Dobry deň mám problém zo spomalením počítača. Predchádzalo mu napadnutie počítača zo strany neznámeho hackera 25.8.2012. Teraz sa počítač veľmi spomalil a s času načas seká. Ide normálne a zrazu ako keby sa zasekol že nemôžem hýbať ani myšou a potom opäť ide normálne. Zároveň vír ktorý sa mi dostal do systému infikoval súbory v zložke systém32. Používal som iba obmädzený účet a tak som nepočítal s tým že tam nejaký vír prenikne tu je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomas at 2012-08-28 14:02:01
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (38%) free of 30 GB
Total RAM: 1014 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:12, on 28.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7M\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Animatrix\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tomas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2548859187
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 8633 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default
prefs.js - "browser.startup.homepage" - "http://google.sk/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYSK&&q="
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\
toolbar@ask.com
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26 1213832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YTD Toolbar - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26 1213832]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2012-06-27 16342528]
"Alcmtr"=ALCMTR.EXE []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-30 1564368]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-01-13 134656]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-01-13 166912]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-01-13 135680]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-08-27 1450096]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-06-06 1564872]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-07-26 1095560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ7M\ICQ.exe [2012-06-30 127040]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-06-05 17344176]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Documents and Settings\Tomas\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-01-13 205824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\mysql\bin\mysqld_usbwv8.exe"="F:\mysql\bin\mysqld_usbwv8.exe:*:Disabled:mysqld_usbwv8"
"F:\apache\bin\httpd_usbwv8.exe"="F:\apache\bin\httpd_usbwv8.exe:*:Disabled:Apache HTTP Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======List of files/folders created in the last 1 month======
2012-08-28 14:02:02 ----D---- C:\Program Files\trend micro
2012-08-28 14:02:01 ----D---- C:\rsit
2012-08-26 11:23:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2012-08-25 23:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-08-25 23:31:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2012-08-25 23:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-25 23:20:54 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-25 23:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-25 23:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-25 23:20:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-25 23:19:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-08-25 23:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-08-25 23:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-08-25 23:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-08-25 23:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$
2012-08-25 23:17:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$
2012-08-25 23:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-08-25 23:17:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-08-25 23:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-08-25 23:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-08-25 23:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-08-25 23:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-08-25 23:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-08-25 23:16:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-08-25 23:16:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-08-25 23:16:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-08-25 23:15:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-08-25 23:15:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-08-25 23:15:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-08-25 23:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-08-25 23:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-08-25 23:15:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-08-25 23:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-08-25 23:14:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-08-25 23:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-08-25 23:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-08-25 23:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-08-25 23:14:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-08-25 23:14:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2012-08-25 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-08-25 23:13:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-08-25 23:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-08-25 23:12:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-08-25 23:12:36 ----D---- C:\WINDOWS\ie8updates
2012-08-25 23:12:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-08-25 23:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-08-25 23:12:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-08-25 23:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-08-25 23:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-08-25 23:11:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-08-25 23:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-08-25 23:11:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2012-08-25 23:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2012-08-25 23:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2012-08-25 23:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2012-08-25 23:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2012-08-25 23:10:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2012-08-25 23:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2012-08-25 23:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-08-25 23:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2012-08-25 23:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-08-25 23:09:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2012-08-25 23:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-08-25 23:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2012-08-25 23:08:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2012-08-25 23:08:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2012-08-25 23:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2012-08-25 23:08:19 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-25 23:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2012-08-25 23:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2012-08-25 23:07:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2012-08-25 23:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2012-08-25 23:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2012-08-25 23:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-08-25 23:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-08-25 23:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2012-08-25 23:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2012-08-25 23:06:45 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2012-08-25 23:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2012-08-25 23:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2012-08-25 23:06:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2012-08-25 23:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2012-08-25 23:05:52 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2012-08-25 23:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2012-08-25 23:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2012-08-25 23:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2012-08-25 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2012-08-25 23:05:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2012-08-25 23:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2012-08-25 23:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2012-08-25 23:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-08-25 23:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2012-08-25 23:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2012-08-25 23:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-08-25 23:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-08-25 23:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-08-25 23:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-08-25 23:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-08-25 23:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2012-08-25 23:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2012-08-25 23:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2012-08-25 23:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-08-25 23:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2012-08-25 23:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-08-25 23:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2012-08-25 23:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2012-08-25 23:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2012-08-25 23:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2012-08-25 23:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-08-25 23:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2012-08-25 23:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2012-08-25 23:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2012-08-25 23:01:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2012-08-25 23:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2012-08-25 23:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-08-25 22:57:11 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-08-25 22:49:20 ----N---- C:\WINDOWS\system32\browserchoice.exe
