no taky se mi moc nelíbí, mám tu toho dost...
F-secure se při úplném testu sekl při 12-13%, že nemohl načíst soubor, tak jsem dal ten rychlý test. Výsledek: 0 nakažených. Trvá to dlouho, tak teď jdu pryč tak to nechám běžet, jestli to půjde.
Log z AVP tools se vytvořil přes noc:
Automatická kontrola: dokončeno před 1 hod. (události: 10, objekty: 1297723, čas: 06:18:37)
30.3.2011 0:11:39 Úloha byla spuštěna
30.3.2011 0:18:52 Zjištěno: Trojan-PSW.Win32.Dybalom.dhs C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Opera\Opera 11.00 beta\cache\g_0034\opr0057G.tmp/HDD Regenerator Full version 1.71/hr171.exe/data0002
30.3.2011 0:21:04 Zjištěno: Trojan-PSW.Win32.Dybalom.dhs C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar/HDD Regenerator Full version 1.71/hr171.exe/data0002
30.3.2011 0:26:10 Odstraněno: Trojan-PSW.Win32.Dybalom.dhs C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar
30.3.2011 0:26:16 Odstraněno: Trojan-PSW.Win32.Dybalom.dhs C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Opera\Opera 11.00 beta\cache\g_0034\opr0057G.tmp
30.3.2011 0:26:38 Zjištěno: Trojan.Win32.Agent.ftsi C:\Documents and Settings\Administrator\Plocha\pc\T-Cleaner.exe
30.3.2011 1:16:02 Odstraněno: Trojan.Win32.Agent.ftsi C:\Documents and Settings\Administrator\Plocha\pc\T-Cleaner.exe
30.3.2011 1:25:51 Zjištěno: Trojan.Win32.Agent.ftsi C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe
30.3.2011 2:16:28 Odstraněno: Trojan.Win32.Agent.ftsi C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe
30.3.2011 6:30:16 Úloha byla dokončena
prosím o kontrolu logu, měl jsem nějakého škůdce v NB Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
Smažeme to potom najednou..
ještě udělej tohle:
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
Pak:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.
Pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:
Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.
ještě udělej tohle:
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
Pak:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.
Pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:
Kód: Vybrat vše
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINTNeměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
tak po dlouhém skenování výsledky:
log z toho podrobnějšího AVP tool nemám, seklo se to.
log z esetu a OTL je níže:
ESET
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Big2Master.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Mahjong.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
D:\mobil\nokia\zaloha\Private\102033E6\MIDlets\[1018df7a]\big2master.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
---------------------------------------------------------
OTL
OTL logfile created on: 30.3.2011 22:10:24 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 4,97 Gb Free Space | 14,53% Space Free | Partition Type: NTFS
Drive D: | 234,38 Gb Total Space | 22,46 Gb Free Space | 9,58% Space Free | Partition Type: NTFS
Computer Name: HONZA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2010.12.13 09:40:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 09:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.07.13 13:11:20 | 000,560,848 | ---- | M] (CrossLoop Inc) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe
PRC - [2008.07.21 08:59:54 | 000,217,088 | R--- | M] (ASUSTek COMPUTER INC.) -- C:\Program Files\ASUS\Printer Utilities\UsbService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.10 16:25:40 | 000,572,008 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.03.09 16:35:20 | 000,049,152 | ---- | M] ( ) -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
PRC - [2006.03.09 13:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
PRC - [2004.02.09 14:23:38 | 000,749,568 | ---- | M] () -- c:\ideas\sec\eds_id11.exe
PRC - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) -- c:\ideas\sec\lmgrd.exe
========== Modules (SafeList) ==========
MOD - [2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.07.10 16:23:42 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2007.07.10 16:21:38 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.03.27 20:17:28 | 000,269,480 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.13 09:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.23 21:37:31 | 000,072,704 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.07.13 13:11:20 | 000,560,848 | ---- | M] (CrossLoop Inc) [Auto | Running] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010.06.09 21:43:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.22 14:37:56 | 001,587,352 | ---- | M] (UltraVNC) [On_Demand | Stopped] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\winvnc.exe -- (uvnc_service)
SRV - [2008.07.21 08:59:54 | 000,217,088 | R--- | M] (ASUSTek COMPUTER INC.) [Auto | Running] -- C:\Program Files\ASUS\Printer Utilities\UsbService.exe -- (UsbService)
SRV - [2006.03.09 16:35:20 | 000,049,152 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
SRV - [2006.03.09 13:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) [Auto | Running] -- c:\ideas\sec\lmgrd.exe -- (I-DEAS License Manager 11.0)
SRV - [2002.06.17 17:53:24 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Stopped] -- C:\ideas\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe -- (IT iona_services.config_rep.a02-0815b cfr-MyDomain)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011.03.27 20:17:28 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.14 22:28:07 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.07.01 18:40:35 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.09 21:29:30 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2010.04.06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010.04.06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010.04.06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.12.18 12:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\02755832.sys -- (02755832)
DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\0275583.sys -- (setup_9.0.0.722_30.03.2011_00-33drv)
DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\02755831.sys -- (02755831)
DRV - [2009.06.30 12:13:12 | 000,017,408 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gMouPS2.sys -- (gMouPS2)
DRV - [2009.06.27 17:30:32 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2009.06.25 17:04:28 | 000,011,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.12.20 11:55:36 | 000,066,432 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vuhub.sys -- (vuhub)
DRV - [2007.08.06 11:03:03 | 000,878,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.08.06 11:03:03 | 000,539,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.08.06 11:03:03 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.08.06 11:03:03 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.08.06 11:03:03 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.08.06 11:03:03 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.08.06 11:03:03 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2005.11.17 15:45:40 | 004,069,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.10.24 10:20:52 | 000,218,496 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.10.18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.10.18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.09.30 11:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.09.12 10:49:44 | 003,298,432 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2005.08.15 11:08:26 | 000,127,488 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2005.08.15 11:08:26 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2005.07.07 16:26:04 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.07.07 16:26:00 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.07.07 16:25:58 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.07.07 16:25:52 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.07.07 16:25:50 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004.03.24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.elektronika-cnc.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/|http://www.google.cz/firefox?client=firefox-a&rls=org.mozilla:cs:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: maps@ovi.com:4.0.12.12
