prosím o kontrolu- 100% CPU

apurvathea · Příspěvekod **apurvathea** » 22 úno 2010 17:00

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:00:27, on 22.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Hornet\MntrHrnt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Eset\nod32krn.exe
D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran2002i\e11.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HornetMonitor] C:\Program Files\Common Files\Hornet\MntrHrnt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\michala\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 5078 bytes

Reklama

autoprd · Příspěvekod **autoprd** » 23 úno 2010 22:06

Odinstaluj si : DAEMON Tools Toolbar, ICQ Toolbar

Tak spusť HiJackThis pro tentokrát vyber Do a system scan only!
Zatrhni položky, které jsou níže uvedené a stiskni Fix checked.

Kód: Vybrat vše

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

A počkej až dokončí svůj proces, poté program vypni.

autoprd · Příspěvekod **autoprd** » 23 úno 2010 22:06

Stáhni si ATF Cleaner
Spust a stiskni na select all found
Jestli jedeš přes Mozilu Firefox klikni na Firefox nahoře a vyber: Select All, potom klikni na Empty Selected.
Jestli jedeš přes Operu klikni nahoře na Operu a vyber: Select All, potom klikni na Empty Selected.
Až se to vyčistí klikni na exit pro ukončení.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

apurvathea · Příspěvekod **apurvathea** » 26 úno 2010 18:43

Daemon toolbar odinstalován, ICQ toolbar odinstalovat nejde- jen problikne okno přidat nebo odebrat programy a nic se nestane.

26.2.2010 18:40:29
mbam-log-2010-02-26 (18-40-29).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 111597
Uplynulý čas: 9 minute(s), 12 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

autoprd · Příspěvekod **autoprd** » 27 úno 2010 00:04

Vypni rez. ochrany antiviru+deaktivuj firewall.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

apurvathea · Příspěvekod **apurvathea** » 27 úno 2010 17:08

ComboFix 10-02-26.03 - krejca 27.02.2010 16:45:59.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.243 [GMT 1:00]
Spuštěný z: c:\documents and settings\krejca\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Kerio Personal Firewall *disabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
* Rezidentní štít AV je zapnutý

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\ieuinit.inf
c:\windows\system32\info.txt
c:\windows\system32\loadsftpf.dat
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-27 do 2010-02-27 )))))))))))))))))))))))))))))))
.

