09-26 09:41 613376 -c----w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2002-09-23 12:00 22528 -c--a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2002-09-23 12:00 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-17 07:48 . 2010-12-11 10:10 752128 -c--a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-09-17 07:48 . 2010-12-11 10:09 600928 -c--a-w- c:\windows\system32\drivers\timntr.sys
2011-09-09 16:23 . 2011-09-17 09:25 2469760 -c--a-w- c:\windows\system32\BootMan.exe
2011-11-27 07:46 . 2011-05-11 17:36 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-14 09:59 28672 -csha-w- c:\windows\HkMgrMM.dll
2008-04-30 17:41 926968 -csha-w- c:\windows\HMFAxstr.dll
2010-03-05 23:35 166400 -csha-w- c:\windows\MmWatch.dll
2009-05-02 14:13 186368 -csha-w- c:\windows\ShellExecuteHook.dll
2010-08-12 13:34 2588160 -csha-w- c:\windows\strs.exe
2007-03-21 22:10 24064 -csha-w- c:\windows\Strsys.dll
2008-03-04 16:50 44544 -csha-w- c:\windows\Strsysk.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-06_23.10.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-07 19:52 . 2011-12-07 19:52 16384 c:\windows\temp\Perflib_Perfdata_750.dat
+ 2010-06-11 16:27 . 2011-12-07 19:53 32768 c:\windows\Cookies\index.dat
- 2010-06-11 16:27 . 2011-12-06 22:55 32768 c:\windows\Cookies\index.dat
+ 2011-12-07 18:59 . 2011-12-07 18:59 214408 c:\windows\system32\javaws.exe
+ 2011-12-07 18:59 . 2011-12-07 18:59 173960 c:\windows\system32\javaw.exe
+ 2011-12-07 18:59 . 2011-12-07 18:59 173960 c:\windows\system32\java.exe
+ 2011-12-07 19:00 . 2011-12-07 19:00 176640 c:\windows\Installer\29376c.msi
+ 2011-12-07 18:59 . 2011-12-07 18:59 937984 c:\windows\Installer\29375a.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ASUS\\WL-500gPv2 Wireless Router Utilities\\Discovery.exe"=
"c:\\WINDOWS\\strs.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.6.2011 15:25 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.4.2008 17:41 314456]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 9:21 286720]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95;c:\windows\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [28.1.2011 23:58 24064]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 9:21 81920]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [30.7.2004 11:24 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 17:41 20568]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [7.1.2006 12:21 164992]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [7.1.2006 12:21 12544]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [6.7.2003 13:23 6528]
R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [5.8.2006 15:44 47360]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\ROSA~1\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\ROSA~1\LOCALS~1\Temp\ALSysIO.sys [?]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [17.9.2011 10:25 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [17.9.2011 10:25 8456]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [6.7.2006 19:56 49399]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [25.12.2010 10:49 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [25.12.2010 10:49 32800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.pravednes.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\aaa - škola\TRANSLAT\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\
FF - prefs.js: browser.startup.homepage - hxxp://pravednes.cz/#!home

FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 20:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1390067357-1972579041-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="8203809B1A46CD5F1AA28CF092622CE7D327CE8570F10BF060C7CF29082A45F2A75F47717534EA255F35AEF45286348CE45E2A26C8C8529575ABB7ACDFCB8C3C2AA9395EAC90A9C847AA45C346DE311ADF6BCC9F0F69F2FEC53B8D9CCE076622C8C1DAFD99F6560447C3AFDB8939DD03108E127BC474347A10D7C82FD9EAC86A5849614B6585B1B2E88501A40C6367DB51CC8BA83F87CEF428A719F9DC0B1BFAC128372590607255C7B6806790B5715E18EF7E79A6CCF581F395DE77037C39E0008AFB526B31BF1296E3A9D0310511EA6A05E125F6EAC8D76FCEB089CFD974CA24DE817A9E20B6311BDC2DF357B14F01E15CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB3452C038D530D6EB34529DB7CE019D40AA5CDA43B52009D1C730B7389434FAAF5B9CDFC39930F4C61B8DB0B120B2144E301BACBADC945CA3644C8C3B1C3D2CD07FFA240D488B14307BC1196742CCE88B02F668D2083FB6DFBC41342AAF2CFBA278AEEFABB00E36209369D2A179473CE0BE74970D57E36D280E77176C36F6AB7ED8A0A9919D7EABC96A905EF992D70D7A03DC79CB3F49C941A99A5052649571E1467CE893A9A536859B84F0F0B13BC9A7804100D8043D8815739AAE0C4885776EFA34F86EC5518E4B5557746AC9AFD7DC7973D2E0C28C5B2EE6ADB62F3FC65A6B46FD5C3F39525CBB5DDE07AC26F60D32478A4BF2680EE5BE8F4A9F34805E2DC08952C5099901C19A083779E4645837E256E2F7853717C29C8F2CD4F99053F6FCBBEE9F31D6B3D1CC42BB519F769D96D0A51B9C6EC883FDBE1C54F640CCB43052E65304042FCA11DE0A11495321965E7C4B95AE6C86B398C37D87D72E65924718A8C545ADB8267C7F759ACD5600163610ED7AD81FAD8B096C924C00CC5D001F45B34F6841DA2B8200A8850062FE713AD74BB3798AD271B69BCBEFA9088B188C7ACE3D253554458659603EB519E084FBC1B2F1A3165CD27E5C2E02C6329EF55A77D3A0676534605F25EBF6F8FCBA2DFDE309281F90059D335BD3577802933AC624B04DCF0E6070D723AE2787F5774D3875458CE229DA4617E86987970EBE090309E8DF34539168AF352086D24ED34E17D0761AA0F3424566F9AFEEAFD6498C355311329B3A54439863C9157F36E298FAF7B99039E97094CB27FD2E7F3BAC717857D466432E89FEBBD74C15E741099AB88DC4F3C3E77034692E3B28FA82BB665909F1E11B7DE41D31615B8C98678048165A5F0A8BAC21A8D36FE5854A551722DA83BACC49D8EFA18A733EC454025618D04967DE0E5DB67914F00E334741B8DBF1839417A5598819C9A54FCB10D16E0418EACAC07E04B6B128595BE084B6EB518A6BFA6EBAF7DD0FE5B0FEF4F47B7C0A11F2"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1608)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1048)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Kerio\Personal Firewall 4\kpf4ss.exe
c:\windows\System32\snmp.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\UAService7.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-07 20:59:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-07 19:59
ComboFix2.txt 2011-12-07 17:35
ComboFix3.txt 2011-12-06 23:15
.
Před spuštěním: Volných bajtů: 11 495 845 888
Po spuštění: Volných bajtů: 11 400 024 064
.
- - End Of File - - 1D840537E46D20696BBBEB996DCA5CA3

Příspěvekod **jaro3** » 07 pro 2011 22:01

Nemaže to..

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.

seal. · Příspěvekod **seal.** » 08 pro 2011 19:01

OTL Extras logfile created on: 8.12.2011 18:39:08 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rosťa\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511.53 Mb Total Physical Memory | 218.50 Mb Available Physical Memory | 42.71% Memory free
1.22 Gb Paging File | 1.01 Gb Available in Paging File | 82.43% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.82 Gb Total Space | 11.25 Gb Free Space | 56.77% Space Free | Partition Type: NTFS
Drive D: | 25.38 Gb Total Space | 20.42 Gb Free Space | 80.45% Space Free | Partition Type: NTFS
Drive E: | 29.32 Gb Total Space | 7.13 Gb Free Space | 24.30% Space Free | Partition Type: NTFS

Computer Name: HOFER | User Name: Rosťa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" = C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI -- (Kerio Technologies)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\ASUS\WL-500gPv2 Wireless Router Utilities\Discovery.exe" = C:\Program Files\ASUS\WL-500gPv2 Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application -- (ASUSTeK COMPUTER INC.)
"C:\WINDOWS\strs.exe" = C:\WINDOWS\strs.exe:*:Enabled:Strážca systému -- (MM - Soft, s.r.o.)
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{333BECA0-DED8-4139-A516-8D9E44E22669}" = Kerio Personal Firewall
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.6.12.174
"{7E072CED-C3E0-4792-AE15-903F896BBF14}_is1" = Strážca systému 3.30
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{CA9A3609-3ECC-4574-8824-A8161A71A603}" = Canon MP150
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"ASUS Probe V2.19.04" = ASUS Probe V2.19.04
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.1.6 Beta
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow" = ffdshow
"HijackThis" = HijackThis 2.0.2
"KYE" = Genius NetScroll+ Optical
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Mozilla Firefox 8.0.1 (x86 cs)" = Mozilla Firefox 8.0.1 (x86 cs)
"MP Navigator 2.0" = Canon MP Navigator 2.0
"MV2Player" = MV2Player (remove only)
"Nokia Ovi Suite" = Nokia Ovi Suite
"OpenOffice.org 1.0.3" = OpenOffice.org 1.0.3
"PowerISO" = PowerISO
"SLD CODEC PACK 1.3" = SLD CODEC PACK 1.3
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12.10.2008 4:57:48 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 11.2.2009 9:37:54 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 4.8.2009 14:24:58 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 13.8.2009 16:03:02 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 13.3.2010 2:43:57 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 13.3.2010 2:48:57 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 13.3.2010 2:53:57 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 11.6.2010 11:56:33 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 14.7.2010 14:29:54 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