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0
FF - prefs.js..extensions.enabledItems: fastYoutubeDownloader@yevgenyandrov.net:1.2.2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.2.3
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.02.05 16:33:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.19 23:09:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.27 14:03:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.02.05 16:33:37 | 000,000,000 | ---D | M]
[2010.06.09 22:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.02.06 22:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions
[2010.07.11 14:14:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 22:00:51 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.09.03 23:16:58 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.09.03 23:04:26 | 000,000,000 | ---D | M] (Fast CENZURA) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net
[2010.06.14 22:12:08 | 000,000,000 | ---D | M] (Ovi maps browser plugin) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com
[2010.08.08 14:42:26 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2011.02.06 22:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.24 15:34:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.21 23:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.13 19:11:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\FASTYOUTUBEDOWNLOADER@YEVGENYANDROV.NET
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\MAPS@OVI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\RSDOWNLOADHELPER@YEVGENYANDROV.NET
[2010.06.09 20:25:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.05 16:33:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.13 16:51:41 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.13 16:51:41 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.13 16:51:41 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.13 16:51:41 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.13 16:51:41 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.03.29 21:50:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk = C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool\setup_9.0.0.722_30.03.2011_00-33\startup.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm ()
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 1065241281 (MUCatalogWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3 ... 04-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} http://88.146.134.61:5550/WebCamX.cab (WebCamX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.09 18:47:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 30 Days ==========
[2011.03.30 22:08:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.03.30 17:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.03.30 09:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\f-secure
[2011.03.30 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2011.03.30 00:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.03.30 00:09:31 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\0275583.sys
[2011.03.30 00:09:31 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755831.sys
[2011.03.30 00:09:31 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755832.sys
[2011.03.30 00:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool
[2011.03.29 23:44:05 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.03.29 23:37:30 | 095,871,792 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Plocha\setup_9.0.0.722_30.03.2011_00-33.exe
[2011.03.29 21:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\tdsskiller
[2011.03.29 21:24:54 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Administrator\Plocha\SPTDinst-v178-x86.exe
[2011.03.29 20:50:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.03.29 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011.03.29 08:37:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.03.28 17:42:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.03.28 17:42:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.03.28 17:42:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.03.28 17:39:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.28 17:39:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.28 10:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2011.03.28 10:16:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.03.28 10:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.03.28 10:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.03.28 10:16:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.03.28 10:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.03.28 10:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.03.28 10:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\HiJackThis
[2011.03.26 18:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Miranda IM
[2011.03.20 22:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\HD Tune Pro
[2011.03.20 22:00:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune Pro
[2011.03.20 22:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2011.03.20 21:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2011.03.20 21:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.03.20 13:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\pc
[2011.03.20 12:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J
[2011.03.13 23:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Faculty_of_Organization_a
[2011.03.10 22:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2011.03.10 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2011.03.10 22:02:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2011.03.10 22:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.03.10 22:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
[2011.03.10 22:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Apple Computer
[2011.03.10 22:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.03.10 22:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.03.10 22:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Apple
[2011.03.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011.03.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2011.03.06 23:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Ovi
[2011.03.01 19:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.09 21:46:22 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2010.06.09 21:46:22 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2006.05.25 17:35:52 | 000,086,016 | ---- | C] ( ) -- C:\WINDOWS\System32\AudioDec.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.30 22:08:25 | 000,004,953 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.03.30 02:16:21 | 000,000,602 | -HS- | M] () -- C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi
[2011.03.30 00:10:50 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk
[2011.03.29 23:41:48 | 095,871,792 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Plocha\setup_9.0.0.722_30.03.2011_00-33.exe
[2011.03.29 23:09:40 | 000,000,553 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011.03.29 21:50:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.29 21:42:45 | 004,305,591 | R--- | M] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.03.29 21:41:09 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011.03.29 21:40:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.29 21:39:29 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011.03.29 21:36:48 | 000,309,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.29 21:35:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.03.29 21:25:06 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Defogger.exe
[2011.03.29 21:24:54 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Administrator\Plocha\SPTDinst-v178-x86.exe
[2011.03.29 21:24:38 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
[2011.03.29 20:36:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 6.lnk
[2011.03.29 10:42:09 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\HiJackThis.lnk
