Prosím o kontrolu logu

S!r_R3w!p · Příspěvekod **S!r_R3w!p** » 24 dub 2010 10:16

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:13, on 24.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\PC\Plocha\Miranda IM\miranda32.exe
D:\Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\apache\APACHE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
c:\apache\APACHE.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Files\QIP\qip.exe
D:\Files\Mozilla Firefox\firefox.exe
D:\Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "D:\Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - miranda32.lnk = C:\Documents and Settings\PC\Plocha\Miranda IM\miranda32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - D:\Files\QIP\qip.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7214756640
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1765033445
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: Ś?D
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8715 bytes

DÍKY

Reklama

bledulka · Příspěvekod **bledulka** » 25 dub 2010 11:52

Ahoj,

Stahni CCleaner http://www.filehippo.com/download_cclea ... cbae6b492/
-nainstaluj (neinstaluj Yahoo toolbar)

-zvol záložku Čistič
-nechej v levém sloupečku zatrhnuté vše jak je a zmáčkni tlačítko analyzovat
-pak potvrď tlačítko Spustit Ccleaner
-tím se vyčistí počítač od dočasných soubborů, doporučuji pravidelně používat.

-vyber záložku registry
-klikni na tlačítko hledej problémy
-pak klikni na opravit vybrané problémy, potvrď, že chceš udělat zálohu a nech všechno opravit

Stáhni OTL http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož

Co máš za problémy s počítačem?

S!r_R3w!p · Příspěvekod **S!r_R3w!p** » 25 dub 2010 14:26

Problémy s instalací programů Adobe

OTL logfile created on: 25.4.2010 14:20:28 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = D:\Programy a Hry
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 344,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 26,52 Gb Free Space | 45,25% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 29,01 Gb Free Space | 32,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAVER-5292CCC30
Current User Name: PC
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.25 14:19:07 | 000,562,688 | ---- | M] (OldTimer Tools) -- D:\Programy a Hry\OTL.exe
PRC - [2010.04.16 21:04:31 | 000,532,976 | ---- | M] (Google Inc.) -- C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.03.05 17:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.02.02 12:23:52 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.02 12:21:56 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.11.18 21:40:16 | 000,693,830 | ---- | M] ( ) -- C:\Documents and Settings\PC\Plocha\Miranda IM\miranda32.exe
PRC - [2009.11.16 10:04:30 | 000,735,960 | ---- | M] (ESET) -- D:\Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009.11.16 10:03:32 | 002,054,360 | ---- | M] (ESET) -- D:\Files\ESET\ESET Smart Security\egui.exe
PRC - [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- D:\Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.05 21:56:50 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2002.01.25 06:30:52 | 000,020,480 | ---- | M] () -- c:\apache\Apache.exe

========== Modules (SafeList) ==========

MOD - [2010.04.25 14:19:07 | 000,562,688 | ---- | M] (OldTimer Tools) -- D:\Programy a Hry\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2010.04.23 12:50:27 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.02 12:21:56 | 001,043,784 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.02 12:18:22 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.11.16 10:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.11.16 10:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- D:\Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.09.08 07:07:36 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2002.01.25 06:30:52 | 000,020,480 | ---- | M] () [Auto | Running] -- c:\apache\APACHE.EXE -- (PHPGeekUtil)

========== Driver Services (SafeList) ==========

DRV - [2010.03.12 21:14:15 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.02.28 19:19:48 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.16 10:06:48 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009.11.16 10:06:44 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009.11.16 10:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 09:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.21 18:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.06.19 09:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009.06.04 02:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009.06.04 02:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009.06.04 02:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2004.10.27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-796845957-884357618-1801674531-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-796845957-884357618-1801674531-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A 0C 24 CF 4C 85 CA 01 [binary data]
IE - HKU\S-1-5-21-796845957-884357618-1801674531-1006\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-796845957-884357618-1801674531-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Files\Mozilla Firefox\components [2010.04.06 20:16:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Files\Mozilla Firefox\plugins [2010.04.23 14:47:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.02.26 21:57:57 | 000,000,000 | ---D | M]

[2010.02.28 14:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Extensions
[2010.04.23 20:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\azy0uzss.default\extensions
[2010.02.28 14:57:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\azy0uzss.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.04 17:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\azy0uzss.default\extensions\DTToolbar@toolbarnet.com
[2010.03.03 22:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\azy0uzss.default\extensions\personas@christopher.beard

