prosím o pomoc

Zpráva

človiček · #1 Příspěvek od **človiček** » 15 zář 2011 17:20

Když otevřu dvě okna na jednou tak se mi sekne a nejede. A nebo se zmrazí a musim čekat dokud se nerozjede. Tak prosím o pomoc co s tím. Děkuji

človiček · #2 Příspěvek od **človiček** » 15 zář 2011 17:30

Logfile of random's system information tool 1.09 (written by random/random)
Run by Boss at 2011-09-15 18:25:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (9%) free of 38 GB
Total RAM: 511 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:56, on 15.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Boss\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Boss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=102411
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [GameXN (update)] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /u
O4 - HKCU\..\Run: [GameXN (news)] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /n
O4 - HKCU\..\Run: [GameXN] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0211543812
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10653 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AA74C9A1-4826-43EA-8EDE-38C1E2C70A90}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Boss\Data aplikací\Mozilla\Firefox\Profiles\itik4exf.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"CTSysVol"=C:\Program Files\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-09-15 479232]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2002-12-03 49152]
"GameXN (update)"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-13 347008]
"GameXN (news)"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-13 347008]
"GameXN"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [2011-09-13 347008]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AudioDeck.lnk - C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.LEAD"=LCODCCMP.DLL
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-09-15 18:25:35 ----D---- C:\Program Files\trend micro
2011-09-15 18:25:32 ----D---- C:\rsit
2011-09-15 17:48:09 ----D---- C:\WINDOWS\LastGood
2011-09-15 08:31:22 ----A---- C:\WINDOWS\isRS-000.tmp
2011-09-13 22:51:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-09-13 21:50:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXN
2011-09-13 19:21:49 ----D---- C:\Program Files\WinUtilities
2011-09-13 19:09:57 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2011-09-13 19:09:57 ----A---- C:\WINDOWS\system32\unicows.dll
2011-09-13 19:09:57 ----A---- C:\WINDOWS\system32\anim.dll
2011-09-13 19:09:56 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2011-09-13 19:09:56 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2011-09-13 19:05:35 ----D---- C:\Program Files\CCleaner
2011-09-13 19:03:13 ----D---- C:\Program Files\Google
2011-09-13 18:55:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-09-13 18:55:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-09-13 18:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-09-13 18:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-13 18:53:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-09-13 18:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-09-13 18:09:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-09-13 00:54:11 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-09-13 00:54:10 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-09-13 00:54:03 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-09-13 00:54:03 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-09-13 00:54:02 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-09-13 00:54:00 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-09-13 00:53:59 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-09-13 00:53:59 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-09-13 00:52:22 ----A---- C:\WINDOWS\avastSS.scr
2011-09-13 00:52:19 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-09-13 00:51:18 ----D---- C:\Program Files\AVAST Software
2011-09-13 00:51:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-12 21:52:47 ----D---- C:\Program Files\QuickTime
2011-09-12 21:52:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-09-12 21:40:57 ----D---- C:\Program Files\Common Files\Apple
2011-09-12 21:19:46 ----D---- C:\Program Files\Apple Software Update
2011-09-12 21:19:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-09-12 20:01:42 ----A---- C:\WINDOWS\nsreg.dat
2011-09-12 20:01:24 ----D---- C:\Documents and Settings\Boss\Data aplikací\Mozilla
2011-09-12 20:00:28 ----D---- C:\Program Files\Mozilla Firefox
2011-09-12 18:40:23 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-09-12 18:40:22 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2011-09-12 18:39:19 ----D---- C:\Program Files\Windows Media Connect 2
2011-09-12 18:39:01 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2011-09-12 18:36:59 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-09-12 18:36:18 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-09-12 18:35:47 ----D---- C:\WINDOWS\system32\LogFiles
2011-09-12 18:35:47 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-09-12 18:35:41 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