[2011.03.29 10:16:37 | 000,000,927 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.03.29 09:22:19 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.28 22:20:14 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
[2011.03.28 10:16:33 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.27 20:17:28 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.03.27 14:47:59 | 001,686,984 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\2007_Stramberska.unlocked.pdf
[2011.03.27 12:58:25 | 000,459,130 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.27 12:58:25 | 000,455,686 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.27 12:58:25 | 000,090,816 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.27 12:58:25 | 000,079,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.26 16:53:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.22 11:25:45 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2011.03.21 14:47:02 | 000,002,561 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2011.03.21 14:47:02 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2011.03.20 22:00:07 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\HD Tune Pro.lnk
[2011.03.20 21:54:28 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\CrystalDiskInfo.lnk
[2011.03.20 12:47:57 | 012,849,139 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J.zip
[2011.03.16 22:09:32 | 000,001,333 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\123.xspf
[2011.03.13 14:28:56 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WinSCP.lnk
[2011.03.06 13:45:46 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_124544.reg
[2011.03.06 12:50:10 | 000,005,598 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_115007.reg
[2011.03.06 11:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.30 00:24:41 | 000,000,602 | -HS- | C] () -- C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi
[2011.03.30 00:10:50 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk
[2011.03.29 21:39:26 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011.03.29 21:29:07 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.03.29 21:25:05 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Defogger.exe
[2011.03.29 21:24:38 | 001,263,721 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
[2011.03.28 17:42:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.28 17:42:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.28 17:42:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.28 17:42:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.28 17:42:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.03.28 17:40:28 | 004,305,591 | R--- | C] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.03.28 10:16:33 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.28 10:11:10 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\HiJackThis.lnk
[2011.03.27 15:21:49 | 001,686,984 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\2007_Stramberska.unlocked.pdf
[2011.03.22 11:25:45 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2011.03.22 11:25:45 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2011.03.21 13:50:52 | 000,002,561 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2011.03.21 13:50:52 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2011.03.20 22:00:07 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\HD Tune Pro.lnk
[2011.03.20 21:54:28 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\CrystalDiskInfo.lnk
[2011.03.20 12:46:36 | 012,849,139 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J.zip
[2011.03.16 22:09:32 | 000,001,333 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\123.xspf
[2011.03.13 14:28:56 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\WinSCP.lnk
[2011.03.10 22:02:44 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Safari.lnk
[2011.03.10 22:00:48 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2011.03.06 13:45:45 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_124544.reg
[2011.03.06 12:50:09 | 000,005,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_115007.reg
[2011.01.29 19:56:10 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.29 19:56:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.29 19:56:08 | 000,381,459 | ---- | C] () -- C:\WINDOWS\System32\Instcodec.exe
[2011.01.27 17:55:40 | 000,065,516 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.11.21 23:34:01 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010.09.24 06:25:08 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\fusioncache.dat
[2010.09.23 21:56:35 | 000,001,874 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.09.23 21:46:51 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\fusioncache.dat
[2010.09.23 21:24:48 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2010.09.02 19:12:11 | 000,000,000 | ---- | C] () -- C:\Program Files\SasCam_freeSaschArtCamImage.bmp
[2010.08.18 17:23:02 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\ZipDLL.dll
[2010.08.18 17:23:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll
[2010.08.18 17:23:02 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\ZipSFX.bin
[2010.07.24 15:34:33 | 000,066,432 | R--- | C] () -- C:\WINDOWS\System32\drivers\vuhub.sys
[2010.07.18 11:15:49 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
[2010.07.01 21:13:57 | 000,000,927 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.07.01 18:40:09 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2010.07.01 18:11:51 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.07.01 18:10:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.06.27 22:01:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.15 16:43:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2010.06.15 16:43:06 | 000,011,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2010.06.09 22:34:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.09 21:15:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 20:24:21 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.09 20:23:04 | 000,309,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 19:15:43 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.06.09 19:15:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.06.09 19:07:33 | 000,004,953 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.06.09 19:01:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2010.06.09 18:57:08 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.09 18:49:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.09 18:43:28 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.06 18:33:10 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.07.10 16:24:06 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.07.10 16:12:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.06.27 08:00:00 | 001,777,664 | ---- | C] () -- C:\WINDOWS\System32\ZHP1600R.DLL
[2007.06.27 08:00:00 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGI1600.DLL
[2007.06.27 08:00:00 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\zSHP1600.EXE
[2007.06.27 08:00:00 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ZHHP1600.EXE
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.07.18 16:54:28 | 000,001,147 | ---- | C] () -- C:\WINDOWS\System32\IPCamera.ini
[2006.06.02 12:25:58 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\RTClientSDK55.dll
[2003.07.16 13:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,459,130 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,455,686 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,090,816 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,079,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.11 12:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.11 12:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
========== Files - Unicode (All) ==========
[2010.07.18 13:27:26 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrator\Data aplikac?) -- C:\Documents and Settings\Administrator\Data aplikac�
(C:\Documents and Settings\Administrator\Data aplikac?) -- C:\Documents and Settings\Administrator\Data aplikac�
< End of report >
log z toho podrobnějšího AVP tool nemám, seklo se to.