Error - 14.7.2010 14:39:55 | Computer Name = HOFER | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 6.12.2011 18:11:13 | Computer Name = HOFER | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 6.12.2011 18:20:40 | Computer Name = HOFER | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 6.12.2011 18:20:40 | Computer Name = HOFER | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 6.12.2011 19:18:59 | Computer Name = HOFER | Source = Application Error | ID = 1000
Description = Chybující aplikace strs.exe, verze 3.3.0.5, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 6.12.2011 19:35:03 | Computer Name = HOFER | Source = Application Error | ID = 1000
Description = Chybující aplikace strs.exe, verze 3.3.0.5, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 7.12.2011 11:38:08 | Computer Name = HOFER | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 7.12.2011 12:20:43 | Computer Name = HOFER | Source = Application Error | ID = 1000
Description = Chybující aplikace strs.exe, verze 3.3.0.5, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 7.12.2011 13:23:31 | Computer Name = HOFER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Spojení se serverem nebylo navázáno.

Error - 7.12.2011 13:51:35 | Computer Name = HOFER | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 7.12.2011 15:44:25 | Computer Name = HOFER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.

[ System Events ]
Error - 8.12.2011 13:26:03 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba Kerio Personal Firewall 4 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 8.12.2011 13:26:03 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba SNMP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 8.12.2011 13:26:03 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba SecuROM User Access Service (V7) byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.12.2011 13:32:32 | Computer Name = HOFER | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ElbyVCD

Error - 8.12.2011 13:36:55 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 8.12.2011 13:36:55 | Computer Name = HOFER | Source = Service Control Manager | ID = 7031
Description = Služba Windows Defender byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 15000 milisekund: Restartovat službu.

Error - 8.12.2011 13:36:56 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba SoundMAX Agent Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 8.12.2011 13:36:56 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba SNMP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 8.12.2011 13:36:56 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba SecuROM User Access Service (V7) byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.12.2011 13:36:56 | Computer Name = HOFER | Source = Service Control Manager | ID = 7034
Description = Služba Kerio Personal Firewall 4 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

< End of report >

seal. · Příspěvekod **seal.** » 08 pro 2011 19:05

OTL logfile created on: 8.12.2011 18:39:08 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Rosťa\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511.53 Mb Total Physical Memory | 218.50 Mb Available Physical Memory | 42.71% Memory free
1.22 Gb Paging File | 1.01 Gb Available in Paging File | 82.43% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.82 Gb Total Space | 11.25 Gb Free Space | 56.77% Space Free | Partition Type: NTFS
Drive D: | 25.38 Gb Total Space | 20.42 Gb Free Space | 80.45% Space Free | Partition Type: NTFS
Drive E: | 29.32 Gb Total Space | 7.13 Gb Free Space | 24.30% Space Free | Partition Type: NTFS

Computer Name: HOFER | User Name: Rosťa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.08 18:25:00 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTH.scr
PRC - [2011.12.08 18:00:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2006.11.03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe

========== Modules (No Company Name) ==========

MOD - [2011.12.08 10:55:15 | 001,645,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\algo.dll
MOD - [2011.12.08 00:32:09 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\aswRep.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus(R)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.10.25 10:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.11.03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006.02.21 18:58:29 | 000,221,184 | ---- | M] (Sony DADC Austria AG.) [Auto | Stopped] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2005.10.10 08:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) [Auto | Stopped] -- C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.27 08:09:11 | 000,024,064 | ---- | M] (Eltima Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys -- (HMFAxCore46691b2fe72383a3b643d95081ef1d95)
DRV - [2011.07.29 12:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011.05.18 09:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 09:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 09:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 09:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.01.22 09:28:54 | 000,032,800 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2010.01.22 09:28:52 | 000,143,264 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 23:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 23:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 23:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.01.20 08:07:58 | 000,033,292 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006.08.06 17:54:40 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006.01.20 18:59:28 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2006.01.07 12:21:45 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2006.01.07 12:21:44 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2005.12.23 14:10:46 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2005.11.07 16:50:20 | 000,049,399 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mamotou.sys -- (mamotou)
DRV - [2005.09.26 10:05:06 | 000,286,720 | ---- | M] (Kerio Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2005.09.26 10:05:06 | 000,081,920 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2005.08.18 10:44:44 | 000,011,473 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2005.07.28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2005.04.12 19:21:32 | 000,022,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2005.04.12 19:21:32 | 000,017,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2005.04.12 19:21:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005.04.12 19:21:28 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2005.04.12 19:21:26 | 000,045,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2004.09.29 08:22:22 | 000,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.30 11:24:53 | 000,115,968 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv03.sys -- (prodrv03)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.12.27 03:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002.09.23 13:00:00 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2002.09.23 13:00:00 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2002.09.23 13:00:00 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2002.09.23 13:00:00 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2002.09.23 13:00:00 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2002.09.23 13:00:00 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2002.09.23 13:00:00 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2002.09.23 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.09.23 13:00:00 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2002.09.23 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002.09.23 13:00:00 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2002.09.09 18:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2002.06.24 15:28:48 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)
DRV - [1997.04.22 09:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://tv.nova.cz [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pravednes.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://pravednes.cz/#!home"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.04 10:20:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 08:46:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.31 11:15:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.09.25 17:51:30 | 000,000,000 | ---D | M]

[2008.08.30 06:20:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Extensions
[2011.11.29 09:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\extensions
[2011.11.29 09:41:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.06.27 10:10:28 | 000,000,000 | ---D | M] (jDownFF) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66}
[2010.05.21 21:24:21 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.04.07 15:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\k0w4fgkx.default\extensions
[2011.04.07 15:09:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\k0w4fgkx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2004.12.24 12:16:25 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\k0w4fgkx.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.08.29 05:49:02 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\searchplugins\ask.xml
[2011.12.06 15:43:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\searchplugins\icqplugin-1.xml
[2011.10.09 12:25:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\searchplugins\icqplugin-2.xml
[2011.11.27 08:46:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\searchplugins\icqplugin-3.xml
[2011.09.15 14:28:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rosťa\Data aplikací\Mozilla\Firefox\Profiles\29quvcp7.default\searchplugins\icqplugin.xml
[2011.12.07 20:02:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.07 19:59:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2011.11.27 08:46:17 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.07 19:59:11 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.09 12:25:09 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.09 12:25:09 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.06 20:27:39 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.09 12:25:09 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.09 12:25:09 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.09 12:25:09 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

O1 HOSTS File: ([2011.12.07 20:52:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Probe V2.19.04.lnk = C:\Program Files\ASUS\Probe\AsusProb.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\AAA - ŠKOLA\TRANSLAT\WEBIE.DLL ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4109837963 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83191816-23CC-4180-A6C2-35C0E2DA46E2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Rosťa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rosťa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.12.08 18:00:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTL.exe
[2011.12.08 17:58:00 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTH.scr
[2011.12.08 17:51:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.12.07 20:49:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.12.07 19:14:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Rosťa\Recent
[2011.12.06 23:17:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.12.06 23:17:40 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.06 22:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.12.06 22:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rosťa\Nabídka Start\Programy\HiJackThis
[2011.12.06 22:29:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Rosťa\UserData
[2011.12.06 22:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.12.06 22:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011.12.06 21:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rosťa\UserData(2)
[2011.12.06 17:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rosťa\Data aplikací\Malwarebytes
[2011.12.06 17:33:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.12.06 17:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.06 16:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011.12.06 16:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
[2011.12.06 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011.11.30 20:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.11.30 20:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rosťa\Data aplikací\Download Manager
[2011.11.27 08:09:08 | 000,186,368 | -HS- | C] (MM - Soft, s.r.o.) -- C:\WINDOWS\ShellExecuteHook.dll
[2011.11.27 08:09:08 | 000,166,400 | -HS- | C] (MM - Soft, s.r.o.) -- C:\WINDOWS\MmWatch.dll
[2011.11.27 08:09:07 | 000,926,968 | -HS- | C] (Eltima Software) -- C:\WINDOWS\HMFAxstr.dll
[2011.11.27 08:09:06 | 002,588,160 | -HS- | C] (MM - Soft, s.r.o.) -- C:\WINDOWS\strs.exe
[2011.11.27 08:09:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\Strazca systemu
[2006.08.05 15:44:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Rosťa\Data aplikací\pcouffin.sys
[2004.08.03 21:12:36 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll

========== Files - Modified Within 30 Days ==========

[2011.12.08 18:40:13 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.12.08 18:33:27 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.08 18:32:07 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2011.12.08 18:25:00 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTH.scr
[2011.12.08 18:08:20 | 000,001,699 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2011.12.08 18:00:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rosťa\Plocha\OTL.exe
[2011.12.07 20:52:22 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.06 23:27:57 | 000,002,316 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.12.06 16:50:41 | 003,381,177 | ---- | M] () -- C:\WINDOWS\System32\BALORVJ
[2011.12.04 10:20:31 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.11.29 16:40:59 | 000,411,041 | ---- | M] () -- C:\Documents and Settings\Rosťa\Plocha\bookmarks-2011-11-29.json
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.11.27 08:09:11 | 000,024,064 | ---- | M] (Eltima Software) -- C:\WINDOWS\System32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys
[2011.11.27 08:09:08 | 000,007,351 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2011.11.27 08:08:38 | 000,709,668 | ---- | M] () -- C:\WINDOWS\unins000.exe
[2011.11.26 08:40:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hlistHMFAxCore46691b2fe72383a3b643d95081ef1d95
[2011.11.16 17:27:19 | 000,005,081 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2011.11.16 17:27:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC

========== Files Created - No Company Name ==========

[2011.12.08 18:08:57 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Probe V2.19.04.lnk
[2011.12.06 16:48:58 | 003,381,177 | ---- | C] () -- C:\WINDOWS\System32\BALORVJ
[2011.12.06 16:17:40 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.12.06 16:16:01 | 000,000,961 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Defender.lnk
[2011.11.29 16:40:59 | 000,411,041 | ---- | C] () -- C:\Documents and Settings\Rosťa\Plocha\bookmarks-2011-11-29.json
[2011.11.27 08:09:08 | 000,028,672 | -HS- | C] () -- C:\WINDOWS\HkMgrMM.dll
[2011.11.27 08:09:08 | 000,015,230 | -HS- | C] () -- C:\WINDOWS\Slovak.lng
[2011.11.27 08:09:08 | 000,014,893 | -HS- | C] () -- C:\WINDOWS\Czech.lng
[2011.11.27 08:09:07 | 000,075,556 | -HS- | C] () -- C:\WINDOWS\strazca_systemu.chm
[2011.11.27 08:09:07 | 000,044,544 | -HS- | C] () -- C:\WINDOWS\Strsysk.dll
[2011.11.27 08:09:07 | 000,039,226 | -HS- | C] () -- C:\WINDOWS\buzzer.wav
[2011.11.27 08:09:07 | 000,024,064 | -HS- | C] () -- C:\WINDOWS\Strsys.dll
[2011.11.27 08:09:06 | 000,709,668 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2011.11.27 08:09:06 | 000,007,351 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2011.11.26 08:40:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hlistHMFAxCore46691b2fe72383a3b643d95081ef1d95
[2011.09.17 10:25:17 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011.09.17 10:25:17 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011.09.17 10:25:17 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011.09.17 10:25:16 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011.09.17 10:25:16 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2009.06.21 17:38:06 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\vso_ts_preview.xml
[2009.06.02 21:46:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sscnc620.dll
[2009.06.02 21:46:54 | 000,000,072 | ---- | C] () -- C:\WINDOWS\VcncDll.INI
[2008.09.10 09:05:00 | 000,000,035 | ---- | C] () -- C:\WINDOWS\OleTest.ini
[2007.10.05 15:32:49 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2007.09.25 15:24:29 | 000,000,130 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.06.17 14:24:23 | 000,000,990 | ---- | C] () -- C:\WINDOWS\System32\amsiq19a.sys
[2007.04.26 09:21:34 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\khips.sys
[2007.03.25 14:31:39 | 000,000,990 | ---- | C] () -- C:\WINDOWS\System32\zipyakw.dll
[2007.01.13 14:08:27 | 000,028,664 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007.01.13 09:40:59 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\veolx32n.dll
[2007.01.09 21:31:13 | 000,000,435 | ---- | C] () -- C:\WINDOWS\DIDAKTA.INI
[2007.01.07 09:04:49 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2006.11.11 18:02:28 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\tscp_7a.ini
[2006.10.28 11:06:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2006.09.27 17:56:33 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\.zreglib
[2006.08.19 20:35:06 | 000,302,592 | ---- | C] () -- C:\WINDOWS\mauninst.exe
[2006.08.17 21:29:05 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pdf2word.DAT
[2006.08.06 10:50:32 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Power Video Converter.INI
[2006.08.05 15:44:16 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\ezpinst.exe
[2006.08.05 15:44:16 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\pcouffin.cat
[2006.08.05 15:44:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\pcouffin.inf
[2006.08.03 19:32:40 | 000,001,875 | ---- | C] () -- C:\WINDOWS\cyklopruvodce.INI
[2006.07.31 16:02:12 | 000,000,167 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2006.07.08 14:24:59 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2006.07.06 20:15:00 | 000,000,120 | ---- | C] () -- C:\WINDOWS\PbkUser.INI
[2006.06.30 12:05:33 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006.04.03 19:47:49 | 000,000,048 | ---- | C] () -- C:\WINDOWS\ELJ0102.dat
