Zpomalený notebook, prosím o kontrolu logu

Prince · Příspěvekod **Prince** » 11 lis 2009 19:03

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:12, on 11.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Prin\Plocha\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Prin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {00567C17-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: (no name) - {0159F05D-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: (no name) - {0567C174-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {516B16E3-E30E-4EF3-B8A8-2E70D4743383} - (no file)
O2 - BHO: (no name) - {534C76B9-3B8A-47A0-8D7A-3AFBEA97CA35} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Prin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster 2010\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: fccaATKd - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate1c9eb9efb6f3c83) (gupdate1c9eb9efb6f3c83) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10736 bytes

Reklama

Prince · Příspěvekod **Prince** » 17 lis 2009 01:15

PProsím vás, pomozte mi někdo. Mám tam červíka... minimálně proces csrss.exe je červík, ale jak na něj? a co ostatní viry?

Příspěvekod **jaro3** » 17 lis 2009 11:37

Odinstaluj:
DAEMON Tools Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Prin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {00567C17-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: (no name) - {0159F05D-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: (no name) - {0567C174-4DB5-4E29-AAFD-38EF98AA038a} - (no file)
O2 - BHO: (no name) - {516B16E3-E30E-4EF3-B8A8-2E70D4743383} - (no file)
O2 - BHO: (no name) - {534C76B9-3B8A-47A0-8D7A-3AFBEA97CA35} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Prin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O20 - Winlogon Notify: fccaATKd - C:\WINDOWS\

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Prince · Příspěvekod **Prince** » 17 lis 2009 22:36

Děkuji za snahu a pomoc!

Malwarebytes' Anti-Malware 1.41
Verze databáze: 3189
Windows 5.1.2600 Service Pack 3

17.11.2009 22:35:33
mbam-log-2009-11-17 (22-35-30).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 101575
Uplynulý čas: 5 minute(s), 31 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{516b16e3-e30e-4ef3-b8a8-2e70d4743383} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{516b16e3-e30e-4ef3-b8a8-2e70d4743383} (Trojan.Vundo) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.

Příspěvekod **jaro3** » 18 lis 2009 08:29

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Vypni rez. ochranu u Avastu.

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Prince · Příspěvekod **Prince** » 18 lis 2009 16:39

Krucinál, zapomněl jsem tady vložit ten log z MbAM před tím, než mi ten program restartoval PC. Připadám si jako trouba :lol:

. A při běhu Combofixu se chtěl počítač taky restartovat, dal jsem artovat, dal jsem "ANO" a počítač se restartoval, zase naběhl ComboFix, ale potom najednou zčernala obrazovka a znovu se to restartovalo.. potom ComboFix už nenaběhl. Tak tady jsou logy z druhého spuštění ComboFixu, které nevyžadovalo restart.
log.txt
ComboFix 09-11-18.06 - Prin 18.11.2009 16:16.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1789.1240 [GMT 1:00]
Spuštěný z: c:\documents and settings\Prin\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091118-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
C:\nonficker.dll
c:\windows\system32\ieuinit.inf
c:\windows\system32\oem6.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AAAAANONFICKER
-------\Service_aaaaanonficker

((((((((((((((((((((((((( Soubory vytvořené od 2009-10-18 do 2009-11-18 )))))))))))))))))))))))))))))))
.