2012-08-25 22:43:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2012-08-25 22:43:36 ----D---- C:\WINDOWS\system32\PreInstall
2012-08-25 22:43:32 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2012-08-25 22:41:25 ----A---- C:\WINDOWS\system32\wups2.dll
2012-08-25 22:41:22 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-08-23 14:17:49 ----D---- C:\Program Files\Tropico
2012-08-05 16:54:00 ----D---- C:\WINDOWS\Minidump
2012-08-03 17:12:03 ----D---- C:\Documents and Settings\Tomas\Data aplikací\YTD
2012-08-03 17:11:13 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Search Settings
2012-08-03 17:11:04 ----D---- C:\Program Files\Application Updater
2012-08-03 17:11:03 ----D---- C:\Program Files\YTD Toolbar
2012-08-03 17:11:03 ----D---- C:\Program Files\Common Files\Spigot
======List of files/folders modified in the last 1 month======
2012-08-28 14:02:02 ----RD---- C:\Program Files
2012-08-28 13:58:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2012-08-28 13:58:24 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2012-08-28 13:58:08 ----D---- C:\WINDOWS\Temp
2012-08-28 13:55:40 ----D---- C:\WINDOWS\Prefetch
2012-08-28 09:53:23 ----D---- C:\WINDOWS\system32
2012-08-28 09:53:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-27 23:12:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-26 19:09:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\ICQ
2012-08-26 18:53:21 ----SHD---- C:\WINDOWS\Installer
2012-08-26 18:53:18 ----A---- C:\WINDOWS\OEWABLog.txt
2012-08-26 18:53:08 ----D---- C:\Documents and Settings
2012-08-26 16:25:59 ----D---- C:\WINDOWS
2012-08-26 16:24:45 ----D---- C:\WINDOWS\AppPatch
2012-08-26 11:24:05 ----HD---- C:\WINDOWS\inf
2012-08-26 11:24:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-26 11:23:36 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-26 11:23:33 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-25 23:32:03 ----A---- C:\WINDOWS\imsins.BAK
2012-08-25 23:31:37 ----D---- C:\WINDOWS\system32\drivers
2012-08-25 23:29:36 ----D---- C:\WINDOWS\SoftwareDistribution
2012-08-25 23:27:03 ----D---- C:\Program Files\Internet Explorer
2012-08-25 23:27:02 ----D---- C:\WINDOWS\system32\wbem
2012-08-25 23:20:58 ----D---- C:\WINDOWS\Debug
2012-08-25 23:17:39 ----D---- C:\WINDOWS\WinSxS
2012-08-25 23:09:46 ----D---- C:\Program Files\Outlook Express
2012-08-25 23:08:11 ----D---- C:\Program Files\Movie Maker
2012-08-25 23:01:25 ----D---- C:\Program Files\Messenger
2012-08-25 22:41:28 ----D---- C:\WINDOWS\Help
2012-08-23 18:11:07 ----SD---- C:\WINDOWS\Tasks
2012-08-23 14:32:37 ----A---- C:\WINDOWS\wincmd.ini
2012-08-23 14:17:47 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-21 11:12:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-08-15 23:08:08 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-14 15:09:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-08-03 17:11:03 ----D---- C:\Program Files\Common Files
2012-08-03 17:03:50 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2012-07-15 82380]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-08-27 28672]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2004-08-27 27648]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-03-09 1163616]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-06-06 161792]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-01-13 1730272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-27 4419584]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-08-27 92928]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athr.sys [2007-06-18 737280]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-05-22 1771008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2012-03-02 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2012-03-02 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2012-03-02 25216]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-07-26 794560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-06-30 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-08-27 1192050]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-29 136176]
S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-08-27 1192050]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-29 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalenie počítača a prienik do systému
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Spomalenie počítača a prienik do systému
Zdravim 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
Takže tu sú logy:
OTL Extras logfile created on: 28.8.2012 19:02:56 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,92 Mb Total Physical Memory | 460,00 Mb Available Physical Memory | 45,37% Memory free
2,39 Gb Paging File | 1,94 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,00 Gb Free Space | 37,56% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 9,39 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Computer Name: TOMAS-E012C53FC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"F:\mysql\bin\mysqld_usbwv8.exe" = F:\mysql\bin\mysqld_usbwv8.exe:*:Disabled:mysqld_usbwv8
"F:\apache\bin\httpd_usbwv8.exe" = F:\apache\bin\httpd_usbwv8.exe:*:Disabled:Apache HTTP Server
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C1879C1-B74A-4C6D-8880-E3F54B78E816}" = LG United Mobile Drivers
"{0CB0B5BF-277A-4BC0-B7CD-A824443EAD19}" = OpenOffice.org 2.4
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One ovladač
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{818FB39B-1A57-4F1B-A54D-391C33D6C596}" = Tropico
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Free Antivirus
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FormatFactory" = FormatFactory 2.95
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP PSC 1200 Series" = Zpracování fotografií a obrázkù HP 2.0 - PSC 1200 Series
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"LG PC Suite IV" = LG PC Suite IV
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"Recuva" = Recuva
"Totalcmd" = Total Commander (Remove or Repair)
"Tropico Paradise Island CZ" = Tropico Paradise Island CZ
"VLC media player" = VLC media player 2.0.2
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.7.2012 5:19:51 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 6.7.2012 5:19:52 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 10.7.2012 6:03:42 | Computer Name = TOMAS-E012C53FC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Skype.exe, verze 5.9.0.123, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 18.7.2012 3:15:52 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace hpoevm08.exe, verze 4.2.0.20, chybující modul ole32.dll,
verze 5.1.2600.5512, adresa chyby 0x0002cdbd.
Error - 3.8.2012 13:18:29 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 3.8.2012 13:18:31 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 4.8.2012 14:12:43 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace gimp-2.8.exe, verze 2.8.0.0, chybující modul gimp-2.8.exe,
verze 2.8.0.0, adresa chyby 0x002ff9d0.
Error - 5.8.2012 4:58:36 | Computer Name = TOMAS-E012C53FC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace gimp-2.8.exe, verze 2.8.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.8.2012 9:09:45 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11316
Description = Product: Skype™ 5.10 -- Error 1316. A network error occurred while
attempting to read from the file: C:\Documents and Settings\All Users\Data aplikací\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeSetup_5.9.0.123.msi
Error - 22.8.2012 5:27:00 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
aswwebrepie.dll, verze 7.0.1456.418, adresa chyby 0x0004d9fb.