[2006.03.22 21:10:21 | 000,000,157 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2006.03.20 16:30:10 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2006.03.01 16:51:37 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7K.DLL
[2006.02.13 18:23:38 | 000,000,039 | ---- | C] () -- C:\WINDOWS\KA.ini
[2006.02.03 18:32:16 | 000,003,796 | ---- | C] () -- C:\WINDOWS\GERMMENU.INI
[2006.02.03 18:27:28 | 000,000,323 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2006.02.03 18:27:27 | 000,001,699 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2006.01.22 09:39:03 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2006.01.16 18:49:57 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ELMER.INI
[2006.01.07 12:21:45 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2006.01.07 12:21:44 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2005.12.27 11:36:40 | 000,001,089 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2005.12.23 14:10:46 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2005.12.14 19:38:17 | 000,002,096 | ---- | C] () -- C:\WINDOWS\ROUTE66.INI
[2005.12.14 19:37:36 | 000,002,758 | -H-- | C] () -- C:\WINDOWS\as456.ini
[2005.12.12 19:53:10 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Rosťa\Local Settings\Data aplikací\fusioncache.dat
[2005.11.02 20:41:13 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2005.07.01 11:52:07 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005.06.29 08:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.06.29 08:27:34 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.03.28 07:43:45 | 000,002,671 | ---- | C] () -- C:\WINDOWS\SETUPACT.INI
[2005.02.20 11:57:34 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\tscp_4a.ini
[2005.02.17 11:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.17 11:31:57 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.02.17 11:31:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2005.02.16 18:37:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\tscp_0a.ini
[2005.01.25 20:20:15 | 000,003,208 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2005.01.22 18:44:17 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\tscp_0b.ini
[2005.01.02 14:08:08 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Pomeranc.ini
[2005.01.02 14:04:19 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Jahoda.ini
[2005.01.02 14:01:49 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Visen.ini
[2005.01.02 13:59:42 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Jablko.ini
[2005.01.02 13:55:39 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Citron.ini
[2005.01.02 13:53:35 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Vanilka.ini
[2004.12.27 19:06:24 | 000,003,856 | ---- | C] () -- C:\WINDOWS\ENGLMENU.INI
[2004.12.27 09:28:26 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\sav80231.sys
[2004.12.27 09:17:35 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2004.12.27 09:17:27 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2004.12.25 08:52:58 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI
[2004.12.24 12:16:18 | 000,100,489 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2004.12.24 12:15:54 | 000,003,432 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004.11.16 20:57:06 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2004.10.13 16:13:28 | 000,000,228 | ---- | C] () -- C:\WINDOWS\CROCCLIP.INI
[2004.09.30 16:16:38 | 000,000,329 | ---- | C] () -- C:\WINDOWS\cgolfvr.ini
[2004.09.30 15:35:17 | 000,000,160 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004.09.26 17:13:19 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(8).dll
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(7).dll
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(6).dll
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(5).dll
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(4).dll
[2004.08.03 20:35:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(3).dll
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(30).exe
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(29).exe
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(28).exe
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(27).exe
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(26).exe
[2004.08.03 20:35:08 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(25).exe
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.06.01 15:45:20 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004.06.01 15:45:20 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004.06.01 15:45:20 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004.05.20 20:21:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2004.03.01 11:06:06 | 000,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2004.03.01 11:06:06 | 000,111,308 | ---- | C] () -- C:\WINDOWS\System32\GMTUninstall.exe
[2004.02.07 22:24:34 | 000,252,416 | ---- | C] () -- C:\WINDOWS\UN160405.EXE
[2004.02.07 22:24:33 | 000,000,054 | ---- | C] () -- C:\WINDOWS\compedia.ini
[2004.02.06 17:39:45 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\tscpsnd.ini
[2004.01.22 18:37:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(2)(3).dll
[2004.01.16 22:05:43 | 000,000,146 | ---- | C] () -- C:\WINDOWS\liskulka.ini
[2003.12.24 19:18:05 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003.12.24 15:24:15 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2003.12.12 16:05:11 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2003.12.11 22:34:18 | 000,003,580 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2003.12.10 18:27:57 | 000,000,051 | ---- | C] () -- C:\WINDOWS\mscpt.dat