======List of files/folders modified in the last 1 month======

2011-09-15 18:25:35 ----RD---- C:\Program Files
2011-09-15 17:50:10 ----D---- C:\WINDOWS\Temp
2011-09-15 17:49:06 ----HD---- C:\WINDOWS\inf
2011-09-15 17:48:10 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-15 17:48:09 ----D---- C:\WINDOWS
2011-09-15 17:48:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-15 17:36:03 ----D---- C:\Documents and Settings\Boss\Data aplikací\go
2011-09-15 08:31:52 ----SHD---- C:\WINDOWS\Installer
2011-09-15 08:19:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-09-14 19:00:41 ----D---- C:\WINDOWS\system32
2011-09-14 00:11:30 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-14 00:11:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-14 00:09:42 ----D---- C:\Program Files\Internet Explorer
2011-09-14 00:09:22 ----D---- C:\WINDOWS\ie8updates
2011-09-14 00:07:39 ----D---- C:\Documents and Settings\Boss\Data aplikací\Skype
2011-09-13 21:50:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-09-13 20:19:58 ----SD---- C:\WINDOWS\Tasks
2011-09-13 19:12:55 ----D---- C:\Documents and Settings\Boss\Data aplikací\Media Player Classic
2011-09-13 19:12:43 ----D---- C:\WINDOWS\Minidump
2011-09-13 19:12:43 ----D---- C:\WINDOWS\Debug
2011-09-13 18:55:16 ----D---- C:\WINDOWS\system32\drivers
2011-09-13 18:21:30 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-13 18:18:50 ----HD---- C:\Config.Msi
2011-09-13 01:39:06 ----A---- C:\WINDOWS\NeroDigital.ini
2011-09-13 00:53:11 ----D---- C:\WINDOWS\WinSxS
2011-09-12 21:40:57 ----RD---- C:\Program Files\Common Files
2011-09-12 20:15:13 ----D---- C:\Program Files\ESET
2011-09-12 18:40:05 ----A---- C:\WINDOWS\win.ini
2011-09-12 18:39:17 ----D---- C:\Program Files\Windows Media Player
2011-09-12 18:39:13 ----D---- C:\WINDOWS\Help
2011-09-12 18:36:27 ----D---- C:\Program Files\BS_Player
2011-09-12 18:36:21 ----D---- C:\Program Files\ConduitEngine
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2006-11-08 102912]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2004-07-30 31654]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\getnd5b.sys [2003-09-02 44032]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-12-28 1135104]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PAC7302;iLook 310; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rt2870;%Generic.Service.DispName%; C:\WINDOWS\system32\DRIVERS\rt2870.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-06-16 369920]
S3 Vsp;Vsp; \??\C:\WINDOWS\system32\drivers\Vsp.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2004-04-16 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 15 zář 2011 19:17

Zdravim a pekny vecer preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

človiček · #4 Příspěvek od **človiček** » 16 zář 2011 01:04

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
OTL Extras logfile created on: 16.9.2011 1:12:38 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Boss\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,80 Mb Total Physical Memory | 148,59 Mb Available Physical Memory | 29,09% Memory free
1,22 Gb Paging File | 0,68 Gb Available in Paging File | 55,74% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 3,11 Gb Free Space | 8,35% Space Free | Partition Type: NTFS

Computer Name: DOMACI | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6BD4B0B5-3359-4932-BF94-C805EE83E710}" = 2350_Help
"{6CD27A25-D4A5-4e25-86B1-36EBBA2BA279}" = 2350Trb
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7EF900F4-61A8-4D95-8A65-488D3BECA206}" = iLook 310
"{7F2AC7B5-3DA8-45d3-B5E5-F36DCD9FDC6A}" = 2350
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{919635D1-5C0D-4B64-B724-BDDB31D11029}" = Nero 8
"{95120000-003F-0405-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{BBCC4C9A-14C9-4EE4-9099-DB2C7316666B}" = Sound Blaster 5.1 VX
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D1504C77-1B19-4AF0-8DEC-946666123B55}" = CrazyTalk CamSuite PRO
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 10.34 Free Edition
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"BS_Player Toolbar" = BS Player Toolbar
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"csExcel_is1" = csExcel v.1.1.15
"EEEE705096F837B7907659F100C9FE6DA001970F" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)
"eTECH" = eTECH
"HP Photo & Imaging" = HP Image Zone 4.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 6.0.2 (x86 cs)" = Mozilla Firefox 6.0.2 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Race_is1" = Race
"SystemRequirementsLab" = System Requirements Lab
"TAXI MADNESS USA" = TAXI MADNESS USA
"Turtle And Pirate Treasure_is1" = Turtle And Pirate Treasure
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"WaveStudio 7" = Creative WaveStudio 7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoner Photo Studio 8_is1" = Zoner Photo Studio 8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-789336058-113007714-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = GameXN GO

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

#5 Příspěvek od **vyosek** » 16 zář 2011 05:31

Spustte OTL jeste jednou dle navodu ale skript nevkladejte, vyskoci jen OTL.txt - ten sem vlozte

človiček · #6 Příspěvek od **človiček** » 16 zář 2011 06:50

OTL logfile created on: 16.9.2011 7:10:47 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Boss\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,80 Mb Total Physical Memory | 124,21 Mb Available Physical Memory | 24,32% Memory free
1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,74% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 3,11 Gb Free Space | 8,34% Space Free | Partition Type: NTFS