2009-11-18 15:16 . 2008-04-13 22:10 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-18 15:16 . 2008-04-13 22:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-17 21:28 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-17 21:28 . 2009-11-17 21:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-17 21:28 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 17:53 . 2009-11-11 17:53 -------- d-----w- c:\program files\Uniblue
2009-11-10 12:02 . 2009-11-10 12:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-09 17:58 . 2009-11-09 17:58 -------- d-----w- C:\Advanced Wheel Mouse
2009-11-09 17:58 . 2004-04-26 07:38 6885 ----a-w- c:\windows\system32\drivers\whmice2k.sys
2009-11-08 23:09 . 2009-11-08 23:09 -------- d-----w- c:\program files\CCleaner
2009-11-04 21:09 . 2009-11-04 21:09 -------- d-----w- c:\program files\GamePark
2009-11-04 20:31 . 2009-11-04 20:31 -------- d-----w- c:\program files\Activision
2009-11-04 20:29 . 2009-11-04 20:29 -------- d-sh--w- c:\windows\ftpcache
2009-11-03 17:52 . 2009-11-03 17:52 -------- d-----w- c:\documents and settings\Prin\Bluetooth Software
2009-11-03 17:46 . 2008-05-14 07:08 74688 ----a-w- c:\windows\system32\drivers\btwusb.sys
2009-11-03 17:46 . 2008-05-14 07:08 106557 ----a-w- c:\windows\system32\btw_ci.dll
2009-11-03 17:46 . 2008-05-14 07:08 879624 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2009-11-03 17:46 . 2008-05-14 07:08 539512 ----a-w- c:\windows\system32\drivers\btaudio.sys
2009-11-03 17:46 . 2008-05-14 07:08 37424 ----a-w- c:\windows\system32\drivers\btport.sys
2009-11-03 17:46 . 2008-05-14 07:08 156392 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2009-11-03 17:46 . 2009-11-03 17:46 -------- d-----w- c:\program files\WIDCOMM
2009-10-27 18:21 . 2009-10-27 18:21 -------- d-----w- c:\program files\WinSCP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-11 21:46 . 2009-09-10 19:28 -------- d-----w- c:\program files\Garena
2009-11-11 12:07 . 2009-10-14 18:56 -------- d-----w- c:\program files\Steam
2009-11-10 21:44 . 2009-03-22 21:54 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-10 21:44 . 2009-03-22 21:53 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-04 21:16 . 2009-03-22 21:53 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-04 20:39 . 2008-10-14 13:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-26 16:14 . 2008-10-14 13:13 -------- d-----w- c:\program files\ATI Technologies
2009-10-12 16:08 . 2001-10-25 14:00 78108 ----a-w- c:\windows\system32\perfc005.dat
2009-10-12 16:08 . 2001-10-25 14:00 427904 ----a-w- c:\windows\system32\perfh005.dat
2009-10-11 23:20 . 2009-10-11 23:19 -------- d-----w- c:\program files\sges-v3-prelude
2009-10-11 23:17 . 2009-10-11 23:08 -------- d-----w- c:\program files\NetBeans 6.7.1
2009-10-11 23:06 . 2009-10-11 23:06 -------- d-----w- c:\program files\Sun
2009-10-11 23:04 . 2009-10-05 20:46 -------- d-----w- c:\program files\Java
2009-10-07 18:43 . 2009-10-06 21:07 -------- d-----w- c:\program files\Microsoft Games
2009-10-05 20:46 . 2009-10-05 20:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-04 22:02 . 2009-10-04 22:02 -------- d-----w- c:\program files\VideoLAN
2009-09-30 12:14 . 2009-09-30 12:14 -------- d-----w- c:\program files\Alwil Software
2009-09-29 22:24 . 2008-10-14 13:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-29 22:24 . 2008-10-14 13:01 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-27 08:22 . 2009-09-27 08:22 -------- d-----w- c:\program files\VentriloMIX
2009-09-25 15:35 . 2009-03-11 09:01 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-09-25 11:59 . 2009-09-25 09:03 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-24 14:14 . 2008-10-14 13:32 -------- d-----w- c:\program files\Broadcom
2009-09-23 22:59 . 2008-07-31 11:42 4481024 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-23 22:39 . 2008-07-31 11:02 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-23 22:38 . 2008-07-31 11:00 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-23 22:21 . 2008-07-31 10:51 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-23 22:21 . 2009-02-04 04:44 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-23 22:21 . 2008-07-31 10:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-23 22:20 . 2008-07-31 10:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-23 22:20 . 2008-07-31 10:50 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-23 22:19 . 2008-07-31 10:48 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-23 22:17 . 2008-07-31 10:47 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-23 22:11 . 2008-07-31 10:57 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-23 22:09 . 2008-07-31 10:38 3506080 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-23 21:58 . 2008-07-31 10:10 12644352 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-23 21:53 . 2008-07-31 10:26 2096384 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-23 21:53 . 2008-07-31 10:26 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-23 21:53 . 2008-07-31 10:26 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-23 21:36 . 2009-09-23 21:36 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-09-23 21:36 . 2008-07-31 10:13 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-23 21:32 . 2008-07-31 10:09 561152 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-23 21:31 . 2009-02-04 02:43 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-23 21:31 . 2009-02-04 02:42 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-23 21:30 . 2008-07-31 10:08 167936 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-23 21:29 . 2008-07-31 10:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-23 21:29 . 2009-02-04 02:40 3489792 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-23 21:28 . 2008-07-31 10:07 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-23 21:27 . 2008-07-31 10:05 401408 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-23 21:23 . 2008-07-31 10:01 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-22 21:46 . 2008-10-14 15:19 -------- d-----w- c:\program files\QIP
2009-09-22 18:58 . 2008-10-14 13:24 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-15 10:59 . 2009-09-30 12:14 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 10:56 . 2009-09-30 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 10:56 . 2009-09-30 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 10:55 . 2009-09-30 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 10:55 . 2009-09-30 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-15 10:54 . 2009-09-30 12:14 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-15 10:54 . 2009-09-30 12:14 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 10:53 . 2009-09-30 12:14 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 10:53 . 2009-09-30 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-10 19:32 . 2009-09-10 19:32 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-09-01 19:55 . 2008-06-10 15:50 195855 ----a-w- c:\windows\system32\atiicdxx.dat
2007-10-26 05:59 . 2008-10-14 22:12 66408 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-10-26 05:59 . 2008-10-14 22:12 54112 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-10-26 05:59 . 2008-10-14 22:12 34688 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-10-26 05:59 . 2008-10-14 22:12 46456 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-10-26 05:59 . 2008-10-14 22:12 171880 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"Google Update"="c:\documents and settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-10-14 133104]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"="c:\program files\Uniblue\RegistryBooster 2010\launcher.exe" [2009-09-29 59184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-05 149280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-08-21 151552]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2005-07-22 28160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-10-14 528384]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\hry\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\hry\\UT2004\\System\\UT2004.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2257:TCP"= 2257:TCP:wnprabbq

