Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Security tool
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
pitimir
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Security tool
Skor to druhe, nepozdava sa mi to...mozem vidiet novy log z OTL? Treba ho znova spustit, tentokrat s nastavenim z mojho prveho postu. Dakujem.
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Bohdan
->Temp folder emptied: 622879 bytes
->Temporary Internet Files folder emptied: 42503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2384651 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,00 mb
OTL by OldTimer - Version 3.1.30.1 log created on 02222010_151209
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Bohdan
->Temp folder emptied: 622879 bytes
->Temporary Internet Files folder emptied: 42503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2384651 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,00 mb
OTL by OldTimer - Version 3.1.30.1 log created on 02222010_151209
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
po kazdem zapnuti pocitace v normalnim systemu se zhruba tak na 5 minut sekne a bezi vicemene normalne. uz se prestaly i obevovat neustale naskakujici okna security tool
-
pitimir
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Security tool
To znamena, ze treba spustit OTL, nastavit vsetko tak, ako si to spravil po prvy krat a spustit. Tentokrat vznikne len jeden log miesto uvodnych dvoch.pitimir píše:...tentokrat s nastavenim z mojho prveho postu. Dakujem.
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
OTL logfile created on: 24.2.2010 16:36:25 - Run 3
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Bohdan\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 19,93 Gb Free Space | 20,31% Space Free | Partition Type: NTFS
Drive D: | 3,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,06 Gb Free Space | 74,10% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HOME
Current User Name: Bohdan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
PRC - [2010.02.19 14:36:22 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009.10.09 13:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008.12.13 20:41:13 | 000,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008.11.26 18:18:51 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008.07.23 09:51:26 | 016,804,864 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008.07.01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008.06.18 11:01:56 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2008.02.01 08:20:14 | 002,194,744 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\BitComet.exe
PRC - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007.07.17 11:13:56 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007.07.17 11:13:34 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007.06.29 15:03:08 | 000,036,864 | ---- | M] (IGN Entertainment Inc.) -- C:\Program Files\GameSpy\Comrade\Comrade.exe
PRC - [2007.04.23 04:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007.04.11 15:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
PRC - [2006.11.12 11:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2006.03.01 19:43:20 | 000,090,112 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
MOD - [2008.07.25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2007.04.23 04:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.07.03 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2010.02.24 03:24:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009.05.09 18:01:46 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008.12.13 20:09:16 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.11.26 18:18:18 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2008.11.26 18:17:36 | 000,111,184 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.11.26 18:17:25 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.11.26 18:16:38 | 000,050,864 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.11.26 18:16:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.11.26 18:15:35 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.31 03:21:08 | 000,079,960 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2008.07.30 03:30:37 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.07.30 03:30:37 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.07.24 11:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.16 08:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.10.09 13:13:00 | 000,038,144 | ---- | M] (Realtek) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EAPPkt.sys -- (EAPPkt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.SYS -- (PQNTDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.20 00:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.19 14:36:25 | 000,000,000 | ---D | M]
[2008.12.13 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Extensions
[2010.02.24 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions
[2008.12.13 20:41:45 | 000,000,000 | ---D | M] (BitComet Helper) -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010.02.24 05:40:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.02.13 02:11:28 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.13 02:11:28 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.13 02:11:28 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.13 02:11:28 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.13 02:11:28 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.13 19:30:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.08.14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:30:29 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:31:16 | 005,085,696 | R--- | M] () - D:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:23:25 | 000,000,136 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{c671f0a8-c93a-11dd-9daa-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c671f0a8-c93a-11dd-9daa-806d6172696f}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2007.08.14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.12.13 20:12:42 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55172432624877568)
========== Files/Folders - Created Within 7 Days ==========
[2010.02.24 16:35:07 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
[2010.02.24 03:00:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.02.24 01:16:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\SecuROM
[2010.02.23 01:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.02.23 00:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\skypePM
[2010.02.23 00:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\Skype
[2010.02.23 00:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.02.23 00:32:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.02.23 00:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2010.02.23 00:01:38 | 002,025,768 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Bohdan\Plocha\SkypeSetup.exe
[2010.02.22 23:51:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bohdan\UserData
[2010.02.21 19:05:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.02.19 22:02:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.02.17 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.02.17 22:30:26 | 004,938,120 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Bohdan\Plocha\Silverlight.exe
[2009.02.14 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.12.13 20:39:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.12.13 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:30:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
========== Files - Modified Within 7 Days ==========
[2010.02.24 05:40:53 | 001,054,574 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.02.24 05:40:53 | 000,443,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.02.24 05:40:53 | 000,440,590 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.02.24 05:40:53 | 000,083,832 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.02.24 05:40:53 | 000,071,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.02.24 05:40:28 | 000,047,184 | ---- | M] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.24 03:24:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.02.24 03:24:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.24 03:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.24 03:24:11 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.24 03:23:19 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Bohdan\NTUSER.DAT