Computer Name: DOMACI | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.16 01:01:27 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Boss\Plocha\OTL.exe
PRC - [2011.09.15 08:27:32 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.09.13 21:50:44 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.15 19:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac7302\Monitor.exe
PRC - [2007.10.23 15:19:06 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.10.23 15:18:46 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2005.10.31 11:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe
PRC - [2004.04.16 00:07:01 | 000,073,728 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
PRC - [2003.07.08 04:44:40 | 000,581,632 | ---- | M] () -- C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe

========== Modules (No Company Name) ==========

MOD - [2011.09.15 22:54:13 | 001,567,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091501\algo.dll
MOD - [2011.09.15 19:02:22 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091501\aswRep.dll
MOD - [2011.09.15 08:27:29 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.13 01:32:33 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.12.11 16:40:22 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_69965408\mscorlib.dll
MOD - [2010.12.11 16:40:16 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_cbe58a4a\system.drawing.dll
MOD - [2010.12.11 16:40:03 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ab2129a2\system.xml.dll
MOD - [2010.12.11 16:39:51 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_7621a95e\system.windows.forms.dll
MOD - [2010.12.11 16:39:32 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1efa03a7\system.dll
MOD - [2010.12.11 16:39:20 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010.12.10 20:04:26 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.12.10 20:04:25 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010.12.10 20:04:24 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010.02.16 15:23:00 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2010.02.16 15:23:00 | 000,006,144 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2010.02.16 15:22:56 | 000,614,400 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2010.02.16 15:22:56 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll
MOD - [2010.02.16 15:22:28 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2010.02.16 15:22:28 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2010.02.16 15:22:04 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2010.02.16 15:22:04 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll
MOD - [2010.02.16 15:22:04 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll
MOD - [2010.02.16 15:22:04 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2010.02.16 15:22:04 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2010.02.16 15:22:03 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2010.02.16 15:22:03 | 000,241,664 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2010.02.16 15:22:03 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2010.02.16 15:22:03 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2010.02.16 15:22:03 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2010.02.16 15:22:03 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2010.02.16 15:22:03 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2010.02.16 15:22:03 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2010.02.16 15:22:03 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2010.02.16 15:20:46 | 000,557,056 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2010.02.16 15:20:46 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2010.02.16 15:20:46 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2010.02.16 15:20:46 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2010.02.16 15:20:46 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2010.02.16 15:20:46 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2010.02.16 15:16:35 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2007.12.28 10:32:14 | 000,065,536 | R--- | M] () -- C:\WINDOWS\system32\P17.dll
MOD - [2006.10.22 13:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2003.07.08 04:44:40 | 000,581,632 | ---- | M] () -- C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.01.07 19:20:24 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2004.04.16 00:07:01 | 000,073,728 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
SRV - [2004.03.18 17:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.09.06 22:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.04.28 10:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2008.09.20 01:41:50 | 000,037,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamSuiteVAC.sys -- (CamSuiteVAC)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.12.28 05:26:01 | 001,135,104 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006.10.17 21:22:26 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.01.10 12:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005.01.10 12:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004.07.30 02:35:52 | 000,031,654 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [2003.09.02 19:22:52 | 000,044,032 | ---- | M] (VIA Networking Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\getnd5b.sys -- (GETNDIS)
DRV - [2003.06.16 12:05:40 | 000,369,920 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM)
DRV - [2003.05.27 17:45:06 | 000,003,351 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vsp.sys -- (Vsp)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-789336058-113007714-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=102411
IE - HKU\S-1-5-21-789336058-113007714-682003330-1003\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-789336058-113007714-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.13 00:52:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.15 08:27:38 | 000,000,000 | ---D | M]