R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28.3.2008 9:14 24064]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30.9.2009 13:14 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.9.2009 13:14 20560]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [14.10.2008 22:42 193840]
R3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\drivers\whmice2k.sys [9.11.2009 18:58 6885]
S2 emrwmkks;Support Monitor;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S2 gtirrz;Task System;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S2 gupdate1c9eb9efb6f3c83;Služba Google Update (gupdate1c9eb9efb6f3c83);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2009 21:47 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp --> c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp [?]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys --> c:\windows\system32\DRIVERS\SCR3XX2K.sys [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - CLASSPNP_2
*Deregistered* - CLASSPNP_2
*Deregistered* - mbr
*Deregistered* - PROCEXP113

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
emrwmkks
.
Obsah adresáře 'Naplánované úlohy'

2009-11-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-12 20:45]

2009-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ca5b32ec9732a7.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-12 20:47]

2009-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-12 20:47]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Prin\Data aplikací\Mozilla\Firefox\Profiles\70ba2mev.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{0567C174-4DB5-4E29-AAFD-38EF98AA038a} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 16:25
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\docume~1\Prin\LOCALS~1\Temp\Perflib_Perfdata_ed4.dat 16384 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys prosync1.sys atapi.sys spva.sys >>UNKNOWN [0x8A567938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf7246cb8
\Driver\atapi -> prosync1.sys @ 0xf79916c1
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

atapi.sys @ 0x0 0x0 bytes

\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF79916C1 prosync1.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF71DBB40 atapi.sys
\Driver\atapi IRP hooks detected !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\emrwmkks]
"ServiceDll"="c:\windows\system32\xzrgg.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gtirrz]
"ServiceDll"="c:\windows\system32\xzrgg.dll"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3084)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\btmmhook.dll
.
Celkový čas: 2009-11-18 16:26
ComboFix-quarantined-files.txt 2009-11-18 15:26

Před spuštěním: Volných bajtů: 46 236 053 504
Po spuštění: Volných bajtů: 46 191 284 224

- - End Of File - - 251F72BB08CCD566207F669598E6D4AD
[/code]
ComboFix.txt
[code]ComboFix 09-11-18.06 - Prin 18.11.2009 16:16.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1789.1240 [GMT 1:00]
Spuštěný z: c:\documents and settings\Prin\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091118-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
C:\nonficker.dll
c:\windows\system32\ieuinit.inf
c:\windows\system32\oem6.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AAAAANONFICKER
-------\Service_aaaaanonficker

((((((((((((((((((((((((( Soubory vytvořené od 2009-10-18 do 2009-11-18 )))))))))))))))))))))))))))))))
.