log z esetu a OTL je níže:
ESET
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Big2Master.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Mahjong.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
D:\mobil\nokia\zaloha\Private\102033E6\MIDlets\[1018df7a]\big2master.jar a variant of J2ME/TrojanSMS.Boxer.A trojan
---------------------------------------------------------
OTL
OTL logfile created on: 30.3.2011 22:10:24 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 4,97 Gb Free Space | 14,53% Space Free | Partition Type: NTFS
Drive D: | 234,38 Gb Total Space | 22,46 Gb Free Space | 9,58% Space Free | Partition Type: NTFS
Computer Name: HONZA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2010.12.13 09:40:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 09:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.07.13 13:11:20 | 000,560,848 | ---- | M] (CrossLoop Inc) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe
PRC - [2008.07.21 08:59:54 | 000,217,088 | R--- | M] (ASUSTek COMPUTER INC.) -- C:\Program Files\ASUS\Printer Utilities\UsbService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.10 16:25:40 | 000,572,008 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.03.09 16:35:20 | 000,049,152 | ---- | M] ( ) -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
PRC - [2006.03.09 13:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
PRC - [2004.02.09 14:23:38 | 000,749,568 | ---- | M] () -- c:\ideas\sec\eds_id11.exe
PRC - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) -- c:\ideas\sec\lmgrd.exe
========== Modules (SafeList) ==========
MOD - [2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.07.10 16:23:42 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2007.07.10 16:21:38 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.03.27 20:17:28 | 000,269,480 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.13 09:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.23 21:37:31 | 000,072,704 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.07.13 13:11:20 | 000,560,848 | ---- | M] (CrossLoop Inc) [Auto | Running] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010.06.09 21:43:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.22 14:37:56 | 001,587,352 | ---- | M] (UltraVNC) [On_Demand | Stopped] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\CrossLoop\winvnc.exe -- (uvnc_service)
SRV - [2008.07.21 08:59:54 | 000,217,088 | R--- | M] (ASUSTek COMPUTER INC.) [Auto | Running] -- C:\Program Files\ASUS\Printer Utilities\UsbService.exe -- (UsbService)
SRV - [2006.03.09 16:35:20 | 000,049,152 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
SRV - [2006.03.09 13:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) [Auto | Running] -- c:\ideas\sec\lmgrd.exe -- (I-DEAS License Manager 11.0)
SRV - [2002.06.17 17:53:24 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Stopped] -- C:\ideas\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe -- (IT iona_services.config_rep.a02-0815b cfr-MyDomain)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011.03.27 20:17:28 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.01.14 22:28:07 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.07.01 18:40:35 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.09 21:29:30 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2010.04.06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010.04.06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010.04.06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.12.18 12:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\02755832.sys -- (02755832)
DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\0275583.sys -- (setup_9.0.0.722_30.03.2011_00-33drv)
DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\02755831.sys -- (02755831)
DRV - [2009.06.30 12:13:12 | 000,017,408 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gMouPS2.sys -- (gMouPS2)
DRV - [2009.06.27 17:30:32 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2009.06.25 17:04:28 | 000,011,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.12.20 11:55:36 | 000,066,432 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vuhub.sys -- (vuhub)
DRV - [2007.08.06 11:03:03 | 000,878,520 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.08.06 11:03:03 | 000,539,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.08.06 11:03:03 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.08.06 11:03:03 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.08.06 11:03:03 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.08.06 11:03:03 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.08.06 11:03:03 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2005.11.17 15:45:40 | 004,069,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.10.24 10:20:52 | 000,218,496 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.10.18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.10.18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.09.30 11:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.09.12 10:49:44 | 003,298,432 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2005.08.15 11:08:26 | 000,127,488 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2005.08.15 11:08:26 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2005.07.07 16:26:04 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.07.07 16:26:00 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.07.07 16:25:58 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.07.07 16:25:52 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.07.07 16:25:50 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2004.03.24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.elektronika-cnc.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/|http://www.google.cz/firefox?client=firefox-a&rls=org.mozilla:cs:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: maps@ovi.com:4.0.12.12
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: rsDownloadHelper@yevgenyandrov.net:1.0
FF - prefs.js..extensions.enabledItems: fastYoutubeDownloader@yevgenyandrov.net:1.2.2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.2.3
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.02.05 16:33:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.19 23:09:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.27 14:03:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.02.05 16:33:37 | 000,000,000 | ---D | M]
[2010.06.09 22:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.02.06 22:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions
[2010.07.11 14:14:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.23 22:00:51 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.09.03 23:16:58 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.09.03 23:04:26 | 000,000,000 | ---D | M] (Fast CENZURA) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net
[2010.06.14 22:12:08 | 000,000,000 | ---D | M] (Ovi maps browser plugin) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com
[2010.08.08 14:42:26 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2011.02.06 22:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.24 15:34:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.21 23:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.13 19:11:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\FASTYOUTUBEDOWNLOADER@YEVGENYANDROV.NET
