Prosím o kontrolu - Zpomalený PC/Internet

Zpráva

Peroxid · #1 Příspěvek od **Peroxid** » 23 srp 2011 11:27

Zdravím,
už delší dobu mám pomalý PC a Internet.
RAM už po spuštění mají vytížení okolo 500mb, což je dle mého dost).
Internet je celý zabržděný. Když jsem dělal test rychlosti, tak download má mé klasické 3mb, tudiž to je v pohodě. Upload se ani nenačetl. Asi 5x jsem to zkoušel. Poté jsem i zkoušel se připojit na sousedovu Wi-Fi, uplně stejné.

Napadlo mě tedy: 1. Můžu mít vir, který neustále něco odesílá a tak zaprasil celý Upload.
2. Mám rozbitý Wi-Fi přijímač, ale je to originál od Routeru (ani né půl roku starý), proto věřím, že to tím neni.

Nejsem úplný laik, ale už si vážně nevím rady. Avast mi nic nenašel, akorád mi napsal, že některé soubory nemohly být otestovány. Spyware Terminator mi dělá prohlídky cca 2x v týdnu.

Zde tedy přikládám RSIT log a děkuju moc:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Románek at 2011-08-23 12:25:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 285 GB (60%) free of 477 GB
Total RAM: 1014 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:57, on 23.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TP-LINK\QSS\jswtrayutil.exe
C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe
C:\Program Files\TP-LINK\TL-WN821N\TWCU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\TP-LINK\QSS\jswpsapi.exe
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Documents and Settings\Románek\Plocha\RSIT.exe
C:\Program Files\trend micro\Románek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\TP-LINK\QSS\jswtrayutil.exe"
O4 - HKLM\..\Run: [HwBtnDetector] "C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe"
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TL-WN821N\TWCU.exe" -nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5308219593
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\TP-LINK\QSS\jswpsapi.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Webcamera Plus Service - Ateksoft Company Ltd. - C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe

--
End of file - 9501 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\
anttoolbar@ant.com
engine@conduit.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\
daemon-search.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2011-03-22 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-03-18 126976]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-13 14679552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-07-13 69632]
"Hercules DJ Series"=C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [2009-10-23 509224]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-27 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-27 532480]
"jswtrayutil"=C:\Program Files\TP-LINK\QSS\jswtrayutil.exe [2008-05-12 36949]
"HwBtnDetector"=C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe [2008-02-29 28672]
"TWCU"=C:\Program Files\TP-LINK\TL-WN821N\TWCU.exe [2008-10-20 557186]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-08-03 2216960]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=C:\Program Files\Steam\steam.exe [2011-07-19 1242448]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-08-03 3318784]
"Facebook Update"=C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2011-08-16 137536]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-08-21 3077528]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Románek\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-03-18 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe"="C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe"="C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe:*:Enabled:WebCamera Plus Service"
"C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe"="C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe:*:Enabled:WebCamera Plus"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Steam\steamapps\peroxidkoo\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\peroxidkoo\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Documents and Settings\Románek\Data aplikací\svchost.exe"="C:\Documents and Settings\Románek\Data aplikací\svchost.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Steam Keygen v13(1).exe"="C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Steam Keygen v13(1).exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Sindicate\client.bin"="C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Sindicate\client.bin:*:Enabled:client"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\peroxidatko\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\peroxidatko\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\steamapps\peroxidatko\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\peroxidatko\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Guillemot\tools\giWebUpdater.exe"="C:\Program Files\Guillemot\tools\giWebUpdater.exe:*:Enabled:Guillemot Web Updater"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator Update Support"
"C:\Program Files\Steam\steamapps\peroxidatko\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\peroxidatko\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"midi1"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi3"=wdmaud.drv
"midi4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.divxa32"=msaud32_divx.acm
"msacm.ac3filter"=ac3filter.acm