[2010.02.24 03:23:07 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Bohdan\ntuser.ini
[2010.02.24 03:06:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.02.24 03:02:46 | 000,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.02.23 00:37:17 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.02.23 00:32:44 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.02.23 00:04:19 | 002,025,768 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Bohdan\Plocha\SkypeSetup.exe
[2010.02.21 16:53:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
[2010.02.19 22:26:00 | 002,109,444 | -H-- | M] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\IconCache.db
[2010.02.19 22:01:10 | 000,000,016 | ---- | M] () -- C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat
[2010.02.19 22:01:07 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat
[2010.02.17 22:31:11 | 004,938,120 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Bohdan\Plocha\Silverlight.exe
========== Files Created - No Company Name ==========
[2010.02.23 00:37:17 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.02.23 00:32:44 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.02.19 22:01:10 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat
[2010.02.19 22:01:07 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat
[2008.12.14 12:47:14 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.12.13 23:10:34 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\fusioncache.dat
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\PnkBstrK.sys
[2008.12.13 21:14:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.13 21:14:27 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.13 20:14:07 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2008.12.13 20:09:16 | 000,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== LOP Check ==========
[2009.01.01 21:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2009.01.13 21:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Leadertech
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2qfe\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.07.30 03:30:37 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.12.22 06:42:43 | 000,251,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< End of report >
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Bohdan\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 19,93 Gb Free Space | 20,31% Space Free | Partition Type: NTFS
Drive D: | 3,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,06 Gb Free Space | 74,10% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HOME
Current User Name: Bohdan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
PRC - [2010.02.19 14:36:22 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009.10.09 13:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008.12.13 20:41:13 | 000,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008.11.26 18:18:51 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008.07.23 09:51:26 | 016,804,864 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008.07.01 10:34:48 | 002,326,528 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008.06.18 11:01:56 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2008.02.01 08:20:14 | 002,194,744 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\BitComet.exe
PRC - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007.07.17 11:13:56 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007.07.17 11:13:34 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007.06.29 15:03:08 | 000,036,864 | ---- | M] (IGN Entertainment Inc.) -- C:\Program Files\GameSpy\Comrade\Comrade.exe
PRC - [2007.04.23 04:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007.04.11 15:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
PRC - [2006.11.12 11:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2006.03.01 19:43:20 | 000,090,112 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
MOD - [2008.07.25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 11:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2007.04.23 04:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.07.03 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2010.02.24 03:24:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009.05.09 18:01:46 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008.12.13 20:09:16 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.11.26 18:18:18 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2008.11.26 18:17:36 | 000,111,184 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.11.26 18:17:25 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.11.26 18:16:38 | 000,050,864 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.11.26 18:16:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.11.26 18:15:35 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.31 03:21:08 | 000,079,960 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2008.07.30 03:30:37 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.07.30 03:30:37 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.07.24 11:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.16 08:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.10.09 13:13:00 | 000,038,144 | ---- | M] (Realtek) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EAPPkt.sys -- (EAPPkt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.SYS -- (PQNTDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.20 00:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.19 14:36:25 | 000,000,000 | ---D | M]
[2008.12.13 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Extensions
[2010.02.24 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions
[2008.12.13 20:41:45 | 000,000,000 | ---D | M] (BitComet Helper) -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010.02.24 05:40:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.02.13 02:11:28 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.13 02:11:28 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.13 02:11:28 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.13 02:11:28 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.13 02:11:28 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.13 19:30:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.08.14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:30:29 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:31:16 | 005,085,696 | R--- | M] () - D:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2007.09.02 09:23:25 | 000,000,136 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{c671f0a8-c93a-11dd-9daa-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c671f0a8-c93a-11dd-9daa-806d6172696f}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2007.08.14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.12.13 20:12:42 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55172432624877568)
========== Files/Folders - Created Within 7 Days ==========
[2010.02.24 16:35:07 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
[2010.02.24 03:00:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.02.24 01:16:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\SecuROM
[2010.02.23 01:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.02.23 00:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\skypePM
[2010.02.23 00:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bohdan\Data aplikací\Skype
[2010.02.23 00:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.02.23 00:32:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.02.23 00:32:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2010.02.23 00:01:38 | 002,025,768 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Bohdan\Plocha\SkypeSetup.exe
[2010.02.22 23:51:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bohdan\UserData