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\MAPS@OVI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\RSDOWNLOADHELPER@YEVGENYANDROV.NET
[2010.06.09 20:25:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.05 16:33:37 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.13 16:51:41 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.13 16:51:41 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.13 16:51:41 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.13 16:51:41 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.13 16:51:41 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.03.29 21:50:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk = C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool\setup_9.0.0.722_30.03.2011_00-33\startup.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownloadAll.htm ()
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\ASDownload.htm ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 1065241281 (MUCatalogWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3 ... 04-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} http://88.146.134.61:5550/WebCamX.cab (WebCamX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.09 18:47:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 30 Days ==========
[2011.03.30 22:08:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.03.30 17:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.03.30 09:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\f-secure
[2011.03.30 09:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2011.03.30 00:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.03.30 00:09:31 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\0275583.sys
[2011.03.30 00:09:31 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755831.sys
[2011.03.30 00:09:31 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755832.sys
[2011.03.30 00:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool
[2011.03.29 23:44:05 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.03.29 23:37:30 | 095,871,792 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Plocha\setup_9.0.0.722_30.03.2011_00-33.exe
[2011.03.29 21:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\tdsskiller
[2011.03.29 21:24:54 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Administrator\Plocha\SPTDinst-v178-x86.exe
[2011.03.29 20:50:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.03.29 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011.03.29 08:37:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.03.28 17:42:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.03.28 17:42:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.03.28 17:42:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.03.28 17:39:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.28 17:39:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.28 10:16:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2011.03.28 10:16:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.03.28 10:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.03.28 10:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.03.28 10:16:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.03.28 10:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.03.28 10:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.03.28 10:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\HiJackThis
[2011.03.26 18:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Miranda IM
[2011.03.20 22:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\HD Tune Pro
[2011.03.20 22:00:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune Pro
[2011.03.20 22:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2011.03.20 21:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2011.03.20 21:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.03.20 13:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\pc
[2011.03.20 12:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J
[2011.03.13 23:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Faculty_of_Organization_a
[2011.03.10 22:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2011.03.10 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2011.03.10 22:02:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2011.03.10 22:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.03.10 22:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
[2011.03.10 22:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Apple Computer
[2011.03.10 22:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.03.10 22:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.03.10 22:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Apple
[2011.03.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011.03.10 22:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2011.03.06 23:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Ovi
[2011.03.01 19:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.09 21:46:22 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2010.06.09 21:46:22 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2006.05.25 17:35:52 | 000,086,016 | ---- | C] ( ) -- C:\WINDOWS\System32\AudioDec.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.30 22:08:25 | 000,004,953 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.03.30 22:08:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.03.30 02:16:21 | 000,000,602 | -HS- | M] () -- C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi
[2011.03.30 00:10:50 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk
[2011.03.29 23:41:48 | 095,871,792 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Plocha\setup_9.0.0.722_30.03.2011_00-33.exe
[2011.03.29 23:09:40 | 000,000,553 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011.03.29 21:50:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.29 21:42:45 | 004,305,591 | R--- | M] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.03.29 21:41:09 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011.03.29 21:40:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.29 21:39:29 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011.03.29 21:36:48 | 000,309,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.29 21:35:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.03.29 21:25:06 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Defogger.exe
[2011.03.29 21:24:54 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Administrator\Plocha\SPTDinst-v178-x86.exe
[2011.03.29 21:24:38 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
[2011.03.29 20:36:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 6.lnk
[2011.03.29 10:42:09 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\HiJackThis.lnk
[2011.03.29 10:16:37 | 000,000,927 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.03.29 09:22:19 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.28 22:20:14 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
[2011.03.28 10:16:33 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.27 20:17:28 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.03.27 14:47:59 | 001,686,984 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\2007_Stramberska.unlocked.pdf