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2011-08-23 12:07:26 ----D---- C:\Program Files\trend micro
2011-08-23 12:07:10 ----D---- C:\rsit
2011-08-21 21:19:50 ----D---- C:\Riot Games
2011-08-21 19:25:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-08-21 19:23:47 ----D---- C:\Program Files\Pando Networks
2011-08-15 21:31:39 ----D---- C:\WINDOWS\system32\Adobe
2011-08-12 17:49:25 ----D---- C:\Documents and Settings\Románek\Data aplikací\Publish Providers
2011-08-12 17:35:51 ----D---- C:\Documents and Settings\Románek\Data aplikací\Sony
2011-08-12 17:23:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2011-08-12 17:22:02 ----D---- C:\Program Files\Sony
2011-08-12 15:58:38 ----D---- C:\Program Files\OpenVPN
2011-08-12 14:47:25 ----D---- C:\Program Files\Rockstar Games
2011-08-11 19:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-11 19:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-11 19:36:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-11 19:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-11 19:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-03 15:28:48 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-08-03 15:28:46 ----D---- C:\Documents and Settings\Románek\Data aplikací\Spyware Terminator
2011-08-03 15:28:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-03 15:28:20 ----D---- C:\Program Files\Spyware Terminator
2011-08-02 20:52:20 ----A---- C:\ASLog.txt
2011-07-31 14:35:54 ----D---- C:\Program Files\AC3Filter
2011-07-31 14:33:32 ----D---- C:\Program Files\GNU
2011-07-31 14:31:59 ----D---- C:\Documents and Settings\Románek\Data aplikací\GRETECH
2011-07-31 14:31:20 ----D---- C:\Program Files\GRETECH
2011-07-26 14:40:23 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-07-26 14:40:21 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-07-26 14:40:21 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys

======List of files/folders modified in the last 1 month======

2011-08-23 12:23:39 ----D---- C:\WINDOWS\Prefetch
2011-08-23 12:07:26 ----RD---- C:\Program Files
2011-08-23 10:21:54 ----D---- C:\WINDOWS\Temp
2011-08-23 10:20:43 ----D---- C:\Documents and Settings\Románek\Data aplikací\skypePM
2011-08-23 00:29:02 ----D---- C:\Documents and Settings\Románek\Data aplikací\Skype
2011-08-23 00:18:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-08-22 21:33:32 ----D---- C:\Program Files\QIP Infium
2011-08-22 21:16:55 ----D---- C:\Program Files\Steam
2011-08-22 21:15:44 ----D---- C:\WINDOWS\system32\Lang
2011-08-22 21:15:11 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-22 21:15:10 ----D---- C:\Program Files\Common Files\Akamai
2011-08-22 21:14:47 ----D---- C:\WINDOWS\Minidump
2011-08-22 21:14:47 ----D---- C:\WINDOWS
2011-08-22 20:12:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-22 20:07:33 ----A---- C:\WINDOWS\win.ini
2011-08-22 20:07:33 ----A---- C:\WINDOWS\system.ini
2011-08-21 21:27:31 ----D---- C:\WINDOWS\system32\DirectX
2011-08-21 21:27:29 ----HD---- C:\WINDOWS\inf
2011-08-21 21:27:27 ----D---- C:\WINDOWS\system32
2011-08-21 21:19:41 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-21 03:33:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\firebird
2011-08-18 22:04:55 ----D---- C:\Program Files\Google
2011-08-18 21:16:52 ----SHD---- C:\WINDOWS\Installer
2011-08-16 21:38:47 ----D---- C:\WINDOWS\system32\drivers
2011-08-16 21:38:47 ----D---- C:\Program Files\Common Files
2011-08-16 21:38:46 ----D---- C:\WINDOWS\twain_32
2011-08-16 21:37:17 ----D---- C:\Program Files\Mozilla Firefox
2011-08-16 21:36:10 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-08-16 21:34:00 ----D---- C:\Documents and Settings\Románek\Data aplikací\BatteryBar
2011-08-16 21:08:01 ----SD---- C:\WINDOWS\Tasks
2011-08-12 17:26:54 ----RSD---- C:\WINDOWS\assembly
2011-08-12 14:45:58 ----D---- C:\Documents and Settings\Románek\Data aplikací\uTorrent
2011-08-12 11:53:38 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-11 19:41:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-11 19:40:12 ----D---- C:\WINDOWS\WinSxS
2011-08-11 19:36:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-11 19:36:31 ----A---- C:\WINDOWS\imsins.BAK
2011-08-11 19:36:25 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-11 19:33:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-11 19:33:17 ----D---- C:\Program Files\Internet Explorer
2011-08-11 19:32:53 ----D---- C:\WINDOWS\ie8updates
2011-08-03 12:27:49 ----SD---- C:\Documents and Settings\Románek\Data aplikací\Microsoft
2011-08-03 12:27:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-27 22:49:23 ----RSD---- C:\WINDOWS\Fonts
2011-07-25 17:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-06-27 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK); C:\WINDOWS\system32\DRIVERS\arusb.sys [2008-12-01 458240]
R3 AteksoftAudio;WebCamera Plus Audio; C:\WINDOWS\system32\drivers\ateksoftaudio.sys [2009-07-26 12288]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-03-18 804317]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-13 3851264]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2007-08-28 57344]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-10-24 35913]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-27 184544]
R3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2008-02-22 24360]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 a50qu6ax;a50qu6ax; C:\WINDOWS\system32\drivers\a50qu6ax.sys []
S3 Bulk;HDJBulk; C:\WINDOWS\System32\Drivers\HDJBulk.sys [2009-10-02 128768]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HDJMidi;DJ Control MP3 e2 MIDI; C:\WINDOWS\system32\DRIVERS\HDJMidi.sys [2009-10-02 124288]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-01-21 3222784]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2008-05-27 467029]
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-08-03 496128]
R2 Webcamera Plus Service;Webcamera Plus Service; C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe [2009-07-26 46592]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
R3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\TP-LINK\QSS\jswpsapi.exe [2008-04-16 356434]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-15 411432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 24 srp 2011 10:55