[2011.09.12 20:01:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Boss\Data aplikací\Mozilla\Extensions
[2011.09.12 20:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.09.13 00:52:28 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.09.15 08:27:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.15 08:27:22 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.15 08:27:22 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.15 08:27:22 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.15 08:27:22 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.15 08:27:22 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 06:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SB5.1 VX\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKU\S-1-5-21-789336058-113007714-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-789336058-113007714-682003330-1003..\Run: [GameXN] C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-789336058-113007714-682003330-1003..\Run: [GameXN (news)] C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-789336058-113007714-682003330-1003..\Run: [GameXN (update)] C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-789336058-113007714-682003330-1003..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-113007714-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([asia.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([global.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([www.msi] http in Důvěryhodné servery)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0211543812 (MUWebControl Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F149C4A-DDF4-45D4-A814-4FA417CA268C}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F0C9F63-E6AB-4FB2-A304-61039D5067D2}: DhcpNameServer = 192.168.100.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.28 11:12:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2011.09.16 07:20:02 | 000,000,000 | ---D | C] -- C:\df31f3bacc783170cfd5a6a8f473d21f
[2011.09.16 07:09:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.09.16 01:01:14 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Boss\Plocha\OTL.exe
[2011.09.15 18:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.09.15 18:25:32 | 000,000,000 | ---D | C] -- C:\rsit
[2011.09.15 17:44:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Boss\Recent
[2011.09.14 21:20:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\BS_Player
[2011.09.14 21:20:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2011.09.14 00:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Plocha\Nová složka
[2011.09.13 22:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
[2011.09.13 21:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\GameXN
[2011.09.13 19:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinUtilities
[2011.09.13 19:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities
[2011.09.13 19:09:57 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2011.09.13 19:09:57 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2011.09.13 19:09:57 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2011.09.13 19:09:57 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2011.09.13 19:09:56 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF32.DLL
[2011.09.13 19:09:56 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF16.DLL
[2011.09.13 19:05:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.09.13 19:05:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.09.13 19:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.09.13 19:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.09.13 00:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2011.09.13 00:54:11 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.09.13 00:54:10 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.09.13 00:54:03 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.09.13 00:54:03 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.09.13 00:54:02 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.09.13 00:54:00 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.09.13 00:53:59 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.09.13 00:53:59 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.09.13 00:52:22 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.09.13 00:52:19 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.09.13 00:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.09.13 00:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.12 21:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2011.09.12 21:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.09.12 21:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
[2011.09.12 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.09.12 21:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\Apple
[2011.09.12 21:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011.09.12 21:19:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2011.09.12 21:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\Apple Computer
[2011.09.12 20:57:57 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.09.12 20:20:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Dokumenty\Stažené soubory
[2011.09.12 20:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\Mozilla
[2011.09.12 20:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boss\Data aplikací\Mozilla
[2011.09.12 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011.09.12 18:40:23 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011.09.12 18:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011.09.12 18:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2011.09.12 18:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011.09.12 18:26:53 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011.09.12 15:46:03 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2009.11.28 12:26:41 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.09.16 07:35:30 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AA74C9A1-4826-43EA-8EDE-38C1E2C70A90}.job
[2011.09.16 07:18:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.09.16 07:02:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.16 07:01:41 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.09.16 07:01:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.16 07:01:15 | 535,678,976 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.16 01:01:27 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Boss\Plocha\OTL.exe
[2011.09.15 22:06:34 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Boss\intlname.ols
[2011.09.15 08:31:22 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2011.09.15 08:27:12 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2011.09.14 21:20:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.09.13 21:50:51 | 000,001,771 | ---- | M] () -- C:\Documents and Settings\Boss\Plocha\Play games (GameXN).lnk
[2011.09.13 21:24:52 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.09.13 19:05:38 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.09.13 01:39:06 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.13 01:39:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.09.13 01:32:34 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.09.13 00:54:13 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.09.13 00:54:01 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.09.12 21:53:12 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2011.09.12 20:13:31 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.09.12 20:13:30 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.09.12 20:12:52 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2011.09.12 20:01:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011.09.12 20:00:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.09.12 18:35:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011.09.09 11:12:04 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.09.16 07:10:39 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.09.15 21:59:24 | 000,367,189 | ---- | C] () -- C:\Documents and Settings\Boss\Plocha\270920101498.jpg
[2011.09.13 21:50:51 | 000,001,777 | ---- | C] () -- C:\Documents and Settings\Boss\Nabídka Start\Programy\Play games (GameXN).lnk
[2011.09.13 21:50:51 | 000,001,771 | ---- | C] () -- C:\Documents and Settings\Boss\Plocha\Play games (GameXN).lnk
[2011.09.13 19:21:59 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2011.09.13 19:10:10 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2011.09.13 19:09:56 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2011.09.13 19:05:38 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.09.13 00:54:13 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.09.12 21:53:11 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2011.09.12 21:22:01 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.09.12 21:20:23 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2011.09.12 20:01:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.09.12 20:00:51 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.09.12 20:00:49 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2011.09.12 19:28:17 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2011.09.12 18:35:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011.07.01 16:51:44 | 000,000,666 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2011.07.01 16:51:34 | 000,000,885 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI
[2011.04.02 13:07:58 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2011.02.16 16:31:36 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Spacious
[2011.02.16 16:31:36 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Boss\Data aplikací\Sound Effects
[2011.02.16 16:31:36 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdw.DAT
[2011.02.16 16:31:36 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\StatusSheet
[2011.02.16 16:29:03 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Soundtrack
[2011.02.16 16:29:03 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Boss\Data aplikací\Smooth Strings
[2011.02.16 16:29:03 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
[2011.02.16 16:29:03 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Standard
[2011.01.03 16:07:49 | 000,003,628 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini
[2011.01.03 16:05:41 | 000,005,663 | R--- | C] () -- C:\WINDOWS\System32\ludap17.ini
[2011.01.03 16:05:41 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010.12.17 19:20:40 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.14 16:30:24 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.13 15:54:16 | 000,037,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamSuiteVAC.sys
[2010.02.16 15:55:57 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\fusioncache.dat
[2010.02.16 14:51:28 | 000,104,318 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2010.02.16 14:51:27 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2010.01.07 15:37:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.02 15:27:27 | 000,276,480 | R--- | C] () -- C:\Documents and Settings\Boss\Local Settings\Data aplikací\vvddata.wrt
[2010.01.02 14:50:25 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2010.01.02 14:50:20 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\dbjavio6.dll
[2010.01.02 14:50:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\dbauth6.dll
[2010.01.02 14:49:59 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2010.01.02 14:49:56 | 000,031,654 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2010.01.02 14:49:56 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2010.01.02 14:49:56 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
[2010.01.02 14:49:55 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
[2010.01.02 14:49:45 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2009.11.28 12:53:47 | 000,000,694 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.11.28 12:42:28 | 000,002,320 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.11.28 12:26:41 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2009.11.28 12:26:41 | 000,003,351 | ---- | C] () -- C:\WINDOWS\System32\drivers\vsp.sys
[2009.11.28 12:01:16 | 000,004,431 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.11.28 12:00:06 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.28 11:16:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.11.28 11:08:48 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.02.01 09:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2007.12.28 10:32:14 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2006.10.22 13:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 13:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.10.22 13:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 13:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.10.22 13:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 13:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 13:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 13:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.10.22 13:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.10.22 13:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 13:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004.08.18 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 06:00:00 | 000,383,254 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 06:00:00 | 000,382,548 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 06:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 06:00:00 | 000,063,148 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 06:00:00 | 000,053,608 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 06:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 06:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.10.02 12:48:18 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.01.11 01:00:00 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\dbeng6.exe
[1999.08.06 01:00:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dbwrite.exe
[1999.08.06 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dbextf50.dll
[1999.08.06 01:00:00 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\dbodtr6.dll