[2011.03.27 12:58:25 | 000,459,130 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.27 12:58:25 | 000,455,686 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.27 12:58:25 | 000,090,816 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.27 12:58:25 | 000,079,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.26 16:53:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.22 11:25:45 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2011.03.21 14:47:02 | 000,002,561 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2011.03.21 14:47:02 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2011.03.20 22:00:07 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\HD Tune Pro.lnk
[2011.03.20 21:54:28 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\CrystalDiskInfo.lnk
[2011.03.20 12:47:57 | 012,849,139 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J.zip
[2011.03.16 22:09:32 | 000,001,333 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\123.xspf
[2011.03.13 14:28:56 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WinSCP.lnk
[2011.03.06 13:45:46 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_124544.reg
[2011.03.06 12:50:10 | 000,005,598 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_115007.reg
[2011.03.06 11:54:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.30 00:24:41 | 000,000,602 | -HS- | C] () -- C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi
[2011.03.30 00:10:50 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk
[2011.03.29 21:39:26 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Administrator\defogger_reenable
[2011.03.29 21:29:07 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.03.29 21:25:05 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Defogger.exe
[2011.03.29 21:24:38 | 001,263,721 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
[2011.03.28 17:42:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.28 17:42:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.28 17:42:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.28 17:42:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.28 17:42:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.03.28 17:40:28 | 004,305,591 | R--- | C] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.03.28 10:16:33 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.28 10:11:10 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\HiJackThis.lnk
[2011.03.27 15:21:49 | 001,686,984 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\2007_Stramberska.unlocked.pdf
[2011.03.22 11:25:45 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2011.03.22 11:25:45 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2011.03.21 13:50:52 | 000,002,561 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2011.03.21 13:50:52 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2011.03.20 22:00:07 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\HD Tune Pro.lnk
[2011.03.20 21:54:28 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\CrystalDiskInfo.lnk
[2011.03.20 12:46:36 | 012,849,139 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\MS-7252-K9NGM2-J.zip
[2011.03.16 22:09:32 | 000,001,333 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\123.xspf
[2011.03.13 14:28:56 | 000,001,464 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\WinSCP.lnk
[2011.03.10 22:02:44 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Safari.lnk
[2011.03.10 22:00:48 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2011.03.06 13:45:45 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_124544.reg
[2011.03.06 12:50:09 | 000,005,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110306_115007.reg
[2011.01.29 19:56:10 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.29 19:56:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.29 19:56:08 | 000,381,459 | ---- | C] () -- C:\WINDOWS\System32\Instcodec.exe
[2011.01.27 17:55:40 | 000,065,516 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.11.21 23:34:01 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010.09.24 06:25:08 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\fusioncache.dat
[2010.09.23 21:56:35 | 000,001,874 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.09.23 21:46:51 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\fusioncache.dat
[2010.09.23 21:24:48 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2010.09.02 19:12:11 | 000,000,000 | ---- | C] () -- C:\Program Files\SasCam_freeSaschArtCamImage.bmp
[2010.08.18 17:23:02 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\ZipDLL.dll
[2010.08.18 17:23:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll
[2010.08.18 17:23:02 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\ZipSFX.bin
[2010.07.24 15:34:33 | 000,066,432 | R--- | C] () -- C:\WINDOWS\System32\drivers\vuhub.sys
[2010.07.18 11:15:49 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
[2010.07.01 21:13:57 | 000,000,927 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.07.01 18:40:09 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2010.07.01 18:11:51 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.07.01 18:10:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.06.27 22:01:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.15 16:43:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2010.06.15 16:43:06 | 000,011,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2010.06.09 22:34:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.09 21:15:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 20:24:21 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.09 20:23:04 | 000,309,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 19:15:43 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.06.09 19:15:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.06.09 19:07:33 | 000,004,953 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.06.09 19:01:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2010.06.09 18:57:08 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.09 18:49:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.09 18:43:28 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.06 18:33:10 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.07.10 16:24:06 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.07.10 16:12:18 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.06.27 08:00:00 | 001,777,664 | ---- | C] () -- C:\WINDOWS\System32\ZHP1600R.DLL
[2007.06.27 08:00:00 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGI1600.DLL
[2007.06.27 08:00:00 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\zSHP1600.EXE
[2007.06.27 08:00:00 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ZHHP1600.EXE
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.07.18 16:54:28 | 000,001,147 | ---- | C] () -- C:\WINDOWS\System32\IPCamera.ini
[2006.06.02 12:25:58 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\RTClientSDK55.dll
[2003.07.16 13:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,459,130 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,455,686 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,090,816 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,079,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.11 12:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.11 12:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
========== Files - Unicode (All) ==========
[2010.07.18 13:27:26 | 000,000,000 | ---D | M](C:\Documents and Settings\Administrator\Data aplikac?) -- C:\Documents and Settings\Administrator\Data aplikac�
(C:\Documents and Settings\Administrator\Data aplikac?) -- C:\Documents and Settings\Administrator\Data aplikac�
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.