Zdravim a pekny den preji

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Peroxid · #3 Příspěvek od **Peroxid** » 25 srp 2011 09:39

Zdárek

Tak mi už tedy doběhal test v MBAM, a zde přikládám log:

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25.8.2011 10:39:16
mbam-log-2011-08-25 (10-39-01).txt

Typ: Rychlá kontrola
Kontrolované objekty: 150677
Uplynulý čas: 13 minut, 9 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\system32\calc.exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Románek\data aplikací\data.dat (Stolen.Data) -> No action taken.
c:\documents and settings\all users\Plocha\mp3 downloader.lnk (Rogue.Link) -> No action taken.
c:\documents and settings\Románek\local settings\Temp\utt515.tmp.exe (Trojan.Pakes) -> No action taken.

#4 Příspěvek od **vyosek** » 25 srp 2011 09:42

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

c:\WINDOWS\system32\calc.exe
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Peroxid · #5 Příspěvek od **Peroxid** » 25 srp 2011 09:58

c:\WINDOWS\system32\calc.exe
Result:
0/ 44 (0.0%)

C:\Documents and Settings\Románek\Data aplikací\data.dat
Result:
0/ 44 (0.0%)

C:\Documents and Settings\All Users\Plocha\mp3 downloader.lnk
Hodí mě to na: C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe , což kvůli tomu uploadu nenahraju.

c:\documents and settings\Románek\local settings\Temp\utt515.tmp.exe

Soubor se mi chce při vložení do VirusTotal spustit, čili Avast mi hlásí otevření v sanboxu, stornování, či otevření normálně. Co z toho zvolit ?

S těma registrama nevím ???

// Omlouvám se, ale.. Mám sem hodit odkaz, který mi tam zůstane (nahoře, kam se zadává URL) ?

#6 Příspěvek od **vyosek** » 25 srp 2011 10:03

Staci i takhle, ja chtel jen ten jeden soubor, udelal jste vsechny nevadi...

Registry opravte v MBAMu, ostatni nalezy nemazte, ten temp vycistime, je to havet

Aplikujte exeHelper by Raktor

Linky ke stazeni
- COM soubor http://vyosek.ic.cz/BE/exeHelper.com
- SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Peroxid · #7 Příspěvek od **Peroxid** » 25 srp 2011 10:45

exeHelper log:

exeHelper by Raktor
Build 20100414
Run at 11:08:27 on 08/25/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

TFC vyčistil něco okolo 1015 Mb, smazán.

Nyní mi běží kontrola OTL , za chvíli dodám tedy oba logy do další odpovědi.
Díky moc

#8 Příspěvek od **vyosek** » 25 srp 2011 10:48

OK, pockam na OTL logy a budem cistit

Peroxid · #9 Příspěvek od **Peroxid** » 25 srp 2011 11:23

OTL log:
OTL logfile created on: 25.8.2011 11:44:41 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Románek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,05 Mb Total Physical Memory | 294,18 Mb Available Physical Memory | 29,01% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,19% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 278,90 Gb Free Space | 59,88% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ROM-6930F485862 | User Name: Románek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.08.25 11:43:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Románek\Plocha\OTL.exe
PRC - [2011.08.21 19:24:13 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011.08.12 08:10:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.08.03 15:28:48 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.08.03 15:28:48 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2011.08.03 15:28:47 | 002,216,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2011.07.19 17:09:51 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2011.07.04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.09.17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010.09.17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.10.23 14:15:36 | 000,509,224 | ---- | M] (Hercules®) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
PRC - [2009.07.26 16:38:22 | 000,046,592 | ---- | M] (Ateksoft Company Ltd.) -- C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
PRC - [2008.10.20 16:09:22 | 000,557,186 | ---- | M] (TP-LINK) -- C:\Program Files\TP-LINK\TL-WN821N\TWCU.exe
PRC - [2008.05.27 04:21:04 | 000,467,029 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008.05.12 08:36:46 | 000,036,949 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD.) -- C:\Program Files\TP-LINK\QSS\jswtrayutil.exe
PRC - [2008.04.14 08:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.29 14:26:00 | 000,028,672 | ---- | M] () -- C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe
PRC - [2004.05.27 15:59:02 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

========== Modules (No Company Name) ==========

MOD - [2011.08.24 14:33:59 | 001,288,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\algo.dll
MOD - [2011.08.23 16:54:58 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11082401\aswRep.dll
MOD - [2011.08.21 19:24:13 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2011.08.16 21:35:17 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.08.16 10:09:24 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll
MOD - [2011.08.12 08:10:24 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.08.03 15:30:49 | 001,901,570 | ---- | M] () -- C:\Program Files\Spyware Terminator\TorentDll.dll
MOD - [2011.08.03 10:07:17 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll
MOD - [2011.08.02 12:44:36 | 014,401,832 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011.08.02 12:44:25 | 000,190,248 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011.08.02 12:44:23 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011.08.02 12:44:20 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011.08.02 12:44:18 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011.03.31 22:35:56 | 000,331,776 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.03.02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.10.20 16:12:14 | 000,163,840 | ---- | M] () -- C:\Program Files\TP-LINK\TL-WN821N\oemres.dll
MOD - [2008.10.20 16:08:32 | 000,401,540 | ---- | M] () -- C:\WINDOWS\system32\wgapi.dll
MOD - [2008.02.29 14:26:00 | 000,028,672 | ---- | M] () -- C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe

========== Win32 Services (SafeList) ==========

SRV - [2011.08.03 15:28:48 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.08.03 10:07:17 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011.07.15 14:28:48 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.09.17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010.09.17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2009.07.26 16:38:22 | 000,046,592 | ---- | M] (Ateksoft Company Ltd.) [Auto | Running] -- C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe -- (Webcamera Plus Service)
SRV - [2008.05.27 04:21:04 | 000,467,029 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2008.04.16 15:52:18 | 000,356,434 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)

========== Driver Services (SafeList) ==========

DRV - [2011.08.03 15:28:48 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.07.01 11:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2011.06.27 08:58:09 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.02 10:31:32 | 000,124,288 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2009.10.02 10:31:26 | 000,128,768 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HDJBulk.sys -- (Bulk)
DRV - [2009.07.26 16:38:22 | 000,012,288 | ---- | M] (Ateksoft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ateksoftaudio.sys -- (AteksoftAudio)
DRV - [2008.12.01 10:32:24 | 000,458,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\arusb.sys -- (arusb(TP-LINK)) Atheros Wireless Network Adapter Service(TP-LINK)
DRV - [2008.02.22 16:16:08 | 000,024,360 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2007.12.13 20:31:02 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007.08.28 22:46:02 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2005.07.13 00:00:00 | 003,851,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.04.05 16:38:32 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.01.21 16:23:58 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2001.10.24 14:04:44 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.07.09 19:03:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.16 21:37:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.04.11 20:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Extensions
[2011.08.16 21:36:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions
[2011.04.11 20:11:46 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.16 21:26:12 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.08.03 10:10:32 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\anttoolbar@ant.com
[2011.07.06 00:39:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com
[2011.06.27 08:58:20 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\daemon-search.xml
[2011.04.11 20:12:12 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\qip-search.xml
[2011.08.16 21:25:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\ANTTOOLBAR@ANT.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\TABSCOPE@XULDEV.ORG.XPI
[2011.06.11 22:52:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.08.12 08:10:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.12 06:14:43 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.12 06:14:43 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.08.12 06:14:43 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.12 06:14:43 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.12 06:14:43 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

Hosts file not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-329068152-884357618-1177238915-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
O4 - HKLM..\Run: [HwBtnDetector] C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe ()
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TL-WN821N\TWCU.exe (TP-LINK)
O4 - HKU\S-1-5-21-329068152-884357618-1177238915-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-329068152-884357618-1177238915-1003..\Run: [Facebook Update] C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-329068152-884357618-1177238915-1003..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-329068152-884357618-1177238915-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-329068152-884357618-1177238915-1003..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5308219593 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Románek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Románek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.04.11 19:50:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.08.25 11:42:57 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Románek\Plocha\OTL.exe
[2011.08.25 11:40:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.08.25 11:06:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011.08.25 10:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Románek\Data aplikací\Malwarebytes
[2011.08.25 10:20:38 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.25 10:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.08.25 10:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.08.25 10:20:29 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.25 10:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.23 12:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.23 12:07:10 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.21 21:19:50 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.08.21 21:19:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Riot Games
[2011.08.21 20:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Románek\Plocha\LeagueOfLegends
[2011.08.21 19:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Románek\Local Settings\Data aplikací\PMB Files
[2011.08.21 19:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2011.08.21 19:24:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikac
[2011.08.21 19:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.08.25 11:48:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.25 11:43:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Románek\Plocha\OTL.exe
[2011.08.25 11:36:43 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.25 11:36:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.25 11:07:17 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\exeHelper.scr
[2011.08.25 10:20:39 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.25 00:13:03 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003UA.job
[2011.08.24 21:47:54 | 000,028,899 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\311475_1838239770740_1682905267_1387889_2818028_n.jpg
[2011.08.24 21:12:03 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003Core.job
[2011.08.24 12:07:58 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\Spiral Knights.url
[2011.08.23 12:56:32 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\Románek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.23 12:05:13 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\RSIT.exe
[2011.08.23 00:10:08 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.08.22 23:59:29 | 000,251,581 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\IMAG0339.jpg
[2011.08.22 22:12:07 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\winscp.rnd
[2011.08.22 11:36:07 | 000,728,071 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\ctjomg.PNG
[2011.08.21 21:27:34 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Play League of Legends.lnk
[2011.08.20 11:39:40 | 000,066,893 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\IMAGE_335.jpg
[2011.08.20 11:39:08 | 000,062,204 | ---- | M] () -- C:\Documents and Settings\Románek\Plocha\IMAGE_334.jpg
[2011.08.19 20:09:21 | 000,012,366 | -H-- | M] () -- C:\treeinfo.wc
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.25 11:48:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.25 11:07:15 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\exeHelper.scr
[2011.08.25 10:20:39 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.24 21:47:51 | 000,028,899 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\311475_1838239770740_1682905267_1387889_2818028_n.jpg
[2011.08.24 12:07:58 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\Spiral Knights.url
[2011.08.23 12:05:02 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\RSIT.exe
[2011.08.22 23:24:02 | 000,251,581 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\IMAG0339.jpg
[2011.08.22 11:36:05 | 000,728,071 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\ctjomg.PNG
[2011.08.21 21:27:34 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Play League of Legends.lnk
[2011.08.20 11:39:38 | 000,066,893 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\IMAGE_335.jpg
[2011.08.20 11:39:06 | 000,062,204 | ---- | C] () -- C:\Documents and Settings\Románek\Plocha\IMAGE_334.jpg
[2011.08.03 15:28:48 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.06.06 17:08:28 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Románek\Data aplikací\data.dat
[2011.06.05 19:29:13 | 000,000,434 | ---- | C] () -- C:\Documents and Settings\Románek\Data aplikací\Románek3SQLite3.dll
[2011.05.21 17:00:32 | 000,262,217 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2011.05.21 17:00:29 | 000,401,540 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2011.05.21 01:07:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2011.05.14 10:22:02 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\$_hpcst$.hpc
[2011.04.21 10:51:54 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011.04.16 20:43:59 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.04.15 20:07:38 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Románek\Local Settings\Data aplikací\PUTTY.RND
[2011.04.15 07:16:47 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Románek\Data aplikací\$_hpcst$.hpc
[2011.04.14 19:46:41 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Románek\Data aplikací\winscp.rnd
[2011.04.12 17:53:50 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\Románek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.11 22:04:35 | 000,004,876 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.04.11 21:35:27 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.04.11 21:33:42 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.11 20:28:27 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2011.04.11 20:28:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.04.11 20:07:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.11 19:53:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.04.11 19:46:06 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.01.11 09:24:40 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.04.08 04:16:43 | 000,061,999 | -H-- | C] () -- C:\Documents and Settings\Románek\Data aplikací\Románeklog.dat
[2001.10.25 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,436,016 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,432,932 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,079,840 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,068,912 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.04.24 13:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.04.19 07:25:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.06.27 08:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.08.23 20:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\firebird
[2011.08.22 11:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2011.08.12 17:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2011.08.24 14:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011.05.21 12:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2011.04.21 11:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\AnvSoft
[2011.08.16 21:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\BatteryBar
[2011.06.27 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\DAEMON Tools Lite
[2011.04.11 20:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\GHISLER
[2011.04.14 17:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Mp3tag
[2011.08.12 17:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Publish Providers
[2011.08.12 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Sony
[2011.08.19 17:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Spyware Terminator
[2011.04.20 21:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\TeamViewer
[2011.05.05 15:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Thinstall
[2011.07.04 01:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\TS3Client
[2011.08.12 14:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\uTorrent
[2011.08.24 21:12:03 | 000,000,978 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003Core.job
[2011.08.25 00:13:03 | 000,001,000 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003UA.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) MD5=D63C59BB0CA2F83B62D003FD52863090 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) MD5=D63C59BB0CA2F83B62D003FD52863090 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.06.12 11:16:51 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\NLDRV\001\iastor.sys
[2008.06.12 16:58:07 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\NLDRV\003\iastor.sys
[2008.06.12 16:58:10 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\NLDRV\004\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.12 11:16:50 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=977034D14621DE018E779C672DDF8472 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,547,328 | ---- | M] (Microsoft Corporation) MD5=471341D353962A35DA3C6324D59D09C4 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,547,328 | ---- | M] (Microsoft Corporation) MD5=471341D353962A35DA3C6324D59D09C4 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.29 15:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Adobe
[2011.04.21 11:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\AnvSoft
[2011.08.16 21:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\BatteryBar
[2011.06.27 09:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\DAEMON Tools Lite
[2011.04.11 20:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\GHISLER
[2011.07.31 14:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\GRETECH
[2011.04.11 19:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Identities
[2011.04.18 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\InstallShield
[2011.04.11 21:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Macromedia
[2011.08.25 10:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Malwarebytes
[2011.08.03 12:27:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Románek\Data aplikací\Microsoft
[2011.04.11 20:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Mozilla
[2011.04.14 17:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Mp3tag
[2011.08.12 17:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Publish Providers
[2011.08.23 00:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Skype
[2011.08.23 10:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\skypePM
[2011.08.12 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Sony
[2011.08.19 17:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Spyware Terminator
[2011.04.20 21:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\TeamViewer
[2011.05.05 15:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\Thinstall
[2011.07.04 01:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\TS3Client
[2011.08.12 14:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\uTorrent
[2011.04.14 17:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Románek\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.06.27 08:58:09 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2011.04.11 21:33:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.04.11 21:33:01 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.04.11 21:33:01 | 000,507,904 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.08.25 11:40:44 | 000,008,852 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2011.08.25 11:36:43 | 000,002,284 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,040,448 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" -- [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Steam" = "C:\Program Files\Steam\steam.exe" -silent -- [2011.07.19 17:09:51 | 001,242,448 | ---- | M] (Valve Corporation)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2011.08.03 15:28:48 | 003,318,784 | ---- | M] (Crawler.com)
"Facebook Update" = "C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2011.08.16 21:07:47 | 000,137,536 | ---- | M] (Facebook Inc.)
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2011.08.21 19:24:13 | 003,077,528 | ---- | M] ()

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.08.25 11:48:23 | 000,000,512 | ---- | M] () MD5=DF076B04083301CF904847D9AD731D4E -- C:\PhysicalMBR.bin

< End of report >

Extras log:
OTL Extras logfile created on: 25.8.2011 11:44:41 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Románek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,05 Mb Total Physical Memory | 294,18 Mb Available Physical Memory | 29,01% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,19% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 278,90 Gb Free Space | 59,88% Space Free | Partition Type: NTFS
Drive D: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ROM-6930F485862 | User Name: Románek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"56134:TCP" = 56134:TCP:*:Enabled:Pando Media Booster
"56134:UDP" = 56134:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"56134:TCP" = 56134:TCP:*:Enabled:Pando Media Booster
"56134:UDP" = 56134:UDP:*:Enabled:Pando Media Booster
"1035:TCP" = 1035:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- ()
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC -- ()
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe" = C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe:*:Enabled:WebCamera Plus Service -- (Ateksoft Company Ltd.)
"C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe" = C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe:*:Enabled:WebCamera Plus -- (Ateksoft Company Ltd.)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"C:\Program Files\Steam\steamapps\peroxidkoo\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\peroxidkoo\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Documents and Settings\Románek\Data aplikací\svchost.exe" = C:\Documents and Settings\Románek\Data aplikací\svchost.exe:*:Enabled:Windows Messanger
"C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Steam Keygen v13(1).exe" = C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Steam Keygen v13(1).exe:*:Enabled:Windows Messanger
"C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Sindicate\client.bin" = C:\Documents and Settings\Románek\Dokumenty\Stažené soubory\Sindicate\client.bin:*:Enabled:client -- ()
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\peroxidatko\team fortress 2\hl2.exe" = C:\Program Files\Steam\steamapps\peroxidatko\team fortress 2\hl2.exe:*:Enabled:hl2
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Steam\steamapps\peroxidatko\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\peroxidatko\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Guillemot\tools\giWebUpdater.exe" = C:\Program Files\Guillemot\tools\giWebUpdater.exe:*:Enabled:Guillemot Web Updater -- (Guillemot Inc.)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator Update Support -- (Crawler.com)
"C:\Program Files\Steam\steamapps\peroxidatko\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\peroxidatko\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Románek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe" = C:\Program Files\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe:*:Enabled:Spiral Knights -- (Sun Microsystems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B0F41B5-C87C-4B33-91F5-ED024EB683F9}" = QSS Installation Program
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B9D9832-BAD8-4422-8934-3736DDEE2E1C}" = TL-WN821N Wireless Utility
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF57E8E-AE20-41C7-8BDC-88E5BDEA659F}" = QSS Installation Program
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{E8CFA6A1-2FBE-4062-B40D-9E15E2443EC4}" = TL-WN821N Wireless Utility
"{EB26E321-C673-46E5-84E1-98B4DA9E2BD4}" = Facebook Video Calling 1.0.0.7930
"{EC502085-5F63-41A2-A290-41F9F9574270}" = Broadcom Gigabit Ethernet
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Akamai" = Akamai NetSession Interface
"Antares Auto-Tune v4.39" = Antares Auto-Tune v4.39
"Any Video Converter_is1" = Any Video Converter 3.2.2
"ASIO4ALL" = ASIO4ALL
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"Collab" = Collab
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Digital Guitar Tuner 2.3_is1" = Digital Guitar Tuner 2.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"FL Studio 8" = FL Studio 8
"GOM Player" = GOM Player
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"Mp3tag" = Mp3tag v2.41
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PoiZone" = PoiZone
"SAM3" = SAM Broadcaster v4
"Spyware Terminator_is1" = Spyware Terminator
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 440" = Team Fortress 2
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 99900" = Spiral Knights
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebCamera Plus_is1" = WebCamera Plus 2.1.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"winscp3_is1" = WinSCP 4.3.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9044

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 22.8.2011 14:14:09 | Computer Name = ROM-6930F485862 | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna Canon iP4300 název
sdílení Tiskárna3.

Error - 22.8.2011 15:17:04 | Computer Name = ROM-6930F485862 | Source = System Error | ID = 1003
Description = Kód chyby 100000c5, parametr1 002932e0, parametr2 00000002, parametr3
00000000, parametr4 805446b2.

Error - 23.8.2011 4:20:39 | Computer Name = ROM-6930F485862 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.103 pro síťovou kartu se síťovou
adresou D85D4C9651D9 byla ukončena.

Error - 25.8.2011 3:51:21 | Computer Name = ROM-6930F485862 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.103 pro síťovou kartu se síťovou
adresou D85D4C9651D9 byla ukončena.

Error - 25.8.2011 5:10:55 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7034
Description = Služba TP-LINK Configuration Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 25.8.2011 5:10:55 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7031
Description = Služba Firebird Guardian - DefaultInstance byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat
službu.

Error - 25.8.2011 5:10:57 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7034
Description = Služba Spyware Terminator Realtime Shield Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 25.8.2011 5:10:57 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7034
Description = Služba Webcamera Plus Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 25.8.2011 5:10:57 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7034
Description = Služba Firebird Server - DefaultInstance byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 25.8.2011 5:11:11 | Computer Name = ROM-6930F485862 | Source = Service Control Manager | ID = 7034
Description = Služba Jumpstart Wifi Protected Setup byla neočekávaně ukončena. Tento
stav nastal již 1krát.

< End of report >

#10 Příspěvek od **vyosek** » 25 srp 2011 11:34

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
MOD - [2011.08.03 10:07:17 | 003,542,616 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll
SRV - [2011.08.03 10:07:17 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-329068152-884357618-1177238915-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
[2011.04.11 20:11:46 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.16 21:26:12 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.07.06 00:39:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com
[2011.06.27 08:58:20 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\daemon-search.xml
[2011.04.11 20:12:12 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\qip-search.xml
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\ANTTOOLBAR@ANT.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ROMĂˇNEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\2O5DSGR5.DEFAULT\EXTENSIONS\TABSCOPE@XULDEV.ORG.XPI
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Steam"=-
"SpywareTerminatorUpdate"=-
"Facebook Update"=-

:files
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk 
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003UA.job
c:\Program Files\Common Files\Akamai
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Peroxid · #11 Příspěvek od **Peroxid** » 25 srp 2011 12:21

Zde je tedy log:

All processes killed
========== OTL ==========
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\Program Files\Common Files\Akamai\netsession_win_2da1ebd.dll moved successfully.
HKU\S-1-5-21-329068152-884357618-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-329068152-884357618-1177238915-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-329068152-884357618-1177238915-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\extensions\engine@conduit.com folder moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\Románek\Data aplikací\Mozilla\Firefox\Profiles\2o5dsgr5.default\searchplugins\qip-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\Románek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
C:\WINDOWS\isRS-000.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP163.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP212.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP281.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A1.tmp\WindowsBase.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP365.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP519.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52.tmp\System.EnterpriseServices.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52.tmp\System.EnterpriseServices.Wrapper.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP565.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP660.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP701.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP731.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP731.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP749.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP756.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP858.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEA.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI219.tmp deleted successfully.
C:\WINDOWS\Installer\MSI29B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4D9.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003Core.job moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-884357618-1177238915-1003UA.job moved successfully.
c:\Program Files\Common Files\Akamai\Logs\dump folder moved successfully.
c:\Program Files\Common Files\Akamai\Logs folder moved successfully.
c:\Program Files\Common Files\Akamai\Languages folder moved successfully.
c:\Program Files\Common Files\Akamai\Cache folder moved successfully.
c:\Program Files\Common Files\Akamai folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Románek
->Temp folder emptied: 1623 bytes
->Temporary Internet Files folder emptied: 33656 bytes
->FireFox cache emptied: 35169678 bytes
->Flash cache emptied: 618 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 505 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 34,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Románek
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.26.5 log created on 08252011_131547

Files\Folders moved on Reboot...
C:\Documents and Settings\Románek\Local Settings\Temp\WCESLog.log moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#12 Příspěvek od **vyosek** » 25 srp 2011 12:23

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Napiste co PC

Peroxid · #13 Příspěvek od **Peroxid** » 25 srp 2011 12:33

TFC mi smázl nějakých 20mb, PC je o dost svižnější, Internet též.
Teď du ještě na CCleaner a poté defregmentaci disku.

Děkuji moooc!

Chcete ještě s něčím poinformovat?

#14 Příspěvek od **vyosek** » 25 srp 2011 12:42

Po CCleaneru Defragu napiste ci je vse OK...A pokud bude, tak to bude i z me starny vse

Peroxid · #15 Příspěvek od **Peroxid** » 25 srp 2011 12:47

CCleaner jsem použil 3x jak jsi říkal, a už ukazuje 0b pro vyčištění (po analýze), čili myslím, že je vše jak má být.
Mám 15% fragmentováno, čili jdu na tu defregmentaci

Ještě jednou tedy moc děkuji

VIRY.CZ

Prosím o kontrolu - Zpomalený PC/Internet

Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet

Re: Prosím o kontrolu - Zpomalený PC/Internet