O1 HOSTS File: ([2004.08.18 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-796845957-884357618-1801674531-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] D:\Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKU\S-1-5-21-796845957-884357618-1801674531-1006..\Run: [DAEMON Tools Lite] D:\Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění\Zástupce - miranda32.lnk = C:\Documents and Settings\PC\Plocha\Miranda IM\miranda32.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-884357618-1801674531-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7214756640 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1765033445 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (Ś︼D) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.07 21:29:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.02.26 21:12:36 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.04.24 12:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Plocha\Perfekt3DEarthMoonScreen
[2010.04.24 12:36:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Data aplikací\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.04.24 12:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\AdobeSupportAdvisor
[2010.04.24 09:14:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PC\Recent
[2010.04.23 14:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.04.23 14:47:37 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.23 14:47:37 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.23 14:47:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.23 14:47:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.23 13:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Data aplikací\Malwarebytes
[2010.04.23 13:18:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.23 13:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.04.23 13:18:34 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.23 13:18:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.23 12:50:30 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.04.23 12:50:28 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.04.23 12:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Data aplikací\TuneUp Software
[2010.04.23 12:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010.04.23 12:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.04.23 12:49:33 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.15 16:21:04 | 000,029,184 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
[2010.04.06 21:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Plocha\YouTube
[2010.04.06 21:43:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Dokumenty\Any Video Converter Professional
[2010.04.06 21:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Data aplikací\Any Video Converter Professional
[2010.04.05 22:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Data aplikací\Media Player Classic
[2010.04.05 09:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Symantec
[2010.04.05 09:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Norton
[2010.04.05 09:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
[2010.04.04 22:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010.04.04 22:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.04.04 22:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2010.03.29 21:09:08 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2010.03.29 21:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\WINDOWS
[2010.03.29 21:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\Pokémon Play It! v2
[2010.03.29 21:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Plocha\pok
[2010.03.28 22:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Plocha\FreeRapid-0.82
[2010.03.28 08:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.25 14:19:46 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\PC\NTUSER.DAT
[2010.04.25 14:18:29 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{75C81C7A-8325-4AFF-93B6-E54373931EA9}.job
[2010.04.25 14:14:48 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.25 14:14:38 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Zástupce - Filmy.lnk
[2010.04.25 13:58:29 | 000,000,560 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.04.25 08:23:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.25 08:23:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.24 23:22:45 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\PC\ntuser.ini
[2010.04.24 22:49:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-884357618-1801674531-1006UA.job
[2010.04.24 12:51:34 | 000,000,316 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\More 3D Screensavers .lnk
[2010.04.24 12:39:30 | 004,773,564 | -H-- | M] () -- C:\Documents and Settings\PC\Local Settings\Data aplikací\IconCache.db
[2010.04.24 12:37:09 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AdobeSupportAdvisor.lnk
[2010.04.24 10:57:14 | 007,248,794 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\12715.mp3
[2010.04.24 10:57:14 | 003,183,253 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\charlie straight - your house .mp3
[2010.04.24 10:49:00 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-884357618-1801674531-1006Core.job
[2010.04.24 10:35:00 | 004,428,771 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\tiesto & nelly furtado - who wants to be alone .mp3
[2010.04.24 10:25:50 | 000,064,316 | ---- | M] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100424_102543.reg
[2010.04.24 10:23:28 | 006,473,531 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\79cf6237404f0beb97c11952cff3b834.mp3
[2010.04.24 10:18:59 | 007,894,454 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\54e8c199d626e25f40ee49e93e1a57bd.mp3
[2010.04.24 10:14:52 | 004,425,856 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\3278041_Justin_Bieber_Feat._Ludacris_Baby.mp3
[2010.04.24 10:07:49 | 005,048,172 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Alors-On-Danse.mp3
[2010.04.24 10:04:21 | 003,692,672 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\76c10ebe5d61af76aac79d4241803732.mp3
[2010.04.24 09:54:58 | 003,573,852 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\c9dac14d720e50eb00f73411f634ea2f.mp3
[2010.04.24 09:13:54 | 000,318,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.23 22:56:44 | 005,075,072 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\bonkeytrunk_-_Bla%2C_Bla%2C_Bla_%28Eurocore_New_Wave_Remix%29.mp3
[2010.04.23 22:56:24 | 002,912,370 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\david guetta - gettin' over (feat. chris willis).mp3
[2010.04.23 15:13:28 | 000,087,936 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.04.23 13:18:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.23 12:50:26 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TuneUp 1-Click Maintenance.lnk
[2010.04.23 12:50:26 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TuneUp Utilities.lnk
[2010.04.23 12:17:50 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Microsoft Office Word 2007.lnk
[2010.04.21 06:49:48 | 000,002,234 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Google Chrome.lnk
[2010.04.18 09:22:28 | 003,006,455 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\fargetta get far - the radio.mp3
[2010.04.17 17:06:37 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.04.17 14:27:02 | 003,233,408 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\aura dione - i will love you monday.mp3
[2010.04.17 14:23:29 | 003,471,645 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\train - hey, soul sister.mp3
[2010.04.17 00:02:07 | 011,711,392 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\rihannarudeboytrickbabiesremix.mp3
[2010.04.14 20:54:25 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.04.13 18:33:16 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Word Manager DEMO.lnk
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.11 18:53:24 | 009,407,562 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Top 10 skills Cristiano Ronaldo.avi
[2010.04.11 18:53:12 | 036,922,572 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\world best matrix soccer skills 2.avi