*************
Odinstaluj:
Avp Tool ( Kaspersky Labs)
ESET On LINE
F-Secure
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\System32\AGI1600.DLL
C:\WINDOWS\system32\drivers\atapi.sys
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
//Tohle znáš:
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} http://88.146.134.61:5550/WebCamX.cab (WebCamX Control ???
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.
*************
Odinstaluj:
Avp Tool ( Kaspersky Labs)
ESET On LINE
F-Secure
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - [2009.10.22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\02755832.sys -- (02755832)
DRV - [2009.10.09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\0275583.sys -- (setup_9.0.0.722_30.03.2011_00-33drv)
DRV - [2009.09.25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\02755831.sys -- (02755831)
[2010.06.09 22:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.02.06 22:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions
[2011.02.06 22:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACì\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACì\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACì\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ-\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\FASTYOUTUBEDOWNLOADER@YEVGENYANDROV.NET
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACì\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\MAPS@OVI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ-\MOZILLA\FIREFOX\PROFILES\LI9G2GHB.DEFAULT\EXTENSIONS\RSDOWNLOADHELPER@YEVGENYANDROV.NET
O1 HOSTS File: ([2011.03.29 21:50:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk = C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool\setup_9.0.0.722_30.03.2011_00-33\startup.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2011.03.27 12:58:25 | 000,459,130 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.27 12:58:25 | 000,455,686 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.27 12:58:25 | 000,090,816 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.27 12:58:25 | 000,079,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,459,130 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,455,686 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,090,816 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,079,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Big2Master.jar
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Mahjong.jar
D:\mobil\nokia\zaloha\Private\102033E6\MIDlets\[1018df7a]\big2master.jar
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Opera\Opera 11.00 beta\cache\g_0034\opr0057G.tmp/HDD Regenerator Full version 1.71/hr171.exe/data0002
C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar/HDD Regenerator Full version 1.71/hr171.exe/data0002
C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar
C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe
C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe
C:\Documents and Settings\Administrator\Data aplikací\f-secure
C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2011.03.30 00:09:31 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\0275583.sys
[2011.03.30 00:09:31 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755831.sys
[2011.03.30 00:09:31 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755832.sys
[2011.03.30 00:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool
C:\Documents and Settings\Administrator\Plocha\tdsskiller
C:\WINDOWS\System32\drivers\etc\hosts.ics
C:\WINDOWS\imsins.BAK
C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip
C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi
C:\WINDOWS\System32\ezsidmv.dat
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ipconfig /flushdns /c
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[clearallrestorepoints]
[createrestorepoint]
[EMPTYFLASH]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\System32\AGI1600.DLL
C:\WINDOWS\system32\drivers\atapi.sys
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
//Tohle znáš:
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} http://88.146.134.61:5550/WebCamX.cab (WebCamX Control ???
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
Ten webcam.. kdysi sem se díval na webu někde na nějaké koupaliště, měli tam veřejný přístup, tak nevím jestli je to ono.. jinak já webku u NB nemám..
Logy:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named 02755832 was found to stop!
Service\Driver key 02755832 not found.
File C:\WINDOWS\system32\DRIVERS\02755832.sys not found.
Error: No service named setup_9.0.0.722_30.03.2011_00-33drv was found to stop!
Service\Driver key setup_9.0.0.722_30.03.2011_00-33drv not found.
File C:\WINDOWS\system32\drivers\0275583.sys not found.
Error: No service named 02755831 was found to stop!
Service\Driver key 02755831 not found.
File C:\WINDOWS\system32\drivers\02755831.sys not found.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\modules folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome\content\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\plugins folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\skin\icons folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\locale folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\content\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
File move failed. C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk scheduled to be moved on reboot.
File C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool\setup_9.0.0.722_30.03.2011_00-33\startup.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfh005.dat not found.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
File C:\WINDOWS\System32\perfc005.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\SET322.tmp moved successfully.
C:\WINDOWS\System32\SET324.tmp moved successfully.
C:\WINDOWS\System32\SET329.tmp moved successfully.
C:\WINDOWS\System32\SET330.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GlaryInitialize.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Big2Master.jar moved successfully.
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Mahjong.jar moved successfully.