2009-11-18 15:16 . 2008-04-13 22:10 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-18 15:16 . 2008-04-13 22:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-17 21:28 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-17 21:28 . 2009-11-17 21:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-17 21:28 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-11 17:53 . 2009-11-11 17:53 -------- d-----w- c:\program files\Uniblue
2009-11-10 12:02 . 2009-11-10 12:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-09 17:58 . 2009-11-09 17:58 -------- d-----w- C:\Advanced Wheel Mouse
2009-11-09 17:58 . 2004-04-26 07:38 6885 ----a-w- c:\windows\system32\drivers\whmice2k.sys
2009-11-08 23:09 . 2009-11-08 23:09 -------- d-----w- c:\program files\CCleaner
2009-11-04 21:09 . 2009-11-04 21:09 -------- d-----w- c:\program files\GamePark
2009-11-04 20:31 . 2009-11-04 20:31 -------- d-----w- c:\program files\Activision
2009-11-04 20:29 . 2009-11-04 20:29 -------- d-sh--w- c:\windows\ftpcache
2009-11-03 17:52 . 2009-11-03 17:52 -------- d-----w- c:\documents and settings\Prin\Bluetooth Software
2009-11-03 17:46 . 2008-05-14 07:08 74688 ----a-w- c:\windows\system32\drivers\btwusb.sys
2009-11-03 17:46 . 2008-05-14 07:08 106557 ----a-w- c:\windows\system32\btw_ci.dll
2009-11-03 17:46 . 2008-05-14 07:08 879624 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2009-11-03 17:46 . 2008-05-14 07:08 539512 ----a-w- c:\windows\system32\drivers\btaudio.sys
2009-11-03 17:46 . 2008-05-14 07:08 37424 ----a-w- c:\windows\system32\drivers\btport.sys
2009-11-03 17:46 . 2008-05-14 07:08 156392 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2009-11-03 17:46 . 2009-11-03 17:46 -------- d-----w- c:\program files\WIDCOMM
2009-10-27 18:21 . 2009-10-27 18:21 -------- d-----w- c:\program files\WinSCP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-11 21:46 . 2009-09-10 19:28 -------- d-----w- c:\program files\Garena
2009-11-11 12:07 . 2009-10-14 18:56 -------- d-----w- c:\program files\Steam
2009-11-10 21:44 . 2009-03-22 21:54 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-10 21:44 . 2009-03-22 21:53 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-04 21:16 . 2009-03-22 21:53 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-04 20:39 . 2008-10-14 13:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-26 16:14 . 2008-10-14 13:13 -------- d-----w- c:\program files\ATI Technologies
2009-10-12 16:08 . 2001-10-25 14:00 78108 ----a-w- c:\windows\system32\perfc005.dat
2009-10-12 16:08 . 2001-10-25 14:00 427904 ----a-w- c:\windows\system32\perfh005.dat
2009-10-11 23:20 . 2009-10-11 23:19 -------- d-----w- c:\program files\sges-v3-prelude
2009-10-11 23:17 . 2009-10-11 23:08 -------- d-----w- c:\program files\NetBeans 6.7.1
2009-10-11 23:06 . 2009-10-11 23:06 -------- d-----w- c:\program files\Sun
2009-10-11 23:04 . 2009-10-05 20:46 -------- d-----w- c:\program files\Java
2009-10-07 18:43 . 2009-10-06 21:07 -------- d-----w- c:\program files\Microsoft Games
2009-10-05 20:46 . 2009-10-05 20:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-04 22:02 . 2009-10-04 22:02 -------- d-----w- c:\program files\VideoLAN
2009-09-30 12:14 . 2009-09-30 12:14 -------- d-----w- c:\program files\Alwil Software
2009-09-29 22:24 . 2008-10-14 13:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-29 22:24 . 2008-10-14 13:01 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-27 08:22 . 2009-09-27 08:22 -------- d-----w- c:\program files\VentriloMIX
2009-09-25 15:35 . 2009-03-11 09:01 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-09-25 11:59 . 2009-09-25 09:03 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-24 14:14 . 2008-10-14 13:32 -------- d-----w- c:\program files\Broadcom
2009-09-23 22:59 . 2008-07-31 11:42 4481024 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-23 22:39 . 2008-07-31 11:02 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-23 22:38 . 2008-07-31 11:00 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-23 22:21 . 2008-07-31 10:51 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-23 22:21 . 2009-02-04 04:44 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-23 22:21 . 2008-07-31 10:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-23 22:20 . 2008-07-31 10:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-23 22:20 . 2008-07-31 10:50 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-23 22:19 . 2008-07-31 10:48 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-23 22:17 . 2008-07-31 10:47 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-23 22:11 . 2008-07-31 10:57 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-23 22:09 . 2008-07-31 10:38 3506080 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-23 21:58 . 2008-07-31 10:10 12644352 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-23 21:53 . 2008-07-31 10:26 2096384 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-23 21:53 . 2008-07-31 10:26 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-23 21:53 . 2008-07-31 10:26 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-23 21:36 . 2009-09-23 21:36 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-09-23 21:36 . 2008-07-31 10:13 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-23 21:32 . 2008-07-31 10:09 561152 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-23 21:31 . 2009-02-04 02:43 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-23 21:31 . 2009-02-04 02:42 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-23 21:30 . 2008-07-31 10:08 167936 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-23 21:29 . 2008-07-31 10:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-23 21:29 . 2009-02-04 02:40 3489792 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-23 21:28 . 2008-07-31 10:07 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-23 21:27 . 2008-07-31 10:05 401408 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-23 21:23 . 2008-07-31 10:01 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-22 21:46 . 2008-10-14 15:19 -------- d-----w- c:\program files\QIP
2009-09-22 18:58 . 2008-10-14 13:24 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-15 10:59 . 2009-09-30 12:14 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 10:56 . 2009-09-30 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 10:56 . 2009-09-30 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 10:55 . 2009-09-30 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 10:55 . 2009-09-30 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-15 10:54 . 2009-09-30 12:14 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-15 10:54 . 2009-09-30 12:14 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 10:53 . 2009-09-30 12:14 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 10:53 . 2009-09-30 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-10 19:32 . 2009-09-10 19:32 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-09-01 19:55 . 2008-06-10 15:50 195855 ----a-w- c:\windows\system32\atiicdxx.dat
2007-10-26 05:59 . 2008-10-14 22:12 66408 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-10-26 05:59 . 2008-10-14 22:12 54112 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-10-26 05:59 . 2008-10-14 22:12 34688 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-10-26 05:59 . 2008-10-14 22:12 46456 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-10-26 05:59 . 2008-10-14 22:12 171880 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"Google Update"="c:\documents and settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-10-14 133104]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"="c:\program files\Uniblue\RegistryBooster 2010\launcher.exe" [2009-09-29 59184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-05 149280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-08-21 151552]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2005-07-22 28160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-10-14 528384]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\hry\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\hry\\UT2004\\System\\UT2004.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2257:TCP"= 2257:TCP:wnprabbq

R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28.3.2008 9:14 24064]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30.9.2009 13:14 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.9.2009 13:14 20560]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [14.10.2008 22:42 193840]
R3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\drivers\whmice2k.sys [9.11.2009 18:58 6885]
S2 emrwmkks;Support Monitor;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S2 gtirrz;Task System;c:\windows\system32\svchost.exe -k netsvcs [17.8.2004 14:49 14336]
S2 gupdate1c9eb9efb6f3c83;Služba Google Update (gupdate1c9eb9efb6f3c83);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2009 21:47 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp --> c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp [?]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys --> c:\windows\system32\DRIVERS\SCR3XX2K.sys [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - CLASSPNP_2
*Deregistered* - CLASSPNP_2
*Deregistered* - mbr
*Deregistered* - PROCEXP113

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
emrwmkks
.
Obsah adresáře 'Naplánované úlohy'

2009-11-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-12 20:45]

2009-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ca5b32ec9732a7.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-12 20:47]

2009-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-12 20:47]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Prin\Data aplikací\Mozilla\Firefox\Profiles\70ba2mev.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{0567C174-4DB5-4E29-AAFD-38EF98AA038a} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 16:25
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\docume~1\Prin\LOCALS~1\Temp\Perflib_Perfdata_ed4.dat 16384 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys prosync1.sys atapi.sys spva.sys >>UNKNOWN [0x8A567938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf7246cb8
\Driver\atapi -> prosync1.sys @ 0xf79916c1
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

atapi.sys @ 0x0 0x0 bytes

\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xF79916C1 prosync1.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xF71DBB40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xF71DBB40 atapi.sys
\Driver\atapi IRP hooks detected !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\emrwmkks]
"ServiceDll"="c:\windows\system32\xzrgg.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gtirrz]
"ServiceDll"="c:\windows\system32\xzrgg.dll"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3084)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\btmmhook.dll
.
Celkový čas: 2009-11-18 16:26
ComboFix-quarantined-files.txt 2009-11-18 15:26

Před spuštěním: Volných bajtů: 46 236 053 504
Po spuštění: Volných bajtů: 46 191 284 224

- - End Of File - - 251F72BB08CCD566207F669598E6D4AD

Prince · Příspěvekod **Prince** » 18 lis 2009 17:18

Ou. Když jsem psal poslední příspěvek, tak mi přestala fungovat USB myš, takže jsem restartoval počítač.... pokaždé naběhla modrá smrt a restartovalo se to samo znovu, takže jsem zkoušel spouštět v režimu nouze (bylo to to samé) nakonec jsem se do Windows dostal přes "poslední známé funkční nastavení". Hups ? :-) :huh:

Příspěvekod **jaro3** » 18 lis 2009 18:47

no jo...

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\docume~1\Prin\LOCALS~1\Temp\EVA435.tmp

Driver::
wnprabbq
emrwmkks;Support Monitor
emrwmkks
gtirrz;Task System
gtirrz
GarenaPEngine;GarenaPEngine
GarenaPEngine

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2257:TCP"=-

NetSvcs::
emrwmkks

Firefox::
FF - ProfilePath - c:\documents and settings\Prin\Data aplikací\Mozilla\Firefox\Profiles\70ba2mev.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=

FCopy::
c:\windows\system32\dllcache\atapi.sys | c:\windows\system32\drivers\atapi.sys

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Prince · Příspěvekod **Prince** » 18 lis 2009 21:45

Zase se po restartování ntb,které si vyvolal ComboFix, znovu samovolně restartoval počítač, ale jakoby natvrdo... najednou černá obrazovka a nabíhání BIOSu atd...

Příspěvekod **jaro3** » 18 lis 2009 21:47

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou )

na plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění)a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All.. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTListIt.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Zítra..

Prince · Příspěvekod **Prince** » 18 lis 2009 23:29

OTL logfile created on: 18.11.2009 23:24:55 - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\Prin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 70,18% Memory free
3,60 Gb Paging File | 3,11 Gb Available in Paging File | 86,55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 42,99 Gb Free Space | 18,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRINCENTB
Current User Name: Prin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Prin\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe ()
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE (Logitech Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Prin\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\mslbui.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech Inc.)
MOD - C:\Program Files\Logitech\SetPoint\gamehook.dll (Logitech Inc.)

========== Win32 Services (SafeList) ==========

SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (gupdate1c9eb9efb6f3c83) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (hpqwmiex) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Com4QLBEx) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (hpdskflt) -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (SFAUDIO) -- C:\WINDOWS\system32\drivers\sfaudio.sys (Sonic Focus, Inc)
DRV - (AEAudio) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (Amusbprt) -- C:\WINDOWS\system32\drivers\Amusbprt.sys (A4Tech Co.,Ltd.)
DRV - (Amfilter) -- C:\WINDOWS\system32\drivers\Amfilter.sys (A4Tech Co.,Ltd.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (sfvfs02) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (LHidKe) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042MOU.SYS (Logitech, Inc.)
DRV - (sfhlp02) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (whmice2k) -- C:\WINDOWS\system32\drivers\whmice2k.sys ()
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.10.05 21:47:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.10.16 20:12:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.10.05 21:47:20 | 00,000,000 | ---D | M]