[2003.11.26 23:24:06 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2003.11.26 23:24:06 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2003.11.26 16:40:15 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2003.11.24 14:50:26 | 000,174,882 | ---- | C] () -- C:\WINDOWS\SETUPZ1.EXE
[2003.11.08 23:17:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\rmf.ini
[2003.11.06 19:43:24 | 000,035,772 | ---- | C] () -- C:\WINDOWS\INSTALL.DAT
[2003.10.29 14:14:05 | 000,000,260 | ---- | C] () -- C:\WINDOWS\headache.ini
[2003.10.22 22:27:40 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003.10.14 15:51:40 | 000,000,056 | ---- | C] () -- C:\WINDOWS\CoverDes.INI
[2003.10.11 12:56:53 | 000,000,034 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2003.10.11 12:56:46 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\Crde96v3.dll
[2003.10.11 12:56:46 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\I3tif32.dll
[2003.10.11 12:56:46 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\I3spec32.dll
[2003.10.11 12:56:42 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2003.10.11 12:56:40 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2003.10.11 12:56:40 | 000,004,528 | ---- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2003.10.11 12:42:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2003.10.10 21:03:19 | 000,006,067 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2003.10.10 20:44:09 | 000,264,192 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2003.10.10 19:37:54 | 000,002,971 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2003.10.09 16:33:41 | 000,094,720 | ---- | C] () -- C:\WINDOWS\System32\Sh30w32.dll
[2003.10.03 15:51:45 | 000,001,028 | ---- | C] () -- C:\WINDOWS\level.ini
[2003.10.02 17:21:40 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\fgkey10.exe
[2003.10.02 16:04:41 | 000,000,746 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003.10.02 14:58:00 | 000,000,076 | ---- | C] () -- C:\WINDOWS\FS.INI
[2003.10.02 14:37:47 | 000,000,463 | ---- | C] () -- C:\WINDOWS\WEBTRAN4.INI
[2003.10.02 14:28:12 | 000,001,465 | ---- | C] () -- C:\WINDOWS\SETUPGB.INI
[2003.10.01 16:16:37 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2003.10.01 14:35:10 | 000,000,008 | ---- | C] () -- C:\WINDOWS\tourns.INI
[2003.09.30 22:25:14 | 000,000,012 | ---- | C] () -- C:\WINDOWS\team1.INI
[2003.09.30 22:25:14 | 000,000,012 | ---- | C] () -- C:\WINDOWS\human2 nimmari.INI
[2003.09.30 22:25:14 | 000,000,011 | ---- | C] () -- C:\WINDOWS\team2.INI
[2003.09.30 22:25:14 | 000,000,011 | ---- | C] () -- C:\WINDOWS\sinisen nimi.INI
[2003.09.30 22:25:14 | 000,000,011 | ---- | C] () -- C:\WINDOWS\pl4nimi.INI
[2003.09.30 22:25:14 | 000,000,011 | ---- | C] () -- C:\WINDOWS\pl3nimi.INI
[2003.09.30 22:25:14 | 000,000,010 | ---- | C] () -- C:\WINDOWS\varma.INI
[2003.09.30 22:25:14 | 000,000,010 | ---- | C] () -- C:\WINDOWS\punasen nimi.INI
[2003.09.30 22:25:14 | 000,000,009 | ---- | C] () -- C:\WINDOWS\kesto.INI
[2003.09.30 22:25:14 | 000,000,008 | ---- | C] () -- C:\WINDOWS\koodit.INI
[2003.09.30 22:25:14 | 000,000,008 | ---- | C] () -- C:\WINDOWS\ekakerta.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\sinisen maalit.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\punaisen maalit.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\painostus sin.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\painostus pun.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\monesmatsi.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\laukaukset sin.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\laukaukset pun.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\kiekkoaika sin.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\kiekkoaika pun.INI
[2003.09.30 22:25:13 | 000,000,008 | ---- | C] () -- C:\WINDOWS\erät.INI
[2003.09.30 22:24:38 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2003.09.27 13:44:19 | 000,000,069 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2003.09.27 13:44:15 | 000,005,081 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2003.09.27 13:44:15 | 000,002,316 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2003.09.24 21:35:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2003.09.17 09:44:36 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2003.09.12 19:20:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2003.09.12 19:20:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2003.09.11 22:08:11 | 000,002,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\VRETRACE.sys
[2003.09.09 09:38:15 | 000,000,233 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003.07.23 10:25:02 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010205PNG.dll
[2003.07.23 10:24:46 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010104Z.dll
[2003.07.23 10:24:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX015003JP2.dll
[2003.07.13 22:17:42 | 000,006,046 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2003.07.11 17:23:37 | 000,001,892 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2003.07.07 15:32:49 | 000,003,241 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2003.07.07 15:26:54 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\user60.rdb
[2003.07.07 15:25:57 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\Rosťa\Data aplikací\sversion.ini