[2010.04.11 18:52:22 | 001,612,094 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Ronaldo new skill.avi
[2010.04.07 18:37:12 | 000,014,892 | ---- | M] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100407_183707.reg
[2010.04.06 21:43:29 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\Any Video Converter Professional.lnk
[2010.04.05 11:19:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.04.04 22:17:04 | 000,001,427 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\DivX Movies.lnk
[2010.04.03 13:44:46 | 004,447,891 | ---- | M] () -- C:\Documents and Settings\PC\Plocha\9f957cec94b231a2c11c24749cf10ebe.mp3
[2010.04.01 14:53:59 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Civilization III - Conquests.lnk
[2010.04.01 14:53:59 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Civilization III - Play The World.lnk
[2010.04.01 14:53:58 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Civilization III.lnk
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.28 18:19:37 | 000,444,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 18:19:37 | 000,441,086 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 18:19:37 | 000,083,742 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 18:19:37 | 000,072,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 18:19:36 | 001,055,414 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.27 20:35:19 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100327_193512.reg
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.25 14:14:38 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\Zástupce - Filmy.lnk
[2010.04.24 12:51:34 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\More 3D Screensavers .lnk
[2010.04.24 12:36:50 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AdobeSupportAdvisor.lnk
[2010.04.24 10:25:45 | 000,064,316 | ---- | C] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100424_102543.reg
[2010.04.23 23:00:40 | 006,473,531 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\79cf6237404f0beb97c11952cff3b834.mp3
[2010.04.23 22:58:44 | 003,692,672 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\76c10ebe5d61af76aac79d4241803732.mp3
[2010.04.23 22:57:08 | 003,573,852 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\c9dac14d720e50eb00f73411f634ea2f.mp3
[2010.04.23 22:55:31 | 005,075,072 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\bonkeytrunk_-_Bla%2C_Bla%2C_Bla_%28Eurocore_New_Wave_Remix%29.mp3
[2010.04.23 22:54:55 | 003,183,253 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\charlie straight - your house .mp3
[2010.04.23 22:54:28 | 007,894,454 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\54e8c199d626e25f40ee49e93e1a57bd.mp3
[2010.04.23 22:53:52 | 004,425,856 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\3278041_Justin_Bieber_Feat._Ludacris_Baby.mp3
[2010.04.23 22:53:35 | 005,048,172 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\Alors-On-Danse.mp3
[2010.04.23 22:53:25 | 007,248,794 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\12715.mp3
[2010.04.23 22:53:15 | 002,912,370 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\david guetta - gettin' over (feat. chris willis).mp3
[2010.04.23 22:53:03 | 004,428,771 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\tiesto & nelly furtado - who wants to be alone .mp3
[2010.04.23 13:18:43 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.23 12:50:35 | 000,000,560 | ---- | C] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.04.23 12:50:26 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TuneUp 1-Click Maintenance.lnk
[2010.04.23 12:50:26 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TuneUp Utilities.lnk
[2010.04.22 10:35:33 | 801,269,970 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\V.D.O.2009.DivX.by.Willy4400..avi
[2010.04.17 17:06:37 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.04.17 00:02:32 | 003,233,408 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\aura dione - i will love you monday.mp3
[2010.04.17 00:02:04 | 003,006,455 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\fargetta get far - the radio.mp3
[2010.04.17 00:01:03 | 011,711,392 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\rihannarudeboytrickbabiesremix.mp3
[2010.04.16 23:59:49 | 003,471,645 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\train - hey, soul sister.mp3
[2010.04.13 18:33:16 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Word Manager DEMO.lnk
[2010.04.11 18:53:09 | 009,407,562 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\Top 10 skills Cristiano Ronaldo.avi
[2010.04.11 18:52:32 | 036,922,572 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\world best matrix soccer skills 2.avi
[2010.04.11 18:52:20 | 001,612,094 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\Ronaldo new skill.avi
[2010.04.07 18:37:09 | 000,014,892 | ---- | C] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100407_183707.reg
[2010.04.06 21:43:29 | 000,000,580 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\Any Video Converter Professional.lnk
[2010.04.04 22:17:04 | 000,001,427 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\DivX Movies.lnk
[2010.04.03 12:55:15 | 004,447,891 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\9f957cec94b231a2c11c24749cf10ebe.mp3
[2010.04.01 14:53:59 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Civilization III - Conquests.lnk
[2010.04.01 14:53:58 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Civilization III - Play The World.lnk
[2010.04.01 14:53:58 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Civilization III.lnk
[2010.03.30 18:09:39 | 000,745,220 | ---- | C] () -- C:\Documents and Settings\PC\Plocha\mini_dust2.bsp
[2010.03.27 20:35:14 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\PC\Dokumenty\cc_20100327_193512.reg
[2010.03.17 19:04:26 | 000,000,783 | ---- | C] () -- C:\WINDOWS\DIDAKTA.INI
[2009.09.20 19:40:46 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.09.19 08:22:24 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.09.19 08:22:23 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.09.19 08:22:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.09.19 08:22:20 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.09.19 08:22:20 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.09.19 08:22:17 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.09.19 08:22:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.09.07 21:31:35 | 000,000,996 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2006.01.30 11:00:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1018.DLL
[2004.08.18 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004047_.tmp.dll
[2004.08.18 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004015_.tmp.dll
[2004.08.17 17:49:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002.02.08 04:20:20 | 000,002,063 | ---- | C] () -- C:\WINDOWS\System32\my.ini
[2001.12.30 23:27:06 | 001,155,072 | ---- | C] () -- C:\WINDOWS\System32\php4ts.dll
[2001.09.19 22:52:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2001.08.16 20:04:46 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ming.dll
[2001.07.26 21:44:38 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\libxml2.dll
[2001.05.17 00:17:04 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2001.05.17 00:16:30 | 000,860,160 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2001.01.12 11:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2000.10.22 20:26:44 | 000,438,334 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2000.10.22 06:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\libsasl.dll
[2000.10.07 08:41:10 | 000,747,486 | ---- | C] () -- C:\WINDOWS\System32\iconv-1.3.dll
[2000.09.27 03:28:20 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2000.08.24 20:44:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2000.08.24 20:44:08 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[1999.05.24 13:26:42 | 000,317,440 | ---- | C] () -- C:\WINDOWS\System32\FdfTk.dll
[1997.09.08 02:13:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\mSQL.dll