[2008.10.14 23:13:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\Mozilla\Firefox\Profiles\70ba2mev.default\extensions
[2009.09.22 22:46:15 | 00,002,061 | ---- | M] () -- C:\Documents and Settings\Prin\Data aplikací\Mozilla\Firefox\Profiles\70ba2mev.default\searchplugins\qipsearch.xml
[2009.11.03 11:23:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.10.14 23:12:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.10.05 21:47:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2008.10.14 23:12:37 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2007.10.26 06:59:54 | 00,066,408 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007.10.26 06:59:54 | 00,054,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007.10.26 06:59:54 | 00,034,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007.10.26 06:59:54 | 00,046,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007.10.26 06:59:54 | 00,171,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2009.10.05 21:47:00 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2007.10.26 06:59:54 | 00,022,400 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2008.10.16 20:11:59 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2008.10.16 20:12:00 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2008.10.16 20:12:01 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2008.10.16 20:12:01 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2008.10.16 20:12:01 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2008.10.16 20:12:01 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2008.10.16 20:12:01 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006.06.04 21:11:07 | 00,001,118 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\centrum-cz.xml
[2007.01.17 23:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2006.06.04 21:11:07 | 00,000,661 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2006.06.04 21:11:07 | 00,001,674 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2006.08.25 16:16:33 | 00,001,302 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2006.06.04 21:11:07 | 00,000,765 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Prin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.14 14:02:12 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.11.18 23:23:35 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Prin\Plocha\OTL.exe
[2009.11.18 23:14:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Recent
[2009.11.18 21:37:23 | 00,024,624 | ---- | C] (Hewlett-Packard Corporation) -- C:\WINDOWS\System32\drivers\hpdskflt_2.sys
[2009.11.18 21:14:48 | 00,096,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atapi.sys
[2009.11.18 21:14:48 | 00,096,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2009.11.18 14:17:28 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009.11.18 14:16:13 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.11.18 14:16:13 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.11.18 14:16:13 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.11.18 14:16:13 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.11.18 14:16:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.11.18 01:11:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Data aplikací\dvdcss
[2009.11.17 22:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Data aplikací\Malwarebytes
[2009.11.17 22:28:59 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.11.17 22:28:57 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.11.17 22:28:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.11.17 22:28:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.11.17 22:26:29 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Prin\Plocha\mbam-setup.exe
[2009.11.17 22:24:58 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Prin\Plocha\ATF-Cleaner.exe
[2009.11.17 22:24:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Plocha\backups
[2009.11.11 18:53:59 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009.11.10 14:47:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Plocha\phpbb3.0.5_cs
[2009.11.10 13:02:55 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009.11.10 13:02:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2009.11.09 18:58:20 | 00,000,000 | ---D | C] -- C:\Advanced Wheel Mouse
[2009.11.09 00:09:38 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009.11.04 22:16:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\PunkBuster
[2009.11.04 22:09:56 | 00,000,000 | ---D | C] -- C:\Program Files\GamePark
[2009.11.04 21:31:23 | 00,000,000 | ---D | C] -- C:\Program Files\Activision
[2009.11.04 21:29:17 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009.11.04 12:15:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Data aplikací\vlc
[2009.11.03 18:52:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Bluetooth Software
[2009.11.03 18:52:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Prin\Dokumenty\Bluetooth Exchange Folder
[2009.11.03 18:46:51 | 00,106,557 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\btw_ci.dll
[2009.11.03 18:46:51 | 00,074,688 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btwusb.sys
[2009.11.03 18:46:50 | 00,879,624 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btkrnl.sys
[2009.11.03 18:46:50 | 00,539,512 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btaudio.sys
[2009.11.03 18:46:50 | 00,156,392 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btwdndis.sys
[2009.11.03 18:46:50 | 00,037,424 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\System32\drivers\btport.sys
[2009.11.03 18:46:37 | 00,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2009.10.27 19:21:48 | 00,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2009.10.26 17:20:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ATI
[2008.10.14 14:34:03 | 00,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2008.10.14 14:33:59 | 00,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009.11.18 23:23:42 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Prin\Plocha\OTL.exe
[2009.11.18 23:11:05 | 00,455,680 | ---- | M] () -- C:\Documents and Settings\Prin\Plocha\ToolsCleaner2.exe
[2009.11.18 21:38:53 | 00,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009.11.18 21:38:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.11.18 21:38:05 | 18,757,59104 | -HS- | M] () -- C:\hiberfil.sys
[2009.11.18 21:37:02 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.11.18 21:36:43 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.11.18 21:21:47 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Prin\ntuser.ini
[2009.11.18 21:21:46 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Prin\NTUSER.DAT
[2009.11.18 18:07:08 | 01,017,012 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.11.18 18:07:08 | 00,430,830 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.11.18 18:07:08 | 00,427,904 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2009.11.18 18:07:08 | 00,078,108 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2009.11.18 18:07:08 | 00,067,554 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.11.18 14:17:37 | 00,000,293 | RHS- | M] () -- C:\boot.ini
[2009.11.18 14:10:10 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.11.18 13:24:08 | 03,565,213 | R--- | M] () -- C:\Documents and Settings\Prin\Plocha\ComboFix.exe
[2009.11.17 22:29:02 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.11.17 22:28:26 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Prin\Plocha\mbam-setup.exe
[2009.11.17 22:24:59 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Prin\Plocha\ATF-Cleaner.exe
[2009.11.17 00:59:08 | 00,002,250 | ---- | M] () -- C:\Documents and Settings\Prin\Plocha\Google Chrome.lnk