D:\mobil\nokia\zaloha\Private\102033E6\MIDlets\[1018df7a]\big2master.jar moved successfully.
Invalid Switch: data0002
Invalid Switch: data0002
File\Folder C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar not found.
File\Folder C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe not found.
File\Folder C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe not found.
C:\Documents and Settings\Administrator\Data aplikací\f-secure folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure\Daas2\cert folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure\Daas2 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure folder moved successfully.
File\Folder [2011.03.30 00:09:31 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\0275583.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755831.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755832.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool not found.
C:\Documents and Settings\Administrator\Plocha\tdsskiller folder moved successfully.
C:\WINDOWS\System32\drivers\etc\hosts.ics moved successfully.
File\Folder C:\WINDOWS\imsins.BAK not found.
C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip moved successfully.
File\Folder C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi not found.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Administrator\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 140039 bytes
->Temporary Internet Files folder emptied: 320075 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22897727 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 734 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: student
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 22,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: student
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 03302011_234150
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk not found!
C:\WINDOWS\temp\hlktmp moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_65c.dat not found!
Registry entries deleted on Reboot...
----------------------------------------------------------------------------
http://www.virustotal.com/file-scan/rep ... 1301521620
http://www.virustotal.com/file-scan/rep ... 1301521494
Logy:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named 02755832 was found to stop!
Service\Driver key 02755832 not found.
File C:\WINDOWS\system32\DRIVERS\02755832.sys not found.
Error: No service named setup_9.0.0.722_30.03.2011_00-33drv was found to stop!
Service\Driver key setup_9.0.0.722_30.03.2011_00-33drv not found.
File C:\WINDOWS\system32\drivers\0275583.sys not found.
Error: No service named 02755831 was found to stop!
Service\Driver key 02755831 not found.
File C:\WINDOWS\system32\drivers\02755831.sys not found.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\modules folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome\content\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\rsDownloadHelper@yevgenyandrov.net folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\plugins folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\maps@ovi.com folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\skin\icons folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\locale folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\content\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions\fastYoutubeDownloader@yevgenyandrov.net folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\li9g2ghb.default\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
File move failed. C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk scheduled to be moved on reboot.
File C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool\setup_9.0.0.722_30.03.2011_00-33\startup.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfh005.dat not found.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
File C:\WINDOWS\System32\perfc005.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\SET322.tmp moved successfully.
C:\WINDOWS\System32\SET324.tmp moved successfully.
C:\WINDOWS\System32\SET329.tmp moved successfully.
C:\WINDOWS\System32\SET330.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GlaryInitialize.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Big2Master.jar moved successfully.
D:\mobil\nokia\zaloha\Installs\aplikace Nokia 5800\5 her z hon kongu\Mahjong.jar moved successfully.
D:\mobil\nokia\zaloha\Private\102033E6\MIDlets\[1018df7a]\big2master.jar moved successfully.
Invalid Switch: data0002
Invalid Switch: data0002
File\Folder C:\Documents and Settings\Administrator\Plocha\pc\HDD1.71.rar not found.
File\Folder C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe not found.
File\Folder C:\System Volume Information\_restore{683BCCD0-9238-491A-842B-13971DAFCD96}\RP246\A0048852.exe not found.
C:\Documents and Settings\Administrator\Data aplikací\f-secure folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure\Daas2\cert folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure\Daas2 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\F-Secure folder moved successfully.
File\Folder [2011.03.30 00:09:31 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\0275583.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755831.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\02755832.sys not found.
File\Folder [2011.03.30 00:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Virus Removal Tool not found.
C:\Documents and Settings\Administrator\Plocha\tdsskiller folder moved successfully.
C:\WINDOWS\System32\drivers\etc\hosts.ics moved successfully.
File\Folder C:\WINDOWS\imsins.BAK not found.
C:\Documents and Settings\Administrator\Plocha\tdsskiller.zip moved successfully.
File\Folder C:\WINDOWS\setup_9.0.0.722_30.03.2011_00-33drv.spi not found.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Administrator\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 140039 bytes
->Temporary Internet Files folder emptied: 320075 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22897727 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 734 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: student
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 22,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: student
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 03302011_234150
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_30.03.2011_00-33.lnk not found!
C:\WINDOWS\temp\hlktmp moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_65c.dat not found!
Registry entries deleted on Reboot...
----------------------------------------------------------------------------
http://www.virustotal.com/file-scan/rep ... 1301521620
http://www.virustotal.com/file-scan/rep ... 1301521494
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
Je to OK!
Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} http://88.146.134.61:5550/WebCamX.cab (WebCamX ControlPokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím o kontrolu logu, měl jsem nějakého škůdce v NB
fixnuto, vyčištěno.
Moc děkuju za Tvůj čas a rady!
Moc děkuju za Tvůj čas a rady!
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 69 hostů