[ System Events ]
Error - 28.8.2012 7:58:05 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 7:58:06 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 7:58:06 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:58 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:59 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:59 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 13:03:33 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
< End of report >
Druhý log:
OTL logfile created on: 28.8.2012 19:02:56 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,92 Mb Total Physical Memory | 460,00 Mb Available Physical Memory | 45,37% Memory free
2,39 Gb Paging File | 1,94 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,00 Gb Free Space | 37,56% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 9,39 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Computer Name: TOMAS-E012C53FC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.08.28 19:00:51 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012.07.20 00:46:55 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2012.06.30 12:36:26 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7M\ICQ.exe
PRC - [2012.06.06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.17 03:39:16 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
PRC - [2008.03.17 03:39:16 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
PRC - [2006.10.05 06:10:12 | 000,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2004.08.27 04:01:08 | 001,450,096 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2003.04.06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.28 16:26:22 | 001,803,776 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12082802\algo.dll
MOD - [2012.07.20 00:46:53 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2008.03.16 12:02:42 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.15 23:08:08 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.07.20 00:46:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2006.10.05 06:10:12 | 000,009,216 | R--- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR)
SRV - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003.04.07 07:32:06 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.15 10:31:23 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2012.06.27 22:53:24 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2012.03.02 16:03:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2012.03.02 16:03:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2012.03.02 16:03:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2007.07.26 13:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.06.18 12:03:32 | 000,737,280 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athr.sys -- (athr)
DRV - [2007.06.06 06:51:04 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.03.09 08:56:04 | 001,163,616 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.08.27 10:04:16 | 000,007,680 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2004.08.27 10:02:46 | 000,028,672 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.08.27 10:02:30 | 000,092,928 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.08.27 04:02:50 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes,DefaultScope = {94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}: "URL" = http://websearch.ask.com/redirect?clien ... 32A38ECECD
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://google.sk/"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYSK&&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.23 18:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 00:46:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.06.28 16:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions
[2012.08.03 17:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions
[2012.08.03 17:44:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.07.20 00:47:39 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com
[2012.08.28 14:28:17 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\askcom.xml
[2012.08.28 14:30:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-1.xml
[2012.07.20 00:47:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-2.xml
[2012.08.28 19:00:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-3.xml
[2012.07.17 18:32:09 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin.xml
[2012.06.28 16:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.08.03 17:11:11 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.08.03 17:11:11 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF
[2012.07.20 00:46:56 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.15 02:05:40 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.15 02:05:40 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.15 02:05:40 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.15 02:05:41 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.15 02:05:41 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0\
CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\
CHR - Extension: YouTube = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.0_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-21-861567501-616249376-682003330-1004..\Run: [ICQ] C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Animatrix\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Tomas\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 2548612328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2548859187 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB3C27B6-E6BE-458C-8A6D-AA8E7717324D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.27 22:04:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.08.28 14:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.28 14:02:01 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.25 23:30:11 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012.08.25 23:12:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.08.25 23:00:40 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.08.25 22:59:56 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.08.25 22:59:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.08.25 22:59:51 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.08.25 22:59:51 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.08.25 22:59:49 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.08.25 22:55:14 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.08.25 22:55:11 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.08.25 22:54:21 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.08.25 22:51:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.08.25 22:51:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.08.25 22:51:28 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012.08.25 22:51:15 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.08.25 22:51:14 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2012.08.25 22:50:58 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.08.25 22:50:17 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.08.25 22:49:53 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.08.25 22:49:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.08.25 22:47:49 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012.08.25 22:47:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012.08.25 22:45:16 | 002,194,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.08.25 22:45:15 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2012.08.25 22:45:14 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.08.25 22:45:14 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.08.25 22:44:58 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.08.25 22:44:33 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.08.25 22:44:31 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2012.08.25 22:43:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.08.25 22:43:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.08.25 22:41:25 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012.08.25 22:41:25 | 000,022,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012.08.25 22:41:22 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012.08.25 22:41:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.08.23 14:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\GHISLER
[2012.08.23 14:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Tropico
[2012.08.23 14:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Tropico
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.08.28 19:10:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.08.28 19:09:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 19:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.28 19:05:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.28 19:01:56 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.28 19:01:56 | 000,310,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.28 19:01:56 | 000,046,394 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.08.28 19:01:56 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.28 18:59:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 18:56:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.28 18:56:38 | 1063,243,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 09:49:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.25 23:32:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.25 23:27:05 | 000,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.23 18:11:19 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.08.23 14:32:37 | 000,001,526 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.08.23 14:30:29 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Tropico.lnk
[2012.08.22 11:13:27 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.28 19:05:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.25 22:57:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.08.25 22:57:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.08.23 14:17:49 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Tropico.lnk
[2012.07.15 12:08:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.15 11:24:10 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2012.07.15 11:24:09 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2012.07.15 10:17:47 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2012.07.15 10:17:47 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2012.07.02 22:02:36 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012.06.28 17:13:16 | 000,000,389 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2012.06.28 16:52:46 | 000,001,526 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2012.06.28 16:34:27 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 16:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012.06.28 13:32:59 | 001,843,784 | ---- | C] () -- C:\WINDOWS\System32\igklg400.dll
[2012.06.28 13:32:59 | 001,399,880 | ---- | C] () -- C:\WINDOWS\System32\igklg450.dll
[2012.06.28 13:32:59 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2012.06.28 13:32:59 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2012.06.28 13:18:13 | 000,249,856 | R--- | C] () -- C:\WINDOWS\System32\igfxTMM.dll
[2012.06.28 13:18:10 | 000,910,720 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2012.06.27 23:46:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.06.27 23:44:52 | 000,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.27 23:08:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.06.27 22:54:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.06.27 22:46:38 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2012.06.27 22:06:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.06.27 22:01:39 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys
========== LOP Check ==========
[2012.06.29 11:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.06.30 12:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.07.19 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
[2012.07.19 17:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Babylon
[2012.08.19 22:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\ICQ
[2012.07.03 14:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Notepad++
[2012.07.19 17:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Search Settings
[2012.07.07 16:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Unity
[2012.08.18 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\YTD
[2012.08.26 18:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Free\Data aplikací\Search Settings
[2012.06.30 12:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2012.08.07 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Search Settings
[2012.08.28 19:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ
[2012.06.30 12:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ Search
[2012.07.03 13:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Notepad++
[2012.08.03 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Search Settings
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\wtxpcom
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YouTube Downloader
[2012.08.03 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YTD
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 19:10:04 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3gdr\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp files -> C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.06.28 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Adobe
[2012.06.28 17:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Help
[2012.07.15 10:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Hewlett-Packard
[2012.08.28 19:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ
[2012.06.30 12:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ Search
[2012.06.27 22:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Identities
[2012.06.27 22:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\InstallShield
[2012.06.28 18:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Macromedia
[2012.08.28 19:08:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
[2012.06.28 16:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla
[2012.07.03 13:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Notepad++
[2012.08.28 19:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
[2012.08.03 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Search Settings
[2012.08.28 19:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Skype
[2012.07.15 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\vlc
[2012.06.28 16:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\WinRAR
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\wtxpcom
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YouTube Downloader
[2012.08.03 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YTD
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.08.28 19:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 18:59:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 19:09:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 19:15:27 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.06.27 23:43:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.06.27 23:43:54 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.06.27 23:43:53 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.08.25 23:27:05 | 000,112,584 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.08.28 19:01:56 | 000,046,394 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.08.28 19:01:56 | 000,040,326 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.08.28 19:01:56 | 000,310,228 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.08.28 19:01:56 | 000,311,938 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.08.28 19:01:56 | 000,714,754 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.08.25 23:15:38 | 000,005,194 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2012.08.28 09:49:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4 -- [2012.06.30 12:36:26 | 000,127,040 | ---- | M] (ICQ, LLC.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.06.05 15:23:04 | 017,344,176 | R--- | M] (Skype Technologies S.A.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.20 00:46:55 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) MD5=2339760B238226DAD9ED03F939D92323 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.28 19:05:44 | 000,000,512 | ---- | M] () MD5=AF2D825C77FE86472E3A0B4B942E86F2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.11.13 05:56:34 | 000,091,048 | R--- | M] () -- \Program Files\Ahead\NeroVision\MenuTemplates\Pictures\tenniscrack4_3.jpg
[2002.05.30 17:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2001.10.01 14:50:54 | 000,012,968 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold\gm\cracks.gm1
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.07.19 17:48:48 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.07.19 17:48:48 | 000,001,753 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2012.07.19 17:48:48 | 000,000,833 | ---- | M] () -- \Documents and Settings\All Users\Plocha\YTD YouTube Downloader & Converter.lnk
[2012.07.19 17:43:09 | 001,051,624 | ---- | M] () -- \Documents and Settings\Animatrix\Dokumenty\Stažené soubory\VDownloaderInstaller.exe
[2012.08.07 09:47:05 | 000,000,381 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.08.11 10:44:47 | 000,105,903 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\3XK4UIEX\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.08.15 10:08:19 | 000,000,753 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\3XK4UIEX\AdLoader[1].htm
[2012.08.15 21:57:45 | 000,105,903 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\OXLD3811\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.08.27 12:02:20 | 000,000,753 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\OXLD3811\AdLoader[1].htm
[2012.08.26 18:55:20 | 000,000,381 | ---- | M] () -- \Documents and Settings\Free\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.08.07 19:01:18 | 000,000,381 | ---- | M] () -- \Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.07.19 17:49:32 | 000,000,386 | ---- | M] () -- \Documents and Settings\Tomas\Cookies\tomas@youtubedownloadersite[1].txt
[2012.07.19 19:48:00 | 000,000,001 | ---- | M] () -- \Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.08.03 17:15:49 | 000,000,381 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.07.20 00:18:26 | 000,000,652 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temp\Temporary Internet Files\Content.IE5\CBX763BD\AdLoader[1].htm
[2012.07.20 00:18:26 | 000,010,519 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temp\Temporary Internet Files\Content.IE5\RQGCLYXU\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.07.19 17:49:34 | 004,389,888 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\A2TVZUAH\youtubedownloaderToolbar[1].msi
[2012.08.19 22:11:30 | 000,105,903 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.07.17 22:04:52 | 000,010,519 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.08.28 13:58:40 | 000,000,753 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader[1].htm
[2004.09.07 10:30:08 | 000,086,016 | ---- | M] () -- \Program Files\Common Files\Ahead\AudioPlugins\Downloaders.dll
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2012.06.30 12:36:16 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.06.30 12:36:16 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.06.30 12:36:15 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.06.30 12:38:27 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2008.03.16 12:18:42 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\javaloader.uno.dll
[2008.03.17 02:32:32 | 000,006,381 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.py
[2008.03.16 17:17:06 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.dll
[2008.03.17 03:39:42 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.ini
[2008.03.16 17:02:52 | 000,004,064 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\classes\unoloader.jar
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:38 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.03 22:59:38 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< End of report >
OTL Extras logfile created on: 28.8.2012 19:02:56 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,92 Mb Total Physical Memory | 460,00 Mb Available Physical Memory | 45,37% Memory free
2,39 Gb Paging File | 1,94 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,00 Gb Free Space | 37,56% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 9,39 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Computer Name: TOMAS-E012C53FC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"F:\mysql\bin\mysqld_usbwv8.exe" = F:\mysql\bin\mysqld_usbwv8.exe:*:Disabled:mysqld_usbwv8
"F:\apache\bin\httpd_usbwv8.exe" = F:\apache\bin\httpd_usbwv8.exe:*:Disabled:Apache HTTP Server
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C1879C1-B74A-4C6D-8880-E3F54B78E816}" = LG United Mobile Drivers
"{0CB0B5BF-277A-4BC0-B7CD-A824443EAD19}" = OpenOffice.org 2.4
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One ovladač
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{818FB39B-1A57-4F1B-A54D-391C33D6C596}" = Tropico
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Free Antivirus
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FormatFactory" = FormatFactory 2.95
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP PSC 1200 Series" = Zpracování fotografií a obrázkù HP 2.0 - PSC 1200 Series
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"LG PC Suite IV" = LG PC Suite IV
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"Recuva" = Recuva
"Totalcmd" = Total Commander (Remove or Repair)
"Tropico Paradise Island CZ" = Tropico Paradise Island CZ
"VLC media player" = VLC media player 2.0.2
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.7.2012 5:19:51 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 6.7.2012 5:19:52 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 10.7.2012 6:03:42 | Computer Name = TOMAS-E012C53FC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Skype.exe, verze 5.9.0.123, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 18.7.2012 3:15:52 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace hpoevm08.exe, verze 4.2.0.20, chybující modul ole32.dll,
verze 5.1.2600.5512, adresa chyby 0x0002cdbd.
Error - 3.8.2012 13:18:29 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 3.8.2012 13:18:31 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11303
Description = Product: LG USB Modem Drivers -- Error 1303.The installer has insufficient
privileges to access this directory: C:\Program Files\LG Electronics\LG USB Modem
Drivers. The installation cannot continue. Log on as an administrator or contact
your system administrator.
Error - 4.8.2012 14:12:43 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace gimp-2.8.exe, verze 2.8.0.0, chybující modul gimp-2.8.exe,
verze 2.8.0.0, adresa chyby 0x002ff9d0.
Error - 5.8.2012 4:58:36 | Computer Name = TOMAS-E012C53FC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace gimp-2.8.exe, verze 2.8.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.8.2012 9:09:45 | Computer Name = TOMAS-E012C53FC | Source = MsiInstaller | ID = 11316
Description = Product: Skype™ 5.10 -- Error 1316. A network error occurred while
attempting to read from the file: C:\Documents and Settings\All Users\Data aplikací\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeSetup_5.9.0.123.msi
Error - 22.8.2012 5:27:00 | Computer Name = TOMAS-E012C53FC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
aswwebrepie.dll, verze 7.0.1456.418, adresa chyby 0x0004d9fb.
[ System Events ]
Error - 28.8.2012 7:58:05 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 7:58:06 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 7:58:06 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:58 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:59 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:56:59 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 12:59:37 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Error - 28.8.2012 13:03:33 | Computer Name = TOMAS-E012C53FC | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
Došlo
k chybě: %2 při provádění příkazu: C:\WINDOWS\system32\igfxsrvc.exe -Embedding
< End of report >
Druhý log:
OTL logfile created on: 28.8.2012 19:02:56 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,92 Mb Total Physical Memory | 460,00 Mb Available Physical Memory | 45,37% Memory free
2,39 Gb Paging File | 1,94 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,00 Gb Free Space | 37,56% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 9,39 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Computer Name: TOMAS-E012C53FC | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.08.28 19:00:51 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012.07.20 00:46:55 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2012.06.30 12:36:26 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7M\ICQ.exe
PRC - [2012.06.06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.17 03:39:16 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
PRC - [2008.03.17 03:39:16 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
PRC - [2006.10.05 06:10:12 | 000,009,216 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2004.08.27 04:01:08 | 001,450,096 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2003.04.06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.28 16:26:22 | 001,803,776 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12082802\algo.dll
MOD - [2012.07.20 00:46:53 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2008.03.16 12:02:42 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.4\program\libxml2.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.15 23:08:08 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.07.20 00:46:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.30 12:37:01 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2006.10.05 06:10:12 | 000,009,216 | R--- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR)
SRV - [2004.08.27 10:00:20 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2003.04.07 07:32:06 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.15 10:31:23 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2012.06.27 22:53:24 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2012.03.02 16:03:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2012.03.02 16:03:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2012.03.02 16:03:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2007.07.26 13:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.06.18 12:03:32 | 000,737,280 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athr.sys -- (athr)
DRV - [2007.06.06 06:51:04 | 000,161,792 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.03.09 08:56:04 | 001,163,616 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.08.27 10:04:16 | 000,007,680 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2004.08.27 10:02:46 | 000,028,672 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.08.27 10:02:30 | 000,092,928 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.08.27 04:02:50 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes,DefaultScope = {94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}: "URL" = http://websearch.ask.com/redirect?clien ... 32A38ECECD
IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://google.sk/"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... YYYYSK&&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.23 18:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 00:46:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.06.28 16:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions
[2012.08.03 17:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions
[2012.08.03 17:44:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.07.20 00:47:39 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com
[2012.08.28 14:28:17 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\askcom.xml
[2012.08.28 14:30:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-1.xml
[2012.07.20 00:47:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-2.xml
[2012.08.28 19:00:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-3.xml
[2012.07.17 18:32:09 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin.xml
[2012.06.28 16:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.08.03 17:11:11 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.08.03 17:11:11 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF
[2012.07.20 00:46:56 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.15 02:05:40 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.15 02:05:40 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.15 02:05:40 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.15 02:05:41 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.15 02:05:41 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0\
CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\
CHR - Extension: YouTube = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.0_0\
CHR - Extension: Savings-Slider = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-21-861567501-616249376-682003330-1004..\Run: [ICQ] C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Animatrix\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Tomas\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 2548612328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2548859187 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB3C27B6-E6BE-458C-8A6D-AA8E7717324D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.27 22:04:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.08.28 14:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.28 14:02:01 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.25 23:30:11 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012.08.25 23:12:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.08.25 23:00:40 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.08.25 22:59:56 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.08.25 22:59:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.08.25 22:59:51 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.08.25 22:59:51 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.08.25 22:59:49 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.08.25 22:55:14 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.08.25 22:55:11 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.08.25 22:54:21 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.08.25 22:51:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.08.25 22:51:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.08.25 22:51:28 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012.08.25 22:51:15 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.08.25 22:51:14 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2012.08.25 22:50:58 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.08.25 22:50:17 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.08.25 22:49:53 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.08.25 22:49:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.08.25 22:47:49 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012.08.25 22:47:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012.08.25 22:45:16 | 002,194,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.08.25 22:45:15 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2012.08.25 22:45:14 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.08.25 22:45:14 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.08.25 22:44:58 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.08.25 22:44:33 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.08.25 22:44:31 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2012.08.25 22:43:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.08.25 22:43:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.08.25 22:41:25 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012.08.25 22:41:25 | 000,022,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012.08.25 22:41:22 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012.08.25 22:41:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.08.23 14:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\GHISLER
[2012.08.23 14:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\Tropico
[2012.08.23 14:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Tropico
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.08.28 19:10:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.08.28 19:09:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 19:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.28 19:05:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.28 19:01:56 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.28 19:01:56 | 000,310,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.28 19:01:56 | 000,046,394 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.08.28 19:01:56 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.28 18:59:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 18:56:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.28 18:56:38 | 1063,243,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 09:49:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.25 23:32:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.25 23:27:05 | 000,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.23 18:11:19 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.08.23 14:32:37 | 000,001,526 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.08.23 14:30:29 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Tropico.lnk
[2012.08.22 11:13:27 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.28 19:05:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.25 22:57:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.08.25 22:57:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.08.23 14:17:49 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Tropico.lnk
[2012.07.15 12:08:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.15 11:24:10 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat.temp
[2012.07.15 11:24:09 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat.temp
[2012.07.15 10:17:47 | 000,020,458 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2012.07.15 10:17:47 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2012.07.02 22:02:36 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012.06.28 17:13:16 | 000,000,389 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2012.06.28 16:52:46 | 000,001,526 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2012.06.28 16:34:27 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 16:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012.06.28 13:32:59 | 001,843,784 | ---- | C] () -- C:\WINDOWS\System32\igklg400.dll
[2012.06.28 13:32:59 | 001,399,880 | ---- | C] () -- C:\WINDOWS\System32\igklg450.dll
[2012.06.28 13:32:59 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2012.06.28 13:32:59 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2012.06.28 13:18:13 | 000,249,856 | R--- | C] () -- C:\WINDOWS\System32\igfxTMM.dll
[2012.06.28 13:18:10 | 000,910,720 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2012.06.27 23:46:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.06.27 23:44:52 | 000,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.27 23:08:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.06.27 22:54:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.06.27 22:46:38 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2012.06.27 22:06:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.06.27 22:01:39 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys
========== LOP Check ==========
[2012.06.29 11:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.06.30 12:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.07.19 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
[2012.07.19 17:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Babylon
[2012.08.19 22:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\ICQ
[2012.07.03 14:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Notepad++
[2012.07.19 17:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Search Settings
[2012.07.07 16:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Unity
[2012.08.18 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\YTD
[2012.08.26 18:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Free\Data aplikací\Search Settings
[2012.06.30 12:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2012.08.07 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Search Settings
[2012.08.28 19:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ
[2012.06.30 12:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ Search
[2012.07.03 13:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Notepad++
[2012.08.03 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Search Settings
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\wtxpcom
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YouTube Downloader
[2012.08.03 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YTD
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 19:10:04 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3gdr\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp files -> C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.06.28 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Adobe
[2012.06.28 17:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Help
[2012.07.15 10:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Hewlett-Packard
[2012.08.28 19:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ
[2012.06.30 12:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\ICQ Search
[2012.06.27 22:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Identities
[2012.06.27 22:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\InstallShield
[2012.06.28 18:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Macromedia
[2012.08.28 19:08:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
[2012.06.28 16:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla
[2012.07.03 13:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Notepad++
[2012.08.28 19:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
[2012.08.03 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Search Settings
[2012.08.28 19:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Skype
[2012.07.15 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\vlc
[2012.06.28 16:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\WinRAR
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\wtxpcom
[2012.07.20 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YouTube Downloader
[2012.08.03 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YTD
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.08.28 19:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job
[2012.08.28 18:59:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 19:09:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 19:15:27 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.06.27 23:43:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.06.27 23:43:54 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.06.27 23:43:53 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.08.25 23:27:05 | 000,112,584 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.08.28 19:01:56 | 000,046,394 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.08.28 19:01:56 | 000,040,326 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.08.28 19:01:56 | 000,310,228 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.08.28 19:01:56 | 000,311,938 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.08.28 19:01:56 | 000,714,754 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.08.25 23:15:38 | 000,005,194 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2012.08.28 09:49:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4 -- [2012.06.30 12:36:26 | 000,127,040 | ---- | M] (ICQ, LLC.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.06.05 15:23:04 | 017,344,176 | R--- | M] (Skype Technologies S.A.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.20 00:46:55 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) MD5=2339760B238226DAD9ED03F939D92323 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.28 19:05:44 | 000,000,512 | ---- | M] () MD5=AF2D825C77FE86472E3A0B4B942E86F2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.11.13 05:56:34 | 000,091,048 | R--- | M] () -- \Program Files\Ahead\NeroVision\MenuTemplates\Pictures\tenniscrack4_3.jpg
[2002.05.30 17:16:22 | 000,013,160 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2001.10.01 14:50:54 | 000,012,968 | ---- | M] () -- \Program Files\Firefly Studios\Stronghold\gm\cracks.gm1
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.07.19 17:48:48 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.07.19 17:48:48 | 000,001,753 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2012.07.19 17:48:48 | 000,000,833 | ---- | M] () -- \Documents and Settings\All Users\Plocha\YTD YouTube Downloader & Converter.lnk
[2012.07.19 17:43:09 | 001,051,624 | ---- | M] () -- \Documents and Settings\Animatrix\Dokumenty\Stažené soubory\VDownloaderInstaller.exe
[2012.08.07 09:47:05 | 000,000,381 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.08.11 10:44:47 | 000,105,903 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\3XK4UIEX\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.08.15 10:08:19 | 000,000,753 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\3XK4UIEX\AdLoader[1].htm
[2012.08.15 21:57:45 | 000,105,903 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\OXLD3811\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.08.27 12:02:20 | 000,000,753 | ---- | M] () -- \Documents and Settings\Animatrix\Local Settings\Temporary Internet Files\Content.IE5\OXLD3811\AdLoader[1].htm
[2012.08.26 18:55:20 | 000,000,381 | ---- | M] () -- \Documents and Settings\Free\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.08.07 19:01:18 | 000,000,381 | ---- | M] () -- \Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.07.19 17:49:32 | 000,000,386 | ---- | M] () -- \Documents and Settings\Tomas\Cookies\tomas@youtubedownloadersite[1].txt
[2012.07.19 19:48:00 | 000,000,001 | ---- | M] () -- \Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.08.03 17:15:49 | 000,000,381 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.1_0\loader_1036.js
[2012.07.20 00:18:26 | 000,000,652 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temp\Temporary Internet Files\Content.IE5\CBX763BD\AdLoader[1].htm
[2012.07.20 00:18:26 | 000,010,519 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temp\Temporary Internet Files\Content.IE5\RQGCLYXU\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.07.19 17:49:34 | 004,389,888 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\A2TVZUAH\youtubedownloaderToolbar[1].msi
[2012.08.19 22:11:30 | 000,105,903 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.07.17 22:04:52 | 000,010,519 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.08.28 13:58:40 | 000,000,753 | ---- | M] () -- \Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\NVPGCL3R\AdLoader[1].htm
[2004.09.07 10:30:08 | 000,086,016 | ---- | M] () -- \Program Files\Common Files\Ahead\AudioPlugins\Downloaders.dll
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2012.06.30 12:36:16 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.06.30 12:36:16 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.06.30 12:36:15 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.06.30 12:38:27 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2008.03.16 12:18:42 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\javaloader.uno.dll
[2008.03.17 02:32:32 | 000,006,381 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.py
[2008.03.16 17:17:06 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.dll
[2008.03.17 03:39:42 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.ini
[2008.03.16 17:02:52 | 000,004,064 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\classes\unoloader.jar
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:38 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.03 22:59:38 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< End of report >
Re: Spomalenie počítača a prienik do systému
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) MOD - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes,DefaultScope = {94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6} IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms} IE - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\SearchScopes\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYSK&apn_uid=d3b359f0-7088-44ef-ae6d-0763e232afaf&apn_sauid=D5BE319C-ECD1-4825-BA16-0832A38ECECD FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=FF&o=14594&locale=en_EU&apn_uid=d3b359f0-7088-44ef-ae6d-0763e232afaf&apn_ptnrs=FV&apn_sauid=D5BE319C-ECD1-4825-BA16-0832A38ECECD&apn_dtid=YYYYYYYYSK&&q=" [2012.08.03 17:44:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.07.20 00:47:39 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com [2012.08.28 14:28:17 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\askcom.xml [2012.08.28 14:30:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-1.xml [2012.07.20 00:47:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-2.xml [2012.08.28 19:00:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-3.xml [2012.07.17 18:32:09 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin.xml File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TOMAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\YOWAR21O.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM [2012.08.03 17:11:11 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2012.08.03 17:11:11 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES\YTD TOOLBAR\FF CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0\ CHR - Extension: Ask Toolbar = C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\ O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-861567501-616249376-682003330-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) [2012.07.19 17:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Babylon [2012.07.19 17:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\Search Settings [2012.08.18 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Animatrix\Data aplikací\YTD [2012.08.26 18:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Free\Data aplikací\Search Settings [2012.06.30 12:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} [2012.08.07 19:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Search Settings [2012.08.03 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Search Settings [2012.08.03 17:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\YTD [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ] [1 C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp files -> C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\*.tmp -> ] [1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ] [2012.08.28 19:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [2012.08.28 18:59:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job [2012.08.28 10:32:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job [2012.08.28 18:59:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2012.08.28 19:09:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2012.08.28 19:15:27 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job :services gupdate gupdatem Guard.Mail.ru :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Alcmtr"=- "Guard.Mail.ru.gui"=- "Adobe ARM"=- "NeroFilterCheck"=- "InCD"=- "ApnUpdater"=- ""=- "SearchSettings"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=- "ICQ"=- "Skype"=- :files C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk C:\Program Files\YTD Toolbar C:\Program Files\Common Files\Spigot C:\Program Files\Application Updater C:\Program Files\Ask.com C:\Program Files\ICQ6Toolbar %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
Neviem čo sa stalo ale systém sa nedokázal sám vypnúť po zhruba 20 minútach som ho vypol núdzovo. Tu je log:
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll moved successfully.
HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&ilc=12&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "http://websearch.ask.com/redirect?clien ... YYYYSK&&q=" removed from keyword.URL
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Jul-2012-22-47-39-GMT folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Jul-2012-22-47-37-GMT folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin.xml moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\components folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome\content folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM folder moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF folder moved successfully.
File C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0 not found.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\tb_ux folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\lib folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\content_script\hack folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\content_script folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\js folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\images folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\css folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\locales\en folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\locales folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\background folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Babylon folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD\temp folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD\res folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD\res folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD folder moved successfully.
C:\WINDOWS\000001_.tmp deleted successfully.
C:\WINDOWS\002775_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_92D03.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_92D03.tmp folder deleted successfully.
C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\fpi.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgends.tmp deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InCD deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk moved successfully.
C:\Program Files\YTD Toolbar\Res\Lang folder moved successfully.
C:\Program Files\YTD Toolbar\Res folder moved successfully.
C:\Program Files\YTD Toolbar\IE\6.2 folder moved successfully.
C:\Program Files\YTD Toolbar\IE folder moved successfully.
C:\Program Files\YTD Toolbar folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot\GC folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Animatrix
->Temp folder emptied: 47147141 bytes
->Temporary Internet Files folder emptied: 8365305 bytes
->FireFox cache emptied: 672547423 bytes
->Google Chrome cache emptied: 46553959 bytes
->Flash cache emptied: 10019 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Free
->Temp folder emptied: 587937 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6851899 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 335042 bytes
User: Mama
->Temp folder emptied: 1902081 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 152910521 bytes
->Google Chrome cache emptied: 6629559 bytes
->Flash cache emptied: 3098 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tomas
->Temp folder emptied: 86402753 bytes
->Temporary Internet Files folder emptied: 18056365 bytes
->FireFox cache emptied: 290750268 bytes
->Google Chrome cache emptied: 11351778 bytes
->Flash cache emptied: 3781 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9149549 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 15945 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 429436300 bytes
Total Files Cleaned = 1 706,00 mb
[EMPTYFLASH]
User: All Users
User: Animatrix
->Flash cache emptied: 0 bytes
User: Default User
User: Free
User: LocalService
User: Mama
->Flash cache emptied: 0 bytes
User: NetworkService
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Animatrix
User: Default User
User: Free
User: LocalService
User: Mama
User: NetworkService
User: Tomas
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08282012_195952
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-861567501-616249376-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll moved successfully.
HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94B9B6DE-CB76-4A86-AE8C-0589F8A3F8C6}\ not found.
Registry key HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E59D4133-4E54-4BFF-B84A-B392C7D30AD1}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&ilc=12&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "http://websearch.ask.com/redirect?clien ... YYYYSK&&q=" removed from keyword.URL
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Jul-2012-22-47-39-GMT folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-19-Jul-2012-22-47-37-GMT folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\searchplugins\icqplugin.xml moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\components folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome\content folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\chrome folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM folder moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\YTD TOOLBAR\FF folder moved successfully.
File C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0 not found.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\tb_ux folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\lib folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\content_script\hack folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\content_script folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\js folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\images folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin\css folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\skin folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\locales\en folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config\locales folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\config folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0\background folder moved successfully.
C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.24106_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-861567501-616249376-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Babylon folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD\temp folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD\res folder moved successfully.
C:\Documents and Settings\Animatrix\Data aplikací\YTD folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Free\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B} folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Mama\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD\temp folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD\res folder moved successfully.
C:\Documents and Settings\Tomas\Data aplikací\YTD folder moved successfully.
C:\WINDOWS\000001_.tmp deleted successfully.
C:\WINDOWS\002775_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_92D03.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_92D03.tmp folder deleted successfully.
C:\WINDOWS\Temp\{5FEAEE99-E76D-41B2-91C5-A681D0826B29}\fpi.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgends.tmp deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1342341097.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InCD deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk moved successfully.
C:\Program Files\YTD Toolbar\Res\Lang folder moved successfully.
C:\Program Files\YTD Toolbar\Res folder moved successfully.
C:\Program Files\YTD Toolbar\IE\6.2 folder moved successfully.
C:\Program Files\YTD Toolbar\IE folder moved successfully.
C:\Program Files\YTD Toolbar folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot\GC folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Animatrix
->Temp folder emptied: 47147141 bytes
->Temporary Internet Files folder emptied: 8365305 bytes
->FireFox cache emptied: 672547423 bytes
->Google Chrome cache emptied: 46553959 bytes
->Flash cache emptied: 10019 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Free
->Temp folder emptied: 587937 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6851899 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 335042 bytes
User: Mama
->Temp folder emptied: 1902081 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 152910521 bytes
->Google Chrome cache emptied: 6629559 bytes
->Flash cache emptied: 3098 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tomas
->Temp folder emptied: 86402753 bytes
->Temporary Internet Files folder emptied: 18056365 bytes
->FireFox cache emptied: 290750268 bytes
->Google Chrome cache emptied: 11351778 bytes
->Flash cache emptied: 3781 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9149549 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 15945 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 429436300 bytes
Total Files Cleaned = 1 706,00 mb
[EMPTYFLASH]
User: All Users
User: Animatrix
->Flash cache emptied: 0 bytes
User: Default User
User: Free
User: LocalService
User: Mama
->Flash cache emptied: 0 bytes
User: NetworkService
User: Tomas
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Animatrix
User: Default User
User: Free
User: LocalService
User: Mama
User: NetworkService
User: Tomas
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08282012_195952
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Spomalenie počítača a prienik do systému
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
Tu je log:
ComboFix 12-08-28.03 - Tomas 29.08.2012 17:27:48.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.664 [GMT 2:00]
Spuštěný z: c:\documents and settings\Animatrix\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Desktop_.ini
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-29 )))))))))))))))))))))))))))))))
.