[2009.11.14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.11.12 15:28:35 | 00,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2009.11.12 02:41:40 | 00,000,377 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2009.11.12 02:10:31 | 00,079,872 | ---- | M] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.12 02:04:53 | 00,001,159 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2009.11.11 18:54:00 | 00,000,774 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\RegistryBooster 2010.lnk
[2009.11.10 22:44:42 | 00,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.11.10 22:44:13 | 00,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009.11.10 22:44:13 | 00,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.11.10 17:31:04 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\PUTTY.RND
[2009.11.10 17:30:59 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Prin\Data aplikací\winscp.rnd
[2009.11.10 13:03:02 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Prin\Plocha\Spybot - Search & Destroy.lnk
[2009.11.09 00:09:39 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Prin\Plocha\CCleaner.lnk
[2009.11.04 22:16:49 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.11.04 21:39:54 | 00,000,287 | ---- | M] () -- C:\WINDOWS\game.ini
[2009.11.04 12:14:27 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2009.11.03 18:46:43 | 00,000,637 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
[2009.11.03 11:47:23 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.11.01 21:36:00 | 00,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5b32ec9732a7.job
[2009.10.27 19:21:49 | 00,001,464 | ---- | M] () -- C:\Documents and Settings\Prin\Plocha\WinSCP.lnk
[2009.10.26 17:18:22 | 02,638,288 | -H-- | M] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\IconCache.db
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.11.18 23:11:03 | 00,455,680 | ---- | C] () -- C:\Documents and Settings\Prin\Plocha\ToolsCleaner2.exe
[2009.11.18 14:17:37 | 00,000,223 | ---- | C] () -- C:\Boot.bak
[2009.11.18 14:17:32 | 00,261,312 | ---- | C] () -- C:\cmldr
[2009.11.18 14:16:13 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.11.18 14:16:13 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.11.18 14:16:13 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.11.18 14:16:13 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.11.18 13:23:36 | 03,565,213 | R--- | C] () -- C:\Documents and Settings\Prin\Plocha\ComboFix.exe
[2009.11.17 22:29:02 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.11.11 18:54:00 | 00,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\RegistryBooster 2010.lnk
[2009.11.10 13:03:02 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Prin\Plocha\Spybot - Search & Destroy.lnk
[2009.11.09 18:58:16 | 00,006,885 | ---- | C] () -- C:\WINDOWS\System32\drivers\whmice2k.sys
[2009.11.09 00:09:39 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Prin\Plocha\CCleaner.lnk
[2009.11.04 22:18:13 | 00,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009.11.04 21:39:54 | 00,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.11.04 12:14:27 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2009.11.03 18:46:43 | 00,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
[2009.11.01 21:36:00 | 00,000,936 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5b32ec9732a7.job
[2009.10.27 19:21:51 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Prin\Data aplikací\winscp.rnd
[2009.10.27 19:21:49 | 00,001,464 | ---- | C] () -- C:\Documents and Settings\Prin\Plocha\WinSCP.lnk
[2009.10.12 17:30:12 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\PUTTY.RND
[2009.09.22 20:00:39 | 00,000,180 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
[2009.05.12 08:54:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009.03.22 22:54:34 | 00,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.03.22 22:54:33 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Prin\Data aplikací\PnkBstrK.sys
[2008.10.19 12:57:47 | 00,000,283 | ---- | C] () -- C:\WINDOWS\THPS3.INI
[2008.10.18 15:40:43 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\FnF4.txt
[2008.10.16 10:17:24 | 00,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2008.10.14 22:46:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\AtStart.txt
[2008.10.14 21:21:53 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.10.14 20:58:49 | 00,079,872 | ---- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.14 18:31:25 | 00,001,159 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.10.14 18:23:45 | 00,000,377 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.10.14 16:56:40 | 00,000,123 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2008.10.14 16:22:30 | 00,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.10.14 16:16:25 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.10.14 16:16:24 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.10.14 15:59:51 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.10.14 14:36:48 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
[2008.10.14 14:34:03 | 01,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2008.10.14 14:34:03 | 00,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2008.10.14 14:34:03 | 00,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2008.10.14 14:28:20 | 00,079,408 | ---- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2008.10.14 14:26:14 | 02,638,288 | -H-- | C] () -- C:\Documents and Settings\Prin\Local Settings\Data aplikací\IconCache.db
[2008.10.14 14:25:31 | 00,000,004 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2008.10.14 14:07:43 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Prin\Data aplikací\desktop.ini
[2008.05.12 14:51:50 | 02,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.07.02 21:37:12 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006.07.02 21:37:10 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006.04.19 19:21:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006.04.19 19:21:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2005.02.17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.25 15:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini
[2001.10.25 15:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[1997.06.14 02:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996.04.03 20:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009.10.26 17:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ATI
[2009.09.25 13:00:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Blizzard
[2009.09.26 21:44:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
[2008.10.14 15:42:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.10.28 23:46:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2008.10.14 14:28:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\ATI
[2009.05.04 07:14:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\Corel
[2008.10.14 15:59:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\DAEMON Tools
[2008.10.17 17:17:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\EditPlus 3
[2008.10.14 15:45:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\ESET
[2008.12.16 13:15:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\fltk.org
[2008.11.13 12:45:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\Red Alert 3
[2009.02.02 10:37:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\Soldat
[2009.11.11 18:54:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\Uniblue
[2009.09.25 09:17:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Prin\Data aplikací\uTorrent
[2001.10.25 15:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.09.30 14:46:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