2010-02-23 14:54 . 2010-02-23 14:54 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-23 14:54 . 2010-02-23 14:54 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-23 14:54 . 2010-02-23 14:54 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-23 14:54 . 2010-02-23 14:54 -------- d---a-w- c:\windows\logo_1.exe
2010-02-23 14:49 . 2010-02-23 14:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-23 14:49 . 2010-02-23 14:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-23 14:49 . 2010-02-23 14:49 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-23 14:49 . 2010-02-23 14:49 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-23 14:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-23 14:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-23 14:26 . 2010-02-23 14:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-23 14:19 . 2010-02-23 14:19 -------- d-----w- c:\windows\nview
2010-02-23 14:19 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-23 14:19 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-23 14:18 . 2010-02-23 14:18 -------- d-----w- C:\NVIDIA
2010-02-22 19:29 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe
2010-02-22 19:21 . 2005-09-23 21:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2010-02-22 19:20 . 2010-02-22 19:20 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-02-22 19:19 . 2010-02-22 19:41 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2010-02-22 18:59 . 2010-02-22 18:59 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2010-02-22 18:58 . 2010-02-22 18:58 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-02-22 18:47 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\program files\MSBuild
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\program files\Reference Assemblies
2010-02-22 18:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-22 18:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-22 18:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-22 18:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-22 18:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-22 18:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-22 18:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-22 18:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-22 18:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-22 18:16 . 2010-02-22 19:26 -------- d-----w- c:\program files\Pinnacle
2010-02-22 17:11 . 2008-04-14 07:51 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll
2010-02-22 17:11 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-02-22 17:11 . 2007-06-26 10:30 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-02-22 17:11 . 2007-06-26 10:26 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-02-22 17:11 . 2008-04-14 07:49 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2010-02-22 17:11 . 2008-04-13 23:15 46592 ------w- c:\windows\system32\drivers\irbus.sys
2010-02-22 17:11 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2010-02-22 17:11 . 2008-04-13 23:13 9728 ------w- c:\windows\system32\comsdupd.exe
2010-02-22 17:11 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2010-02-22 17:09 . 2010-02-22 17:09 -------- d-----w- c:\windows\system32\cs
2010-02-22 17:09 . 2010-02-22 17:09 -------- d-----w- c:\windows\system32\bits
2010-02-22 16:58 . 2010-02-22 17:11 -------- d-----w- c:\windows\ServicePackFiles
2010-02-22 16:56 . 2008-04-14 07:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-02-22 16:50 . 2008-04-13 22:53 1309184 ------w- c:\windows\system32\drivers\mtlstrm.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 17:27 . 2009-02-27 17:15 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-02-22 18:42 . 2001-10-25 12:00 79890 ----a-w- c:\windows\system32\perfc005.dat
2010-02-22 18:42 . 2001-10-25 12:00 434008 ----a-w- c:\windows\system32\perfh005.dat
2010-02-22 17:14 . 2005-10-02 16:38 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-22 17:14 . 2005-10-02 16:38 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-22 16:03 . 2009-03-07 19:21 -------- d-----w- c:\program files\WON
2010-02-22 16:03 . 2009-02-27 18:13 -------- d-----w- c:\program files\GameSpy Arcade
2010-01-22 10:24 . 2010-01-22 10:24 -------- d-----w- c:\program files\Microsoft Virtual PC
2005-01-05 14:05 . 2005-01-05 14:05 972 ----a-w- c:\program files\layout.bin
2005-01-05 14:05 . 2005-01-05 14:05 433515390 ----a-w- c:\program files\data2.cab
2005-01-05 14:04 . 2005-01-05 14:04 2647040 ----a-w- c:\program files\data1.cab
2005-01-05 14:04 . 2005-01-05 14:04 23166 ----a-w- c:\program files\data1.hdr
2005-01-05 14:04 . 2005-01-05 14:04 452 ----a-w- c:\program files\setup.ini
2005-01-05 14:04 . 2005-01-05 14:04 364047 ----a-w- c:\program files\setup.ibt
2005-01-05 14:04 . 2005-01-05 14:04 256169 ----a-w- c:\program files\setup.inx
2004-12-06 13:47 . 2004-12-06 13:47 450716 ----a-w- c:\program files\Setup.bmp
2004-07-16 01:09 . 2004-07-16 01:09 461268 ----a-w- c:\program files\engine32.cab
2003-10-01 14:43 . 2003-10-01 14:43 390144 ----a-w- c:\program files\regsetup.exe
2009-01-16 14:19 . 2008-04-01 15:37 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2009-01-16 14:19 . 2008-04-01 15:37 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2009-01-16 14:19 . 2008-04-01 15:37 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2009-01-16 14:19 . 2008-04-01 15:37 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2009-01-16 14:19 . 2008-04-01 15:37 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-06-10 286720]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-14 949376]
"HornetMonitor"="c:\program files\Common Files\Hornet\MntrHrnt.exe" [2005-12-12 135168]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-3-24 113664]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 16:11 35328]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [26.1.2007 10:58 24786]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [14.1.2008 11:13 15424]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [26.1.2007 10:58 45534]
S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [12.12.2005 20:44 8544]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
mSearch Bar = hxxp://www.google.com/ie
IE: &ICQ Toolbar Search - d:\michala\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\program files\Eurotran2002i\e11.dll
LSP: c:\windows\system32\imon.dll
Trusted Zone: mojebanka.cz\.www
FF - ProfilePath - c:\documents and settings\krejca\Data aplikací\Mozilla\Firefox\Profiles\cvt9z5ll.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
AddRemove-ComandoMPDDeinstKey - c:\program files\Eidos Interactive\Pyro\Commandos

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-27 16:55
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):18,13,f3,b0,a7,35,df,dc,98,12,85,e9,9e,26,dc,b7,da,2d,1e,06,00,
48,70,9b,bc,04,c4,2f,aa,74,5e,2e,7c,b5,e3,74,51,58,f7,82,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88e4403d-aae0-4ffc-b318-d36b3dfb45c1}]
@Denied: (Full) (Everyone)
"Model"=dword:00000166
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,ab,9e,50,1b,eb,77,d1,ab,fc,6c,7d,0c,e4,64,14,e0,d1,48,b3,70,7f,ce,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2010-02-27 16:59:17
ComboFix-quarantined-files.txt 2010-02-27 15:59

Před spuštěním: 9 625 575 424
Po spuštění: 9 807 740 928

- - End Of File - - C09DEC53BD86F162218C1D5DCAF148FC

Damned · Příspěvekod **Damned** » 27 úno 2010 20:18

Než přijde autoprd:

Vypni si ESET!
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\eEmpty.exe

Folder::
c:\windows\VDLL.DLL
c:\windows\system32\runouce.exe
c:\windows\RUNDL132.EXE
c:\windows\logo_1.exe
c:\program files\DAEMON Tools Toolbar
D:\michala\ICQToolbar

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJ

apurvathea · Příspěvekod **apurvathea** » 27 úno 2010 22:13

Eset je vypnutej ale v procesech pořád běží. Když ho ukončím přímo v procesech- stejně pořád běží...