[2010.02.21 19:05:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.02.19 22:02:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.02.17 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.02.17 22:30:26 | 004,938,120 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Bohdan\Plocha\Silverlight.exe
[2009.02.14 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.12.13 20:39:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.12.13 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:30:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
========== Files - Modified Within 7 Days ==========
[2010.02.24 05:40:53 | 001,054,574 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.02.24 05:40:53 | 000,443,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.02.24 05:40:53 | 000,440,590 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.02.24 05:40:53 | 000,083,832 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.02.24 05:40:53 | 000,071,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.02.24 05:40:28 | 000,047,184 | ---- | M] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.24 03:24:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.02.24 03:24:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.24 03:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.24 03:24:11 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.24 03:23:19 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Bohdan\NTUSER.DAT
[2010.02.24 03:23:07 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Bohdan\ntuser.ini
[2010.02.24 03:06:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.02.24 03:02:46 | 000,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.02.23 00:37:17 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.02.23 00:32:44 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.02.23 00:04:19 | 002,025,768 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Bohdan\Plocha\SkypeSetup.exe
[2010.02.21 16:53:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bohdan\Plocha\OTL.exe
[2010.02.19 22:26:00 | 002,109,444 | -H-- | M] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\IconCache.db
[2010.02.19 22:01:10 | 000,000,016 | ---- | M] () -- C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat
[2010.02.19 22:01:07 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat
[2010.02.17 22:31:11 | 004,938,120 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Bohdan\Plocha\Silverlight.exe
========== Files Created - No Company Name ==========
[2010.02.23 00:37:17 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.02.23 00:32:44 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.02.19 22:01:10 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat
[2010.02.19 22:01:07 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat
[2008.12.14 12:47:14 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.12.13 23:10:34 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\fusioncache.dat
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Bohdan\Data aplikací\PnkBstrK.sys
[2008.12.13 21:14:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.13 21:14:27 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Bohdan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.13 20:14:07 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2008.12.13 20:09:16 | 000,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== LOP Check ==========
[2009.01.01 21:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2009.01.13 21:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Leadertech
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2qfe\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.07.30 03:30:37 | 000,421,888 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.12.22 06:42:43 | 000,251,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
< End of report >
-
pitimir
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Security tool
Vidim, ze sa tu nestretneme ani za toho boha 
Takze este ta poprosim o toto:
1) Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":
Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.
2) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Takze este ta poprosim o toto:
1) Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":
Kód: Vybrat vše
:otl
IE - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
[2008.12.13 20:41:45 | 000,000,000 | ---D | M] (BitComet Helper) -- C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
O3 - HKU\S-1-5-21-1715567821-1454471165-725345543-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
:files
C:\rsit
C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat
C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat
:commands
[emptytemp]
[reboot]2) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
No, jaksi na sebe nemáme štěstí
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\defaults folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\skin folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale\zh-CN folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\content folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
========== FILES ==========
C:\rsit folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Bohdan
->Temp folder emptied: 47129248 bytes
->Temporary Internet Files folder emptied: 17223524 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 73194294 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1831702 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23921598 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 156,00 mb
OTL by OldTimer - Version 3.1.30.1 log created on 02252010_221148
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6ec.dat not found!
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\defaults folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\skin folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale\zh-CN folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\locale folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome\content folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\chrome folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\Mozilla\Firefox\Profiles\zeev6s8o.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
========== FILES ==========
C:\rsit folder moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\avdrn.dat moved successfully.
C:\Documents and Settings\Bohdan\Data aplikací\cqfyto.dat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Bohdan
->Temp folder emptied: 47129248 bytes
->Temporary Internet Files folder emptied: 17223524 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 73194294 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1831702 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23921598 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 156,00 mb
OTL by OldTimer - Version 3.1.30.1 log created on 02252010_221148
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6ec.dat not found!
Registry entries deleted on Reboot...
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3792
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
25.2.2010 22:45:26
mbam-log-2010-02-25 (22-45-26).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|F:\|)
Zkontrolované objekty: 198611
Uplynulý čas: 22 minute(s), 47 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Verze databáze: 3792
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
25.2.2010 22:45:26
mbam-log-2010-02-25 (22-45-26).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|F:\|)
Zkontrolované objekty: 198611
Uplynulý čas: 22 minute(s), 47 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
-
pitimir
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Security tool
OK, ako to vyzera s PC teraz? Ak je vsetko v poriadku, prejdeme k docisteniu 
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
-
Lord Baradur
- Návštěvník
- Příspěvky: 17
- Registrován: 21 úno 2010 16:23
Re: Security tool
tak po zapnuti se na chvili sekne, tak zhruba na 5 minut a pak bezi naprosto v poradku
-
pitimir
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Security tool
Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Přispějete na provoz fóra?