Prince · Příspěvekod **Prince** » 18 lis 2009 23:29

OTL Extras logfile created on: 18.11.2009 23:24:55 - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\Prin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 70,18% Memory free
3,60 Gb Paging File | 3,11 Gb Available in Paging File | 86,55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 42,99 Gb Free Space | 18,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRINCENTB
Current User Name: Prin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\hry\Counter-Strike Source\hl2.exe" = C:\hry\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\hry\Red Alert 3\Data\ra3_1.0.game" = C:\hry\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found
"C:\hry\TrackMania Nations ESWC\TmNationsESWC.exe" = C:\hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- ()
"C:\hry\UT2004\System\UT2004.exe" = C:\hry\UT2004\System\UT2004.exe:*:Enabled:UT2004 -- ()
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05EF81B7-8BD4-FE4B-F270-5261A1642825}" = Catalyst Control Center Graphics Full New
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0F6E17CB-0565-44A7-8C36-941EA56B215E}" = Worms World Party
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2519B5EE-F78D-5C29-7C4F-C5990A3F238C}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{278F4C5A-F506-9A2E-E6E9-33CCF2E19431}" = CCC Help English
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{32A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java(TM) SE Development Kit 6 Update 16
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 F1
"{350C8109-F3BE-132E-A8BE-7E009307C82D}" = Catalyst Control Center Core Implementation
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5E29596E-CF90-8E17-8787-B3D1187D86F5}" = Catalyst Control Center Graphics Previews Common
"{629BA0F6-5086-7BC6-ECA8-672D43BD8700}" = ccc-utility
"{62D09678-2986-576C-6705-B38696DFFEE9}" = ccc-core-static
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{81E76DE9-BBCB-449C-91BB-6E4E5436D496}" = Adobe Audition 1.0
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{95774351-6087-3A3B-8CA8-70BEE49D2BD5}" = Google Gears
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBF5C82E-78DE-48CD-9A83-B6D4E0AB7785}_is1" = CzechRO All-In-One Pack 24.2.2009
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CADE0A0E-BE88-28D9-5A87-32924A2724C2}" = Catalyst Control Center Graphics Light
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D842AD6B-D020-1B3A-682E-BC01B063D5B8}" = Catalyst Control Center HydraVision Full
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED8BA12A-AD99-4E61-9E4B-AB64957999AE}" = HP 3D DriveGuard
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F85A5298-800C-C16F-787A-900083B0B813}" = ccc-core-preinstall
"{F8718F95-21A1-44B9-97EC-679C93020BAE}" = Colin McRae Rally 04
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"µTorrent CZ_is1" = µTorrent CZ 1.7.5 (build 4602)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1" = Age of Empires II - The Conquerors - 1.0e Patch FINAL
"Age of Empires II - The Conquerors - 1.0e Patch_is1" = Age of Empires II - The Conquerors - 1.0e Patch
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Age of Mythology 1.0" = Age of Mythology
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dethkarz" = Dethkarz
"EditPlus 3" = EditPlus 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 1928] [2008-04-10]
"GameParkClient_is1" = GamePark
"Garena" = Garena
"Google Updater" = Google Updater
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{0F6E17CB-0565-44A7-8C36-941EA56B215E}" = Worms World Party
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"MotorM4X" = MotorM4X
"Mozilla Firefox (2.0.0.9)" = Mozilla Firefox (2.0.0.9)
"nbi-glassfish-mod-sun-3.0.0.28.20090708" = Sun GlassFish Enterprise Server v3 Prelude
"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1
"nbi-sjsas-2.1.60.20090309.0" = Sun GlassFish Enterprise Server v2.1
"NOD32 v3.x FiX 1.1 by TemDono_is1" = NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Soldat_is1" = Soldat 1.4.2
"SpeedFan" = SpeedFan (remove only)
"Systronix RAD51" = Systronix RAD51
"TmNations_is1" = TrackMania Nations ESWC 0.1.7.9
"TmNationsForever_is1" = TmNationsForever
"Tony Hawk's Pro Skater 3®" = Tony Hawk's Pro Skater 3®
"UT2004" = Unreal Tournament 2004
"VentriloMIX" = VentriloMIX
"VLC media player" = VLC media player 1.0.3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WheelMouse" = Advanced Wheel Mouse 6.0.0.003
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.4 beta
"World of Warcraft" = World of Warcraft
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 30.9.2009 13:42:26 | Computer Name = PRINCENTB | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\windows\system32\xzrgg.dll failed, 00000005.

Error - 30.9.2009 13:42:34 | Computer Name = PRINCENTB | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\WINDOWS\system32\02.tmp failed, 00000005.

[ Application Events ]
Error - 18.11.2009 11:16:12 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 11:16:12 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 11:16:12 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 11:16:13 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 11:16:13 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 16:14:16 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Spojení se serverem nebylo navázáno.

Error - 18.11.2009 16:14:16 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 16:14:16 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 16:14:16 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 18.11.2009 16:14:17 | Computer Name = PRINCENTB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ OSession Events ]
Error - 4.2.2009 6:40:04 | Computer Name = PRINCENTB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 17.3.2009 7:46:15 | Computer Name = PRINCENTB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18.11.2009 13:02:26 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba hpqwmiex byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 18.11.2009 13:07:06 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Com4QLBEx byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Smart Card byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7031
Description = Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 18.11.2009 16:14:51 | Computer Name = PRINCENTB | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 18.11.2009 16:40:26 | Computer Name = PRINCENTB | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 864ed460, parametr3
864ed488, parametr4 0a050005.

< End of report >

Zpomalený notebook, prosím o kontrolu logu Vyřešeno

Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Re: Zpomalený notebook, prosím o kontrolu logu

Kdo je online