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\PC\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2009.12.25 12:34:48 | 000,135,664 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.03.09 10:02:14 | 026,100,520 | R--- | M] (Skype Technologies S.A.)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "D:\Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd)

< c:\windows\*.* /U >
[17 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.02.26 22:53:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: IASTOR.SYS >
[2004.09.26 15:24:54 | 000,477,952 | ---- | M] (Intel Corporation) MD5=DD19FDD8BB262F64A11C50CC23FC6F70 -- C:\WINDOWS\OEM\iaStor\iaStor.sys

< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004.09.02 09:24:38 | 000,082,816 | ---- | M] (NVIDIA Corporation) MD5=EEABD98AA887DD923546F20D400B2907 -- C:\WINDOWS\OEM\nvatabus\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2004.05.18 15:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\OEM\viapdsk\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F6E5C7FB
< End of report >

bledulka · Příspěvekod **bledulka** » 26 dub 2010 09:28

:arrow: Spusť OTL
-do bílého okna dole zkopíruj:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F6E5C7FB
O20 - AppInit_DLLs: (Ś︼D) - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-796845957-884357618-1801674531-1006\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
[2010.03.04 17:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Data aplikací\Mozilla\Firefox\Profiles\azy0uzss.default\extensions\DTToolbar@toolbarnet.com
IE - HKU\S-1-5-21-796845957-884357618-1801674531-1006\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\PC\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\System32\_004047_.tmp.dll
 C:\WINDOWS\System32\_004015_.tmp.dll
C:\WINDOWS\nircmd.exe

:commands
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[Reboot]

-klikni na tlačítko opravit.
-log vlož zde

Jaké problémy při instalaci Abdobe? Co Ti to píše?
Tys použil combofix?

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online