[2003.07.07 15:22:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2003.07.07 11:15:47 | 000,000,578 | ---- | C] () -- C:\WINDOWS\M3JPEG.INI
[2003.07.06 18:37:40 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2003.07.06 16:01:30 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Rosťa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.07.06 15:06:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3w.DLL
[2003.07.06 14:11:58 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003.07.06 14:11:21 | 000,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003.07.06 14:10:51 | 000,334,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003.07.06 13:23:48 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2003.07.06 12:58:32 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003.07.06 12:44:32 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2003.07.06 12:42:09 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2003.07.06 12:35:41 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2003.07.06 12:35:27 | 000,003,617 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2003.07.06 12:33:56 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003.07.06 12:20:46 | 000,022,972 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(9).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(8).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(7).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(6).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(5).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(4).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(3).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(24).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(23).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(22).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(21).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(20).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(2).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(19).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(18).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(17).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(16).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(15).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(14).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(13).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(12).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(11).exe
[2003.06.02 21:30:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx(10).exe
[2002.12.05 18:51:00 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2002.09.23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.09.23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002.09.23 13:00:00 | 000,430,360 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002.09.23 13:00:00 | 000,427,110 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2002.09.23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002.09.23 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2002.09.23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002.09.23 13:00:00 | 000,088,058 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2002.09.23 13:00:00 | 000,074,050 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002.09.23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002.09.23 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2002.09.23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002.09.23 13:00:00 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2002.09.23 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002.09.23 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002.09.23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.06.12 08:37:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\config-divx.exe
[2002.03.21 13:39:02 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2002.03.13 16:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002.03.05 11:35:49 | 000,285,696 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2002.02.08 03:20:20 | 000,002,063 | ---- | C] () -- C:\WINDOWS\System32\my.ini
[2001.11.22 21:39:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\lmunin2.exe
[2001.09.19 21:52:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2001.08.16 19:04:46 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ming.dll
[2001.07.26 20:44:38 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\libxml2.dll
[2001.05.16 23:17:04 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2001.05.16 23:16:30 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2000.10.22 19:26:44 | 000,438,334 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2000.10.22 05:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\libsasl.dll
[2000.10.07 07:41:10 | 000,747,486 | ---- | C] () -- C:\WINDOWS\System32\iconv-1.3.dll
[2000.09.27 02:28:20 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2000.08.24 19:44:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2000.08.24 19:44:08 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2000.08.23 06:26:26 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\APmpg4v1.dll
[2000.07.22 16:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[1999.05.24 12:26:42 | 000,317,440 | ---- | C] () -- C:\WINDOWS\System32\FdfTk.dll
[1997.09.08 01:13:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\mSQL.dll

pokracovani v dalsi odpovedi.

Prosím o kontrolu logu - problémy pri startu. Vyřešeno

Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Re: Prosím o kontrolu logu - problémy pri startu.

Kdo je online