ComboFix 10-02-26.03 - krejca 27.02.2010 21:57:35.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.290 [GMT 1:00]
Spuštěný z: c:\documents and settings\krejca\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\krejca\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Kerio Personal Firewall *disabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
* Rezidentní štít AV je zapnutý

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\system32\eEmpty.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
c:\windows\logo_1.exe
c:\windows\RUNDL132.EXE
c:\windows\system32\eEmpty.exe
c:\windows\system32\runouce.exe
c:\windows\VDLL.DLL

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-27 do 2010-02-27 )))))))))))))))))))))))))))))))
.

2010-02-23 14:49 . 2010-02-23 14:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-23 14:49 . 2010-02-23 14:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-23 14:49 . 2010-02-23 14:49 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-23 14:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-23 14:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-23 14:26 . 2010-02-23 14:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-23 14:19 . 2010-02-23 14:19 -------- d-----w- c:\windows\nview
2010-02-23 14:19 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-23 14:19 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-23 14:18 . 2010-02-23 14:18 -------- d-----w- C:\NVIDIA
2010-02-22 19:29 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe
2010-02-22 19:21 . 2005-09-23 21:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2010-02-22 19:20 . 2010-02-22 19:20 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-02-22 19:19 . 2010-02-22 19:41 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2010-02-22 18:59 . 2010-02-22 18:59 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2010-02-22 18:58 . 2010-02-22 18:58 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-02-22 18:47 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\program files\MSBuild
2010-02-22 18:39 . 2010-02-22 18:39 -------- d-----w- c:\program files\Reference Assemblies
2010-02-22 18:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-22 18:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-22 18:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-22 18:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-22 18:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-22 18:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-22 18:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-22 18:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-22 18:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-22 18:16 . 2010-02-22 19:26 -------- d-----w- c:\program files\Pinnacle
2010-02-22 17:11 . 2008-04-14 07:51 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll
2010-02-22 17:11 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-02-22 17:11 . 2007-06-26 10:30 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-02-22 17:11 . 2007-06-26 10:26 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-02-22 17:11 . 2008-04-14 07:49 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2010-02-22 17:11 . 2008-04-13 23:15 46592 ------w- c:\windows\system32\drivers\irbus.sys
2010-02-22 17:11 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2010-02-22 17:11 . 2008-04-13 23:13 9728 ------w- c:\windows\system32\comsdupd.exe
2010-02-22 17:11 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2010-02-22 17:09 . 2010-02-22 17:09 -------- d-----w- c:\windows\system32\cs
2010-02-22 17:09 . 2010-02-22 17:09 -------- d-----w- c:\windows\system32\bits
2010-02-22 16:58 . 2010-02-22 17:11 -------- d-----w- c:\windows\ServicePackFiles
2010-02-22 16:56 . 2008-04-14 07:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-02-22 16:50 . 2008-04-13 22:53 1309184 ------w- c:\windows\system32\drivers\mtlstrm.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-22 18:42 . 2001-10-25 12:00 79890 ----a-w- c:\windows\system32\perfc005.dat
2010-02-22 18:42 . 2001-10-25 12:00 434008 ----a-w- c:\windows\system32\perfh005.dat
2010-02-22 17:14 . 2005-10-02 16:38 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-22 17:14 . 2005-10-02 16:38 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-22 16:03 . 2009-03-07 19:21 -------- d-----w- c:\program files\WON
2010-02-22 16:03 . 2009-02-27 18:13 -------- d-----w- c:\program files\GameSpy Arcade
2010-01-22 10:24 . 2010-01-22 10:24 -------- d-----w- c:\program files\Microsoft Virtual PC
2005-01-05 14:05 . 2005-01-05 14:05 972 ----a-w- c:\program files\layout.bin
2005-01-05 14:05 . 2005-01-05 14:05 433515390 ----a-w- c:\program files\data2.cab
2005-01-05 14:04 . 2005-01-05 14:04 2647040 ----a-w- c:\program files\data1.cab
2005-01-05 14:04 . 2005-01-05 14:04 23166 ----a-w- c:\program files\data1.hdr
2005-01-05 14:04 . 2005-01-05 14:04 452 ----a-w- c:\program files\setup.ini
2005-01-05 14:04 . 2005-01-05 14:04 364047 ----a-w- c:\program files\setup.ibt
2005-01-05 14:04 . 2005-01-05 14:04 256169 ----a-w- c:\program files\setup.inx
2004-12-06 13:47 . 2004-12-06 13:47 450716 ----a-w- c:\program files\Setup.bmp
2004-07-16 01:09 . 2004-07-16 01:09 461268 ----a-w- c:\program files\engine32.cab
2003-10-01 14:43 . 2003-10-01 14:43 390144 ----a-w- c:\program files\regsetup.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-06-10 286720]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-14 949376]
"HornetMonitor"="c:\program files\Common Files\Hornet\MntrHrnt.exe" [2005-12-12 135168]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-3-24 113664]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 16:11 35328]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [26.1.2007 10:58 24786]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [14.1.2008 11:13 15424]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [26.1.2007 10:58 45534]
S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [12.12.2005 20:44 8544]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
mSearch Bar = hxxp://www.google.com/ie
IE: &ICQ Toolbar Search - d:\michala\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\program files\Eurotran2002i\e11.dll
LSP: c:\windows\system32\imon.dll
Trusted Zone: mojebanka.cz\.www
FF - ProfilePath - c:\documents and settings\krejca\Data aplikací\Mozilla\Firefox\Profiles\cvt9z5ll.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-27 22:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):18,13,f3,b0,a7,35,df,dc,98,12,85,e9,9e,26,dc,b7,da,2d,1e,06,00,
48,70,9b,bc,04,c4,2f,aa,74,5e,2e,7c,b5,e3,74,51,58,f7,82,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{88e4403d-aae0-4ffc-b318-d36b3dfb45c1}]
@Denied: (Full) (Everyone)
"Model"=dword:00000166
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,ab,9e,50,1b,eb,77,d1,ab,fc,6c,7d,0c,e4,64,14,e0,d1,48,b3,70,7f,ce,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2010-02-27 22:10:26
ComboFix-quarantined-files.txt 2010-02-27 21:10
ComboFix2.txt 2010-02-27 15:59

Před spuštěním: 9 727 922 176
Po spuštění: 9 737 154 560

- - End Of File - - CFB3B1887FDA6C2DE5A874D9EF5E9C35

apurvathea · Příspěvekod **apurvathea** » 27 úno 2010 22:13

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:27, on 27.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran2002i\e11.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HornetMonitor] C:\Program Files\Common Files\Hornet\MntrHrnt.exe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\michala\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 5560 bytes

Damned · Příspěvekod **Damned** » 27 úno 2010 22:25

Co ty procesy?

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

apurvathea · Příspěvekod **apurvathea** » 06 bře 2010 12:45

OTL logfile created on: 6.3.2010 12:18:54 - Run 1
OTL by OldTimer - Version 3.1.34.0 Folder = C:\Documents and Settings\krejca\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 235,00 Mb Available Physical Memory | 46,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,05 Gb Total Space | 9,11 Gb Free Space | 23,34% Space Free | Partition Type: NTFS
Drive D: | 72,73 Gb Total Space | 40,43 Gb Free Space | 55,59% Space Free | Partition Type: NTFS
Drive E: | 2,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ATHLON
Current User Name: krejca
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\krejca\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\nod32kui.exe (Eset )
PRC - C:\Program Files\ESET\nod32krn.exe (Eset )
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe (Sunbelt Software)
PRC - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe (Sunbelt Software)
PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
PRC - C:\Program Files\Common Files\Hornet\MntrHrnt.exe (Alcor Micro, Corp.)
PRC - D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
PRC - C:\WINDOWS\vsnpstd2.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\krejca\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NOD32krn) -- C:\Program Files\Eset\nod32krn.exe (Eset )
SRV - (KPF4) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe (Sunbelt Software)
SRV - (StarWindService) -- D:\data\alkohol120\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys.56935861 (Duplex Secure Ltd.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) Ovladač zvukové karty USB (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (AMON) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )
DRV - (nod32drv) -- C:\WINDOWS\system32\drivers\nod32drv.sys ()
DRV - (khips) -- C:\WINDOWS\system32\drivers\khips.sys (Sunbelt Software)
DRV - (fwdrv) -- C:\WINDOWS\system32\drivers\fwdrv.sys (Sunbelt Software)
DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (vaxscsi) -- C:\WINDOWS\system32\drivers\vaxscsi.sys.65793628 (Alcohol Soft Co., Ltd.)
DRV - (ACEDRV05) -- C:\WINDOWS\system32\drivers\ACEDRV05.sys (Protect Software GmbH)
DRV - (softctrl) -- C:\WINDOWS\system32\drivers\softctrl.sys (Alcor Micro Corp.)
DRV - (sfsync03) StarForce Protection Synchronization Driver (version 3.x) -- C:\WINDOWS\System32\drivers\sfsync03.sys (Protection Technology)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (eusk3usb) -- C:\WINDOWS\system32\drivers\eusk3usb.sys (EUTRON)
DRV - (eusk2par) -- C:\WINDOWS\system32\drivers\eusk2par.sys (EUTRON)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (snpstd2) -- C:\WINDOWS\system32\drivers\snpstd2.sys ()
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.713
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.02.11 22:05:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.07.12 18:05:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.02.22 19:43:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.27 17:49:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.27 17:49:01 | 000,000,000 | ---D | M]

[2010.02.27 17:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Mozilla\Extensions
[2010.02.27 17:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krejca\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.02.27 20:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Mozilla\Firefox\Profiles\cvt9z5ll.default\extensions
[2009.07.02 18:58:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\krejca\Data aplikací\Mozilla\Firefox\Profiles\cvt9z5ll.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.02.27 18:15:31 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\krejca\Data aplikací\Mozilla\Firefox\Profiles\cvt9z5ll.default\searchplugins\daemon-search.xml
[2010.02.27 19:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.27 17:49:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.02.11 22:05:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2010.02.27 17:48:33 | 000,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.02.27 17:48:33 | 000,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.02.11 22:05:28 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010.02.27 17:48:48 | 000,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003.07.15 05:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2010.02.27 17:48:50 | 000,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.02.27 17:48:50 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.27 17:48:50 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.27 17:48:50 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.27 17:48:50 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.27 17:48:50 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.06.03 14:46:29 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CHelper Class) - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran2002i\e11.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [HornetMonitor] C:\Program Files\Common Files\Hornet\MntrHrnt.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_12.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll ()
O9 - Extra 'Tools' menuitem : Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran2002i\e11.dll ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKCU\..Trusted Domains: mojebanka.cz ([.www] https in Důvěryhodné servery)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.102
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.10.02 17:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.03.06 12:17:20 | 000,553,984 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\krejca\Plocha\OTL.exe
[2010.02.27 16:44:08 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.02.27 16:44:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.02.27 16:44:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.02.27 16:44:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.02.27 16:43:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.02.27 16:42:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.02.23 15:49:52 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.02.23 15:49:50 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.02.23 15:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.02.23 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.02.23 15:44:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\krejca\Recent
[2010.02.23 15:26:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.02.23 15:26:17 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.02.23 15:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.02.23 15:19:59 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2010.02.23 15:19:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010.02.23 15:19:11 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2010.02.23 15:18:38 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.02.23 15:17:10 | 038,674,984 | ---- | C] (NVIDIA Corporation ) -- C:\Documents and Settings\krejca\Plocha\175.19_geforce_winxp_32bit_english_whql.exe
[2010.02.23 15:09:37 | 005,115,832 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\krejca\Plocha\mbam-setup.exe
[2010.02.22 20:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\Pinnacle
[2010.02.22 20:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krejca\Dokumenty\Pinnacle Studio
[2010.02.22 20:29:42 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010.02.22 20:21:14 | 000,171,520 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\MarvinBus.sys
[2010.02.22 20:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle
[2010.02.22 20:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\Downloaded Installations
[2010.02.22 20:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.02.22 20:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikac
[2010.02.22 20:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\My Projects
[2010.02.22 19:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging
[2010.02.22 19:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Yahoo!
[2010.02.22 19:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Studio 14
[2010.02.22 19:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.02.22 19:58:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Pinnacle
[2010.02.22 19:47:32 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2010.02.22 19:39:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.02.22 19:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010.02.22 19:39:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010.02.22 19:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010.02.22 19:37:07 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010.02.22 19:37:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010.02.22 19:37:05 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010.02.22 19:37:05 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010.02.22 19:37:03 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010.02.22 19:37:03 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010.02.22 19:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010.02.22 19:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.02.22 18:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\krejca\Plocha\192.168.1.100 - Pin
[2010.02.22 18:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2010.02.22 18:25:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.02.22 18:11:39 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010.02.22 18:11:39 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010.02.22 18:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010.02.22 18:11:25 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2010.02.22 18:11:21 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2010.02.22 18:11:17 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2010.02.22 18:11:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2010.02.22 18:11:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010.02.22 18:11:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2010.02.22 18:11:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2010.02.22 18:11:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2010.02.22 18:10:46 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2010.02.22 18:10:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010.02.22 18:10:45 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010.02.22 18:10:45 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2010.02.22 18:10:44 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010.02.22 18:10:43 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2010.02.22 18:10:43 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010.02.22 18:10:43 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010.02.22 18:10:43 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010.02.22 18:10:42 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2010.02.22 18:10:41 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010.02.22 18:10:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010.02.22 18:10:39 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010.02.22 18:10:39 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2010.02.22 18:10:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010.02.22 18:10:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010.02.22 18:10:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010.02.22 18:10:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010.02.22 18:10:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010.02.22 18:10:38 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010.02.22 18:10:38 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010.02.22 18:10:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010.02.22 18:10:37 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010.02.22 18:10:37 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010.02.22 18:10:37 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010.02.22 18:10:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010.02.22 18:10:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010.02.22 18:10:34 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010.02.22 18:10:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010.02.22 18:10:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010.02.22 18:10:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010.02.22 18:10:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010.02.22 18:10:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010.02.22 18:10:29 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010.02.22 18:10:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010.02.22 18:10:29 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010.02.22 18:10:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010.02.22 18:10:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010.02.22 18:10:27 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010.02.22 18:10:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010.02.22 18:10:26 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010.02.22 18:10:26 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010.02.22 18:10:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010.02.22 18:10:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010.02.22 18:10:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010.02.22 18:10:20 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010.02.22 18:10:19 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010.02.22 18:10:19 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010.02.22 18:10:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010.02.22 18:10:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010.02.22 18:10:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010.02.22 18:10:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010.02.22 18:10:18 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010.02.22 18:10:18 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010.02.22 18:10:18 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010.02.22 18:10:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010.02.22 18:10:17 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010.02.22 18:10:17 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010.02.22 18:10:12 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010.02.22 18:10:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010.02.22 18:10:09 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010.02.22 18:10:09 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010.02.22 18:10:07 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010.02.22 18:10:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010.02.22 18:10:04 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010.02.22 18:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2010.02.22 18:10:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010.02.22 18:09:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2010.02.22 18:09:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010.02.22 17:58:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.02.22 17:56:27 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010.02.22 17:51:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010.02.22 17:51:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010.02.22 17:51:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010.02.22 17:51:23 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010.02.22 17:51:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010.02.22 17:51:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010.02.22 17:51:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010.02.22 17:51:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010.02.22 17:51:22 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010.02.22 17:51:21 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010.02.22 17:51:20 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010.02.22 17:51:20 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010.02.22 17:51:19 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010.02.22 17:51:19 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010.02.22 17:51:18 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010.02.22 17:51:18 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010.02.22 17:51:18 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010.02.22 17:51:17 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010.02.22 17:51:17 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010.02.22 17:51:16 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010.02.22 17:51:15 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2010.02.22 17:51:15 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010.02.22 17:51:14 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010.02.22 17:51:14 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010.02.22 17:51:13 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010.02.22 17:51:13 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010.02.22 17:51:12 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010.02.22 17:51:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010.02.22 17:51:11 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010.02.22 17:51:11 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010.02.22 17:51:11 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010.02.22 17:51:10 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010.02.22 17:51:10 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010.02.22 17:51:10 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010.02.22 17:51:10 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010.02.22 17:51:10 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010.02.22 17:51:09 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010.02.22 17:51:08 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010.02.22 17:51:07 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010.02.22 17:51:00 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010.02.22 17:50:59 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010.02.22 17:50:58 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010.02.22 17:50:58 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010.02.22 17:50:57 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010.02.22 17:50:57 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010.02.22 17:50:56 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010.02.22 17:50:56 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010.02.22 17:50:54 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010.02.22 17:50:53 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010.02.22 17:50:53 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010.02.22 17:50:52 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010.02.22 17:50:51 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010.02.22 17:50:51 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010.02.22 17:50:51 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010.02.22 17:50:47 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010.02.22 17:50:45 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010.02.22 17:50:45 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010.02.22 17:50:45 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010.02.22 17:50:44 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010.02.22 17:50:44 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010.02.22 17:50:43 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010.02.22 17:37:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010.02.22 16:43:17 | 322,523,176 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\krejca\Plocha\windowsxp-kb936929-sp3-x86-csy_7af606916b887dba9dd38ae282505ce2c2b81b08.exe
[2007.03.20 18:35:43 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd2.dll
[2007.03.20 18:35:43 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd2.dll
[2006.10.19 19:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2006.10.19 19:34:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2006.10.19 19:34:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2003.10.01 15:43:04 | 000,390,144 | ---- | C] (Ubisoft) -- C:\Program Files\regsetup.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

apurvathea · Příspěvekod **apurvathea** » 06 bře 2010 12:46

========== Files - Modified Within 14 Days ==========

[2010.03.06 12:17:50 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krejca\Plocha\OTL.exe
[2010.03.06 12:13:03 | 000,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.06 12:13:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.06 12:13:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.06 12:12:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.06 12:12:54 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.02 11:04:07 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\krejca\ntuser.dat
[2010.02.27 22:07:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.02.27 17:50:38 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2010.02.27 16:40:17 | 003,874,353 | R--- | M] () -- C:\Documents and Settings\krejca\Plocha\ComboFix.exe
[2010.02.23 17:23:28 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 17:22:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.23 15:54:23 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.02.23 15:49:51 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.02.23 15:49:49 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.02.23 15:48:24 | 068,866,904 | ---- | M] () -- C:\Documents and Settings\krejca\Plocha\mwav.exe
[2010.02.23 15:26:25 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.02.23 15:17:54 | 038,674,984 | ---- | M] (NVIDIA Corporation ) -- C:\Documents and Settings\krejca\Plocha\175.19_geforce_winxp_32bit_english_whql.exe
[2010.02.23 15:10:43 | 005,115,832 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\krejca\Plocha\mbam-setup.exe
[2010.02.23 15:06:47 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.02.23 14:57:59 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.22 21:08:12 | 006,397,540 | -H-- | M] () -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\IconCache.db
[2010.02.22 20:39:10 | 000,077,240 | ---- | M] () -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.22 20:16:29 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 14.lnk
[2010.02.22 19:42:47 | 000,436,242 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.02.22 19:42:47 | 000,434,008 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.02.22 19:42:47 | 000,079,890 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.02.22 19:42:47 | 000,068,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.02.22 19:42:46 | 001,028,688 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.02.22 19:38:46 | 000,000,224 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010.02.22 19:13:06 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\krejca\Plocha\Zástupce - 192.168.1.100 - p.lnk
[2010.02.22 18:28:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.02.22 17:00:14 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\krejca\Plocha\HijackThis.lnk
[2010.02.22 16:48:54 | 322,523,176 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\krejca\Plocha\windowsxp-kb936929-sp3-x86-csy_7af606916b887dba9dd38ae282505ce2c2b81b08.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.27 16:44:09 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.02.27 16:44:05 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.02.27 16:44:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.02.27 16:44:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.02.27 16:44:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.02.27 16:39:09 | 003,874,353 | R--- | C] () -- C:\Documents and Settings\krejca\Plocha\ComboFix.exe
[2010.02.23 15:49:49 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.02.23 15:47:12 | 068,866,904 | ---- | C] () -- C:\Documents and Settings\krejca\Plocha\mwav.exe
[2010.02.23 15:26:25 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.02.23 15:20:06 | 000,186,097 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010.02.23 15:19:59 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010.02.22 20:16:29 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 14.lnk
[2010.02.22 19:54:59 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.02.22 19:42:18 | 000,280,824 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.02.22 19:38:46 | 000,000,224 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010.02.22 19:13:04 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\krejca\Plocha\Zástupce - 192.168.1.100 - p.lnk
[2010.02.22 18:11:31 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010.02.22 18:11:31 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010.02.22 18:11:31 | 000,001,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010.02.22 18:11:31 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010.02.22 18:11:30 | 000,674,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010.02.22 18:11:29 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010.02.22 18:11:29 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010.02.22 18:11:29 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010.02.22 18:11:29 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010.02.22 18:11:29 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010.02.22 18:11:29 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010.02.22 18:11:29 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010.02.22 18:11:29 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010.02.22 18:11:29 | 000,069,570 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010.02.22 18:11:29 | 000,028,164 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010.02.22 18:11:28 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010.02.22 18:11:28 | 000,058,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010.02.22 18:11:28 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010.02.22 18:11:28 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010.02.22 18:11:28 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010.02.22 18:11:28 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010.02.22 18:11:28 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010.02.22 18:11:28 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010.02.22 18:11:28 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010.02.22 18:11:28 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010.02.22 18:11:28 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010.02.22 18:11:28 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010.02.22 18:11:27 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010.02.22 18:11:27 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010.02.22 18:11:27 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010.02.22 18:11:27 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010.02.22 18:11:26 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010.02.22 18:11:26 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010.02.22 18:11:26 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010.02.22 18:11:26 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010.02.22 18:11:26 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010.02.22 18:11:26 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010.02.22 18:11:26 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010.02.22 18:11:26 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010.02.22 18:11:25 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010.02.22 18:11:25 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010.02.22 18:11:25 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010.02.22 18:11:25 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010.02.22 18:11:23 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010.02.22 18:11:23 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010.02.22 18:11:23 | 000,066,170 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010.02.22 18:11:23 | 000,001,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010.02.22 18:11:23 | 000,001,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010.02.22 18:11:23 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010.02.22 18:11:23 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010.02.22 18:11:23 | 000,001,462 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010.02.22 18:11:23 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010.02.22 18:11:23 | 000,001,059 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010.02.22 18:11:23 | 000,001,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010.02.22 18:11:23 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010.02.22 18:11:23 | 000,000,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010.02.22 18:11:23 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010.02.22 18:11:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010.02.22 18:11:23 | 000,000,777 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010.02.22 18:11:23 | 000,000,774 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010.02.22 18:11:23 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010.02.22 18:11:22 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010.02.22 18:11:22 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010.02.22 18:11:22 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010.02.22 18:11:20 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010.02.22 18:11:20 | 000,036,870 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010.02.22 18:11:20 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010.02.22 18:11:20 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010.02.22 18:11:19 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010.02.22 18:11:17 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010.02.22 18:11:17 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010.02.22 18:11:16 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010.02.22 18:11:16 | 000,184,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010.02.22 18:11:16 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010.02.22 18:11:16 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010.02.22 18:11:16 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010.02.22 18:11:16 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010.02.22 18:11:16 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010.02.22 18:11:16 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010.02.22 18:11:16 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010.02.22 18:11:16 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010.02.22 18:11:16 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010.02.22 17:51:11 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010.02.22 17:51:08 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010.02.22 17:50:58 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010.02.22 17:00:14 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\krejca\Plocha\HijackThis.lnk
[2009.02.27 18:34:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.01.05 21:34:47 | 000,000,317 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.10.12 12:02:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.10.12 12:02:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008.06.03 14:42:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vac02.sys
[2008.06.03 14:42:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vac02(2).sys
[2008.05.16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.01.14 11:13:46 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2007.03.20 18:35:53 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd2.dll
[2007.03.20 18:35:53 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd2.ini
[2007.03.20 18:35:46 | 000,334,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd2.sys
[2007.03.20 18:35:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\rsnpstd2.dll
[2007.03.20 12:22:27 | 000,005,176 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Svclog.log
[2007.03.18 22:18:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2007.02.01 12:01:47 | 000,000,068 | ---- | C] () -- C:\WINDOWS\System32\oledb.dll
[2007.01.14 11:35:57 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\wtconf.ini
[2007.01.08 21:29:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.01.04 11:38:01 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2006.05.10 09:35:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI
[2006.04.15 12:57:08 | 000,000,490 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.02.12 10:25:06 | 000,001,695 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2006.01.22 18:09:42 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2005.12.18 00:19:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.11.26 13:34:00 | 000,000,068 | ---- | C] () -- C:\WINDOWS\IDMan.INI
[2005.11.25 12:49:30 | 000,000,225 | ---- | C] () -- C:\WINDOWS\ADStahovac.INI
[2005.11.23 10:50:18 | 000,000,204 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.11.01 13:09:51 | 000,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.10.14 09:44:54 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.10.13 20:40:28 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\krejca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.10.04 10:31:18 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005.10.02 17:53:08 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.01.05 15:05:48 | 433,515,390 | ---- | C] () -- C:\Program Files\data2.cab
[2005.01.05 15:05:48 | 000,000,972 | ---- | C] () -- C:\Program Files\layout.bin
[2005.01.05 15:04:34 | 002,647,040 | ---- | C] () -- C:\Program Files\data1.cab
[2005.01.05 15:04:34 | 000,023,166 | ---- | C] () -- C:\Program Files\data1.hdr
[2005.01.05 15:04:30 | 000,364,047 | ---- | C] () -- C:\Program Files\setup.ibt
[2005.01.05 15:04:30 | 000,256,169 | ---- | C] () -- C:\Program Files\setup.inx
[2005.01.05 15:04:30 | 000,000,452 | ---- | C] () -- C:\Program Files\setup.ini
[2004.12.06 14:47:08 | 000,450,716 | ---- | C] () -- C:\Program Files\Setup.bmp
[2004.07.16 02:09:36 | 000,461,268 | ---- | C] () -- C:\Program Files\engine32.cab
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000.03.29 22:00:00 | 000,125,440 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL
[1999.08.11 15:28:02 | 000,101,888 | ---- | C] () -- C:\WINDOWS\System32\LIBBZ2.DLL
[1999.05.21 21:10:00 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL

========== LOP Check ==========

[2010.02.22 17:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2DBoy
[2006.10.19 19:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2009.02.27 18:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2007.12.25 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.07.12 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.02.23 15:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2007.03.12 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.02.22 20:17:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.02.22 19:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.02.22 20:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.02.22 19:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 14
[2009.02.27 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\DAEMON Tools
[2009.02.27 18:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\DAEMON Tools Lite
[2009.02.27 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\DAEMON Tools Pro
[2005.12.26 14:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\DMCache
[2009.07.08 17:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\ICQ
[2006.12.08 20:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\ICQ Toolbar
[2007.03.16 22:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\ICQLite
[2007.03.04 15:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\ICQLite(2)
[2005.10.04 15:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\InterVideo
[2009.02.27 19:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Leadertech
[2009.10.03 13:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Nokia
[2005.11.09 15:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Opera
[2009.08.27 21:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\PC Suite
[2006.03.06 21:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Template
[2005.11.10 14:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Thunderbird
[2007.12.25 21:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\TuneUp Software
[2010.02.22 16:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\uTorrent
[2007.01.19 20:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\krejca\Data aplikací\Zoner

========== Purity Check ==========

< End of report >

prosím o kontrolu- 100% CPU Vyřešeno

prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Re: prosím o kontrolu- 100% CPU

Kdo je online