========== LOP Check ==========

[2011.04.30 16:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\BSplayer
[2011.04.30 16:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\BSplayer Pro
[2011.04.02 13:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\ChessBase
[2011.09.16 07:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\go
[2011.04.03 21:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\Nikon
[2011.01.18 15:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\Nokia
[2011.01.18 15:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\PC Suite
[2009.11.28 12:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boss\Data aplikací\Zoner
[2011.09.13 00:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.13 21:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2010.01.02 14:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ELIT eTECH
[2011.02.16 16:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2011.09.16 07:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GameXN
[2011.01.18 15:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.02.16 16:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2011.01.18 15:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.16 16:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2011.09.16 07:35:30 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AA74C9A1-4826-43EA-8EDE-38C1E2C70A90}.job

========== Purity Check ==========

#7 Příspěvek od **vyosek** » 16 zář 2011 19:17

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-789336058-113007714-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=102411
IE - HKU\S-1-5-21-789336058-113007714-682003330-1003\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([asia.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([global.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-789336058-113007714-682003330-1003\..Trusted Domains: com.tw ([www.msi] http in Důvěryhodné servery)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"NBKeyScan"=-
"HP Software Update"=-
"RemoteControl"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"MSMSGS"=-
"GameXN (update)"=-
"GameXN (news)"=-
"GameXN"=-

:files
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AA74C9A1-4826-43EA-8EDE-38C1E2C70A90}.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

človiček · #8 Příspěvek od **človiček** » 16 zář 2011 22:34

Problem je v tom, že je to půjčeny počitač a já neznam k něnu nic žádne heslo ani správce ani jaký program jestli win nebo jak jste to psali tak dá se s tím ještě něco udělat?

#9 Příspěvek od **vyosek** » 16 zář 2011 23:44

Spustte tedy OTL normalne dvojklikem a postupujte dle navodu, uvidime ci to pujde

VIRY.CZ

prosím o pomoc

prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc