Preventivní kontrola

Riviera kid · Příspěvekod **Riviera kid** » 07 bře 2010 11:48

Ahoj, mohl bych někoho poprosit o preventivní kontrolu? Děkuji moc.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:45, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
C:\WINDOWS\system32\svchost.exe
E:\WindowBlinds\wbload.exe
E:\Avast\aswUpdSv.exe
E:\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
E:\Avast\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
E:\Avast\ashDisp.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
E:\DAEMON Tools Lite\daemon.exe
E:\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
E:\HijackThis\HijackThis.exe
E:\Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] E:\Avast\ashDisp.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - E:\expressview.dll
O18 - Protocol: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - E:\expressview.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Avast\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5081 bytes

Reklama

Damned · Příspěvekod **Damned** » 07 bře 2010 12:21

Vypni si natrvalo rezidenta Spyware Terminatora.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Riviera kid · Příspěvekod **Riviera kid** » 07 bře 2010 13:11

vypadá to, že jsem čistej

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3831
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7.3.2010 13:10:16
mbam-log-2010-03-07 (13-10-16).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 114260
Uplynulý čas: 3 minute(s), 7 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

autoprd · Příspěvekod **autoprd** » 07 bře 2010 14:34

Vypni rez. ochrany antiviru+deaktivuj firewall.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Riviera kid · Příspěvekod **Riviera kid** » 08 bře 2010 08:50

omlouvám se za nedostupnost, večer to sem hodím.

Damned · Příspěvekod **Damned** » 08 bře 2010 12:28

Jasně

Riviera kid · Příspěvekod **Riviera kid** » 08 bře 2010 19:40

ahoj, taky tady to je:

ComboFix 10-03-08.01 - Tomas 08.03.2010 19:30:10.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1532 [GMT 1:00]
Spuštěný z: H:\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100308-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Dvbpws.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-08 do 2010-03-08 )))))))))))))))))))))))))))))))
.

2010-03-07 12:06 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-07 12:06 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-03 07:52 . 2007-06-29 13:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-03-03 07:52 . 2010-03-03 07:52 -------- d-----w- c:\program files\AMD
2010-02-22 19:39 . 2010-02-27 07:25 151515 ----a-w- c:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-02-22 17:50 . 2010-02-27 07:22 535 ----a-w- c:\windows\eReg.dat
2010-02-20 10:11 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-02-20 09:59 . 2010-02-20 09:58 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-02-20 09:59 . 2010-02-20 09:58 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-02-20 09:59 . 2010-02-20 09:58 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-02-20 09:59 . 2010-02-20 09:58 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-07 07:47 . 2008-11-12 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-03 08:02 . 2009-01-27 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-03 08:02 . 2009-01-27 17:22 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-28 10:00 . 2008-11-13 18:25 -------- d-----w- c:\program files\Spyware Terminator
2010-02-20 10:11 . 2010-02-20 10:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-02-20 10:11 . 2010-02-20 10:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-31 16:50 . 2007-10-29 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2008-11-12 00:49 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2007-10-29 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-10 16:17 . 2007-10-29 12:00 78030 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 16:17 . 2007-10-29 12:00 429018 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 10:11 . 2007-10-29 12:00 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\daemon tools lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"avast!"="e:\avast\ashDisp.exe" [2009-11-24 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"nwiz"="nwiz.exe" [2009-02-09 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - e:\logitech\SetPoint\SetPoint.exe [2009-1-24 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 15:41 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 ----a-w- e:\window~1\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- e:\adobe\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 02:04 2879488 ------r- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="e:\adobe\Reader\Reader_sl.exe"
"WinampAgent"=e:\winamp\winampa.exe
"WinFast Schedule"=c:\program files\WinFast\WFDTV\WFWIZ.exe
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"RemoteControl"=e:\powerdvd\PDVDServ.exe
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\StrongDC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\totalcmd\\TOTALCMD.EXE"=
"e:\\Skype\\Phone\\Skype.exe"=
"d:\\Games\\Spiderman - Web Of Shadows\\image\\pc\\Spider-Man Web of Shadows.exe"=
"g:\\hry- instalace\\Batman\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Games\\OperationFlashpoint\\OpFlashPreferences.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12.11.2008 22:11 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13.11.2008 19:25 141312]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [12.11.2008 21:41 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.11.2008 22:11 20560]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [24.1.2009 12:33 10384]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [12.11.2008 21:55 31616]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [12.11.2008 21:44 167296]
R3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [21.5.2009 17:30 97792]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [20.2.2010 10:59 27632]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [12.11.2008 21:55 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [12.11.2008 21:42 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [12.11.2008 21:53 10368]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.11.2008 22:09 717296]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.2.2010 10:59 13224]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [13.11.2008 19:36 9446]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\aetsprov]
2008-03-26 10:09 81920 ----a-w- c:\windows\system32\aetsprov.dll
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - e:\micros~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\
FF - prefs.js: browser.startup.homepage - www.centrum.cz
FF - plugin: e:\adobe\Reader\browser\nppdf32.dll
FF - plugin: e:\firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
e:\firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
e:\firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
e:\firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
e:\firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
e:\firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
e:\firefox\greprefs\all.js - pref("browser.formfill.debug", false);
e:\firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
e:\firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
e:\firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
e:\firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
e:\firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
e:\firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
e:\firefox\greprefs\all.js - pref("html5.enable", false);
e:\firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
e:\firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
e:\firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
e:\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
e:\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
e:\firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
e:\firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
e:\firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
e:\firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-08 19:33
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-854245398-2000478354-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:34,23,28,02,a3,b5,70,d2,2a,d9,a3,9a,92,d3,a6,6f,34,64,e8,9e,d9,
b2,50,c5,44,88,f9,be,a6,4e,5b,df,c9,15,52,2d,a8,f4,66,03,28,ea,66,08,f6,fc,\
"rkeysecu"=hex:a8,ff,a7,d2,5a,57,96,64,c8,de,c8,b9,46,2c,c5,4b
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(748)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
e:\window~1\fastload.dll
.
Celkový čas: 2010-03-08 19:34:24
ComboFix-quarantined-files.txt 2010-03-08 18:34
ComboFix2.txt 2009-05-19 20:52

Před spuštěním: 4 223 131 648
Po spuštění: 4 209 221 632

- - End Of File - - 4046C550F2A6C2E5EAD72BC506D43876

Damned · Příspěvekod **Damned** » 08 bře 2010 20:04

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\eReg.dat

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Riviera kid · Příspěvekod **Riviera kid** » 08 bře 2010 20:32

ComboFix 10-03-08.01 - Tomas 08.03.2010 20:27:09.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1633 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomas\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tomas\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100308-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\eReg.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\eReg.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-08 do 2010-03-08 )))))))))))))))))))))))))))))))
.

2010-03-07 12:06 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-07 12:06 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-03 07:52 . 2007-06-29 13:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-03-03 07:52 . 2010-03-03 07:52 -------- d-----w- c:\program files\AMD
2010-02-22 19:39 . 2010-02-27 07:25 151515 ----a-w- c:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-02-20 10:11 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-02-20 09:59 . 2010-02-20 09:58 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-02-20 09:59 . 2010-02-20 09:58 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-02-20 09:59 . 2010-02-20 09:58 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-02-20 09:59 . 2010-02-20 09:58 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-07 07:47 . 2008-11-12 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-03 08:02 . 2009-01-27 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-03 08:02 . 2009-01-27 17:22 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-28 10:00 . 2008-11-13 18:25 -------- d-----w- c:\program files\Spyware Terminator
2010-02-20 10:11 . 2010-02-20 10:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-02-20 10:11 . 2010-02-20 10:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-31 16:50 . 2007-10-29 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2007-10-29 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2008-11-12 00:49 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2007-10-29 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-10 16:17 . 2007-10-29 12:00 78030 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 16:17 . 2007-10-29 12:00 429018 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 10:11 . 2007-10-29 12:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-03-08_18.32.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-08 19:22 . 2010-03-08 19:22 16384 c:\windows\Temp\Perflib_Perfdata_664.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\daemon tools lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"avast!"="e:\avast\ashDisp.exe" [2009-11-24 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"nwiz"="nwiz.exe" [2009-02-09 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - e:\logitech\SetPoint\SetPoint.exe [2009-1-24 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 15:41 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 ----a-w- e:\window~1\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- e:\adobe\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 02:04 2879488 ------r- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="e:\adobe\Reader\Reader_sl.exe"
"WinampAgent"=e:\winamp\winampa.exe
"WinFast Schedule"=c:\program files\WinFast\WFDTV\WFWIZ.exe
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"RemoteControl"=e:\powerdvd\PDVDServ.exe
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\StrongDC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\totalcmd\\TOTALCMD.EXE"=
"e:\\Skype\\Phone\\Skype.exe"=
"d:\\Games\\Spiderman - Web Of Shadows\\image\\pc\\Spider-Man Web of Shadows.exe"=
"g:\\hry- instalace\\Batman\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Games\\OperationFlashpoint\\OpFlashPreferences.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12.11.2008 22:11 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13.11.2008 19:25 141312]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [12.11.2008 21:41 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.11.2008 22:11 20560]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [24.1.2009 12:33 10384]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [12.11.2008 21:55 31616]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [12.11.2008 21:44 167296]
R3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [21.5.2009 17:30 97792]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [20.2.2010 10:59 27632]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [12.11.2008 21:55 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [12.11.2008 21:42 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [12.11.2008 21:53 10368]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.2.2010 10:59 13224]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [13.11.2008 19:36 9446]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.11.2008 22:09 717296]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\aetsprov]
2008-03-26 10:09 81920 ----a-w- c:\windows\system32\aetsprov.dll
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - e:\micros~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\
FF - prefs.js: browser.startup.homepage - www.centrum.cz
FF - plugin: e:\adobe\Reader\browser\nppdf32.dll
FF - plugin: e:\firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
e:\firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
e:\firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
e:\firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
e:\firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
e:\firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
e:\firefox\greprefs\all.js - pref("browser.formfill.debug", false);
e:\firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
e:\firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
e:\firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
e:\firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
e:\firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
e:\firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
e:\firefox\greprefs\all.js - pref("html5.enable", false);
e:\firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
e:\firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
e:\firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
e:\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
e:\firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
e:\firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
e:\firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
e:\firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
e:\firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
e:\firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-08 20:30
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-854245398-2000478354-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:34,23,28,02,a3,b5,70,d2,2a,d9,a3,9a,92,d3,a6,6f,34,64,e8,9e,d9,
b2,50,c5,44,88,f9,be,a6,4e,5b,df,c9,15,52,2d,a8,f4,66,03,28,ea,66,08,f6,fc,\
"rkeysecu"=hex:a8,ff,a7,d2,5a,57,96,64,c8,de,c8,b9,46,2c,c5,4b
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(748)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
e:\window~1\fastload.dll
.
Celkový čas: 2010-03-08 20:31:12
ComboFix-quarantined-files.txt 2010-03-08 19:31
ComboFix2.txt 2010-03-08 18:34
ComboFix3.txt 2009-05-19 20:52

Před spuštěním: 4 225 425 408
Po spuštění: 4 213 170 176

- - End Of File - - BFF21C2FF908AC6DAE3AA983696C8BD8

Damned · Příspěvekod **Damned** » 08 bře 2010 22:52

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Riviera kid · Příspěvekod **Riviera kid** » 09 bře 2010 18:22

opět se pmlouvám, ale jsem pracující člověk

OTL logfile created on: 9.3.2010 18:19:30 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Tomas\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,63 Gb Free Space | 47,43% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 59,60 Gb Free Space | 61,03% Space Free | Partition Type: NTFS
Drive E: | 14,65 Gb Total Space | 13,02 Gb Free Space | 88,92% Space Free | Partition Type: NTFS
Drive F: | 124,63 Gb Total Space | 119,55 Gb Free Space | 95,92% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 38,15 Gb Free Space | 39,07% Space Free | Partition Type: NTFS
Drive H: | 19,53 Gb Total Space | 8,54 Gb Free Space | 43,72% Space Free | Partition Type: NTFS
Drive I: | 18,03 Gb Total Space | 4,25 Gb Free Space | 23,58% Space Free | Partition Type: NTFS

Computer Name: RIVIERA_KID
Current User Name: Tomas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Tomas\Plocha\OTL.exe (OldTimer Tools)
PRC - E:\Avast\ashDisp.exe (ALWIL Software)
PRC - E:\Avast\ashServ.exe (ALWIL Software)
PRC - E:\Avast\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - E:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Tomas\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - E:\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - E:\Logitech\SetPoint\IMHook.dll (Logitech, Inc.)
MOD - E:\WindowBlinds\wbhelp.dll (Stardock.Net, Inc)
MOD - C:\WINDOWS\system32\wbsys.dll (Stardock.Net, Inc)

========== Win32 Services (SafeList) ==========

SRV - (avast! Antivirus) -- E:\Avast\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- E:\Avast\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- E:\Avast\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- E:\Avast\aswUpdSv.exe (ALWIL Software)
SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (ATIAVAIW) -- C:\WINDOWS\system32\drivers\atinavt2.sys (ATI Technologies Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (cxbu0wdm) -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys (OMNIKEY)
DRV - (AmdLLD) -- C:\WINDOWS\system32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (DFUBTUSB) -- C:\WINDOWS\system32\drivers\frmupgr.sys (Broadcom Corporation.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (wfcxacap) -- C:\WINDOWS\system32\drivers\wfcxacap.sys (Leadtek Research Inc.)
DRV - (WFCXVCAP) -- C:\WINDOWS\system32\drivers\wfcxvcap.sys (Leadtek Research Inc.)
DRV - (wfcxdtun) -- C:\WINDOWS\system32\drivers\wfcxdtun.sys (Leadtek Research Inc.)
DRV - (wfcxatun) -- C:\WINDOWS\system32\drivers\wfcxatun.sys (Leadtek Research Inc.)
DRV - (wfcxxbar) -- C:\WINDOWS\system32\drivers\wfcxxbar.sys (Leadtek Research Inc.)
DRV - (wfcxtcap) -- C:\WINDOWS\system32\drivers\wfcxtcap.sys (Leadtek Research Inc.)
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys (Leadtek Research Inc.)
DRV - (IFP800) -- C:\WINDOWS\system32\drivers\ifp800.sys (iRiver, Inc.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.centrum.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.13
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.03 15:58:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: E:\Firefox\components [2010.02.20 22:11:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: E:\Firefox\plugins [2010.02.20 22:11:23 | 000,000,000 | ---D | M]

[2008.11.12 21:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions
[2008.11.12 21:42:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.03.07 21:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions
[2010.02.09 17:36:22 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.02.23 17:33:46 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009.10.16 15:06:38 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.01.08 18:36:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.11.10 20:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\2sluuhi5.default\extensions\anycolor.pavlos256@gmail.com

O1 HOSTS File: ([2009.05.19 21:51:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast!] E:\Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = E:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - E:\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\jpip {B92DD248-E3D5-4A92-B311-C9B841681455} - E:\expressview.dll (Lizardtech Software)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sidlet {B92DD248-E3D5-4A92-B311-C9B841681455} - E:\expressview.dll (Lizardtech Software)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\wbsys.dll) - C:\WINDOWS\system32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - E:\WINDOW~1\fastload.dll - E:\WindowBlinds\fastload.dll (Stardock)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.03.09 18:17:07 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Plocha\OTL.exe
[2010.03.08 20:33:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.03.08 20:20:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tomas\Recent
[2010.03.07 13:06:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.07 13:06:20 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.07 12:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
[2010.03.07 12:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.03.03 13:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\Eidos
[2010.03.03 08:52:38 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\WINDOWS\System32\drivers\AmdLLD.sys
[2010.03.03 08:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2010.03.03 08:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Downloaded Installations
[2010.02.28 21:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Apple
[2010.02.28 21:38:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.02.27 08:26:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\SimCity 4
[2009.10.05 18:55:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.06.03 18:10:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.06.03 18:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.11.12 21:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.03.09 18:17:23 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Tomas\NTUSER.DAT
[2010.03.09 18:17:09 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Plocha\OTL.exe
[2010.03.09 18:12:11 | 000,211,251 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.09 18:11:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.09 18:11:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.08 21:22:46 | 000,208,896 | ---- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.08 20:29:25 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.08 20:22:35 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.08 20:05:39 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Výběry.doc
[2010.03.07 13:51:44 | 000,000,625 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\OperationFlashpoint.lnk
[2010.03.06 18:03:25 | 000,002,185 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Corel PHOTO-PAINT 11.lnk
[2010.03.06 12:20:38 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2010.03.04 20:29:03 | 002,639,698 | -H-- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\IconCache.db
[2010.03.03 08:52:46 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2010.03.03 08:52:31 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Play Batman Arkham Asylum.lnk
[2010.03.02 18:52:12 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.03.02 14:25:27 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.01 18:04:56 | 000,002,375 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Microsoft Word.lnk
[2010.02.28 21:40:13 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.02.27 08:26:00 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\SimCity 4.lnk
[2010.02.27 08:25:34 | 000,151,515 | ---- | M] () -- C:\WINDOWS\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.07 13:51:44 | 000,000,625 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\OperationFlashpoint.lnk
[2010.03.03 08:52:30 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Play Batman Arkham Asylum.lnk
[2010.02.27 08:26:00 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\SimCity 4.lnk
[2010.02.13 21:31:45 | 000,169,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.14 17:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.06.07 17:51:36 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.05.21 17:31:49 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[2009.05.21 17:31:49 | 000,010,357 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[2009.05.21 17:31:49 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[2009.05.21 17:30:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\chksvrn.dll
[2009.04.24 14:33:26 | 000,000,202 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.03.15 16:40:51 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.03.15 16:40:51 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Tomas\Data aplikací\PnkBstrK.sys
[2009.03.15 11:33:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\apache.dll
[2009.03.14 13:47:36 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.03.14 12:59:03 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009.02.09 06:18:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.02.09 06:18:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.02.09 06:18:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.02.09 06:18:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.01.27 18:22:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.01.27 18:22:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.01.09 16:18:03 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\Tomas\Data aplikací\AutoGK.ini
[2008.12.12 15:18:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.12.07 13:48:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.11.15 10:06:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.13 19:31:40 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2008.11.13 19:25:53 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.11.13 19:19:32 | 000,000,489 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.13 18:55:08 | 000,208,896 | ---- | C] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.13 18:44:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\wb.ini
[2008.11.13 18:44:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2008.11.13 18:26:53 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.11.12 21:59:08 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.12 21:04:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.03.01 20:18:37 | 000,244,224 | ---- | C] () -- C:\WINDOWS\System32\gc.dll
[2006.02.27 14:48:36 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006.02.27 14:30:32 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 003,223,552 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005.10.14 11:56:48 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005.10.14 11:56:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005.10.14 11:56:48 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll

========== LOP Check ==========

[2008.11.13 19:31:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.02.27 11:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.02.28 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.04.25 19:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2008.11.29 13:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2008.11.12 22:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\DAEMON Tools
[2009.01.24 11:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\gnupg
[2008.11.13 21:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Leadertech
[2009.11.21 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Little Games Company
[2010.03.07 12:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Spyware Terminator
[2010.01.26 17:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Vso

========== Purity Check ==========

< End of report >

Riviera kid · Příspěvekod **Riviera kid** » 09 bře 2010 18:23

OTL Extras logfile created on: 9.3.2010 18:19:30 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Tomas\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,63 Gb Free Space | 47,43% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 59,60 Gb Free Space | 61,03% Space Free | Partition Type: NTFS
Drive E: | 14,65 Gb Total Space | 13,02 Gb Free Space | 88,92% Space Free | Partition Type: NTFS
Drive F: | 124,63 Gb Total Space | 119,55 Gb Free Space | 95,92% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 38,15 Gb Free Space | 39,07% Space Free | Partition Type: NTFS
Drive H: | 19,53 Gb Total Space | 8,54 Gb Free Space | 43,72% Space Free | Partition Type: NTFS
Drive I: | 18,03 Gb Total Space | 4,25 Gb Free Space | 23,58% Space Free | Partition Type: NTFS

Computer Name: RIVIERA_KID
Current User Name: Tomas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "E:\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "E:\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "E:\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\StrongDC++\StrongDC.exe" = E:\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++ -- (Big Muscle, KohlSoft® Corporation ;-)

)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"E:\totalcmd\TOTALCMD.EXE" = E:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"E:\Skype\Phone\Skype.exe" = E:\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Games\Spiderman - Web Of Shadows\image\pc\Spider-Man Web of Shadows.exe" = D:\Games\Spiderman - Web Of Shadows\image\pc\Spider-Man Web of Shadows.exe:*:Enabled:Spider-Man(R) - Web of Shadows(TM) -- (Activision, Inc.)
"G:\hry- instalace\Batman\Binaries\ShippingPC-BmGame.exe" = G:\hry- instalace\Batman\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum -- (Rocksteady Studios Ltd)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Games\OperationFlashpoint\OpFlashPreferences.exe" = D:\Games\OperationFlashpoint\OpFlashPreferences.exe:*:Disabled:Operation Flashpoint preferences -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{072D2077-9E22-4F7F-B817-A92CA6CCC843}" = iriver Music Manager
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{23B774E8-65B4-4A31-8D48-9383C5FA3A6B}" = UFO Aftermath
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game
"{49FC50FC-F965-40D9-89B4-CBFF80941CSY}" = Windows Movie Maker 2.0
"{4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}" = OMNIKEY CardMan 3x21 PC/SC Driver
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6833245E-DD86-479A-882A-8360D62C8194}" = NVIDIA PhysX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{77388E73-C075-4199-8C03-366A0CA9AC2C}" = Baldur's Gate
"{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}" = Spider-Man(TM) - Web of Shadows
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9208F706-6528-4591-A997-F41395FBD8A7}" = Spider-Man(TM) - Web of Shadows 1.1 Patch
"{9CD8FC8E-A1CA-4634-96BC-CD6B2D4797CC}" = Lizardtech Express View Browser Plug-in
"{9CE80D58-2E74-4FF4-A2D2-5E714E470F36}" = ASUS nVidia Driver
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C329A034-EC6B-4670-A97D-BCE6527AAC9B}" = Rybarske reviry CR - Digitalni atlas
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1" = King’s Bounty (Pouze odstranit)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.3
"avast!" = avast! Antivirus
"BSPlayer1" = BSPlayer
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"Connection Manager" = Microsoft Connection Manager
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"coverXP" = coverXP (remove only)
"Čestina do SimCity 4 Rush Hour a Delux BETA" = Čestina do SimCity 4 Rush Hour a Delux BETA
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Ghosthunter release_is1" = DVDFab Ghosthunter release 5.1.1.0
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}" = Spider-Man(TM) - Web of Shadows
"InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}" = Spider-Man(R) - Web of Shadows(TM) 1.1 Patch
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Operation Flashpoint" = Operation Flashpoint uninstall
"PunkBusterSvc" = PunkBuster Services
"QIP 2005_is1" = QIP 2005 8080
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"Recuva" = Recuva (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"WindowBlinds" = WindowBlinds
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 3.1.2009 4:08:45 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www23.czshare.com/profi.php?id=4 ... AjF_l_4FKz
failed, 00000084.

Error - 6.1.2009 15:29:50 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://jizdnirady.idnes.cz/ScriptResour ... 0853437500
failed, 0000A413.

Error - 26.4.2009 8:27:52 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www65.czshare.com/profi.php?id=5 ... U0_1wUdill
failed, 00000084.

Error - 26.4.2009 8:28:12 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www60.czshare.com/profi.php?id=5 ... HW94e2IZnC
failed, 00000084.

Error - 26.4.2009 8:28:33 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www75.czshare.com/profi.php?id=5 ... QqbpX1xL4C
failed, 00000084.

Error - 26.4.2009 8:28:35 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www47.czshare.com/profi.php?id=4 ... F1ewstSIH5
failed, 00000084.

Error - 8.11.2009 15:53:38 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.cz/complete/sear ... ture&cp=13
failed, 0000A413.

Error - 16.1.2010 14:54:49 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www85.czshare.com/profi.php?id=8 ... dCF26_FA__
failed, 00000084.

Error - 25.1.2010 13:26:17 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www18.czshare.com/profi.php?id=3 ... lrr_f7Q9Zn
failed, 00000084.

Error - 25.1.2010 13:26:41 | Computer Name = RIVIERA_KID | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www18.czshare.com/profi.php?id=3 ... t3tZWU_t_S
failed, 00000084.

[ Application Events ]
Error - 14.2.2010 7:52:39 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace fear.exe, verze 1.0.0.0, chybující modul fear.exe,
verze 1.0.0.0, adresa chyby 0x00019038.

Error - 14.2.2010 9:13:30 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace assassinscreed_dx9.exe, verze 1.0.0.1, chybující
modul assassinscreed_dx9.exe, verze 1.0.0.1, adresa chyby 0x009694c9.

Error - 14.2.2010 13:41:13 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace assassinscreed_dx9.exe, verze 1.0.0.1, chybující
modul unknown, verze 0.0.0.0, adresa chyby 0x08f8bc9c.

Error - 19.2.2010 11:47:35 | Computer Name = RIVIERA_KID | Source = MsiInstaller | ID = 10005
Description = Produkt: SimCity™ Společnost Turistické destinace -- Need to have
Full version of game already installed

Error - 19.2.2010 11:48:06 | Computer Name = RIVIERA_KID | Source = MsiInstaller | ID = 10005
Description = Produkt: SimCity™ Společnost Turistické destinace -- Need to have
Full version of game already installed

Error - 21.2.2010 6:05:19 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace fear.exe, verze 1.0.0.0, chybující modul fear.exe,
verze 1.0.0.0, adresa chyby 0x0006026c.

Error - 28.2.2010 8:26:39 | Computer Name = RIVIERA_KID | Source = MsiInstaller | ID = 10005
Description = Produkt: SimCity™ Společnost Turistické destinace -- Need to have
Full version of game already installed

Error - 28.2.2010 12:43:05 | Computer Name = RIVIERA_KID | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application simcitysocieties.exe, version 1.0.4.270, stamp
48358648, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault
address 0x29ea75aa.

Error - 7.3.2010 7:42:37 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
wblind.dll, verze 4.6.0.0, adresa chyby 0x00054732.

Error - 7.3.2010 7:42:41 | Computer Name = RIVIERA_KID | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

[ System Events ]
Error - 19.2.2010 12:17:06 | Computer Name = RIVIERA_KID | Source = SCardSvr | ID = 610
Description = Čtecí zařízení karet Smart Card OMNIKEY CardMan 3x21 0 odmítlo příkaz
IOCTL GET_STATE: Přístup byl odepřen.

Error - 20.2.2010 5:59:11 | Computer Name = RIVIERA_KID | Source = SCardSvr | ID = 520
Description = Služba Smart Card Resource Manager obdržela nerozpoznaný popisovač
události PnP DBT_DEVICEQUERYREMOVE/dbch_handle.

Error - 22.2.2010 12:56:59 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 001D7DE7926E
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 4.3.2010 14:13:45 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 001D7DE7926E
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 8.3.2010 14:28:56 | Computer Name = RIVIERA_KID | Source = Service Control Manager | ID = 7034
Description = Služba Spyware Terminator Realtime Shield Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 8.3.2010 14:29:40 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 001D7DE7926E byla ukončena.

Error - 8.3.2010 14:30:05 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 001D7DE7926E byla ukončena.

Error - 8.3.2010 14:33:45 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 001D7DE7926E byla ukončena.

Error - 8.3.2010 14:39:06 | Computer Name = RIVIERA_KID | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 001D7DE7926E
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 8.3.2010 15:25:57 | Computer Name = RIVIERA_KID | Source = Service Control Manager | ID = 7034
Description = Služba Spyware Terminator Realtime Shield Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

< End of report >

Preventivní kontrola Vyřešeno

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Kdo je online