.
2012-08-28 19:12 . 2012-08-28 19:12 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-28 17:59 . 2012-08-28 17:59 -------- d-----w- C:\_OTL
2012-08-28 17:08 . 2012-08-28 17:08 -------- d-----w- c:\documents and settings\Tomas\Local Settings\Data aplikací\Identities
2012-08-28 17:05 . 2012-08-28 17:05 512 ----a-w- C:\PhysicalMBR.bin
2012-08-28 12:02 . 2012-08-28 12:02 -------- d-----w- c:\program files\trend micro
2012-08-28 12:02 . 2012-08-28 12:02 -------- d-----w- C:\rsit
2012-08-26 16:53 . 2012-08-26 16:53 -------- d-----w- c:\documents and settings\Free
2012-08-25 21:30 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2012-08-25 21:12 . 2012-08-25 21:19 -------- d-----w- c:\windows\ie8updates
2012-08-25 21:00 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-08-25 20:59 . 2012-07-02 17:38 629760 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2012-08-25 20:59 . 2012-07-02 17:38 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-08-25 20:59 . 2012-07-02 17:38 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-08-25 20:59 . 2012-07-02 17:38 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-08-25 20:59 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-25 20:59 . 2012-07-02 17:38 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2012-08-25 20:59 . 2012-07-02 17:38 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-08-25 20:57 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-08-25 20:57 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-08-25 20:55 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-08-25 20:55 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-08-25 20:54 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-08-25 20:51 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-08-25 20:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-08-25 20:51 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-08-25 20:51 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-08-25 20:51 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2012-08-25 20:50 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-08-25 20:50 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2012-08-25 20:49 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2012-08-25 20:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2012-08-25 20:47 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2012-08-25 20:47 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2012-08-25 20:46 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2012-08-25 20:44 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2012-08-25 20:44 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-08-25 20:44 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2012-08-25 20:41 . 2012-06-02 13:19 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-08-25 20:41 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-08-25 20:41 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-08-25 20:41 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-08-25 20:41 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-08-23 12:32 . 2012-08-23 12:32 -------- d-----w- c:\documents and settings\Tomas\Local Settings\Data aplikací\GHISLER
2012-08-23 12:17 . 2012-08-23 12:33 -------- d-----w- c:\program files\Tropico
2012-08-19 06:37 . 2012-08-19 06:37 -------- d-sh--w- c:\documents and settings\Animatrix\IECompatCache
2012-08-18 14:37 . 2012-08-18 14:37 -------- d-sh--w- c:\documents and settings\Animatrix\PrivacIE
2012-08-08 17:25 . 2012-08-08 17:25 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\Temp
2012-08-08 17:25 . 2012-08-08 17:25 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\Adobe
2012-08-07 17:00 . 2012-08-07 17:00 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\AskToolbar
2012-08-07 16:59 . 2012-08-07 16:59 -------- d-sh--w- c:\documents and settings\Mama\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2012-06-29 09:18 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-06-29 09:18 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-06-29 09:18 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-06-29 09:18 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-06-29 09:18 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-06-29 09:18 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-06-29 09:18 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2012-06-29 09:18 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:12 . 2012-06-29 09:17 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-06-29 09:17 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-15 21:08 . 2012-06-28 16:00 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-15 21:08 . 2012-06-28 16:00 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-15 08:31 . 2012-07-15 08:31 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-06-27 20:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-28 11:32 . 2012-06-28 11:32 147456 ----a-w- c:\windows\system32\igfxCoIn_v4885.dll
2012-06-28 11:32 . 2012-06-28 11:18 170520 ----a-w- c:\windows\system32\igfxzoom.exe
2012-06-27 20:53 . 2012-06-27 20:53 315392 ----a-w- c:\windows\HideWin.exe
2012-06-27 20:53 . 2012-06-27 20:53 9715200 ----a-w- c:\windows\RTLCPL.exe
2012-06-27 20:53 . 2012-06-27 20:53 86016 ----a-w- c:\windows\SoundMan.exe
2012-06-27 20:53 . 2012-06-27 20:53 282624 ----a-w- c:\windows\system32\RTSndMgr.cpl
2012-06-27 20:53 . 2012-06-27 20:53 1826816 ----a-w- c:\windows\SkyTel.exe
2012-06-27 20:53 . 2012-06-27 20:53 1191936 ----a-w- c:\windows\RtlUpd.exe
2012-06-27 20:53 . 2012-06-27 20:53 4419584 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2012-06-27 20:53 . 2012-06-27 20:53 16342528 ----a-w- c:\windows\RTHDCPL.exe
2012-06-27 20:53 . 2012-06-27 20:53 2162688 ----a-w- c:\windows\MicCal.exe
2012-06-27 20:53 . 2012-06-27 20:53 299008 ----a-w- c:\windows\system32\ALSndMgr.cpl
2012-06-27 20:53 . 2012-06-27 20:53 2808832 ----a-w- c:\windows\alcwzrd.exe
2012-06-27 20:53 . 2012-06-27 20:53 520192 ----a-w- c:\windows\RtlExUpd.dll
2012-06-27 20:53 . 2012-06-27 20:54 49152 ----a-w- c:\windows\system32\ChCfg.exe
2012-06-05 15:49 . 2012-07-17 21:45 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:35 . 2012-06-27 20:02 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-04 15:35 . 2012-06-04 15:35 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2012-06-27 20:02 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2012-06-27 20:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2012-06-27 20:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2012-06-27 20:02 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2012-06-27 20:02 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2012-06-27 20:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-28 19:12 . 2012-06-28 14:23 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-27 16342528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Animatrix\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-3-16 393216]
.
c:\documents and settings\Tomas\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-3-16 393216]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.6.2012 11:18 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.6.2012 11:18 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.6.2012 11:18 21256]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [28.6.2012 18:35 47616]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.6.2012 15:17 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [28.6.2012 18:00 250056]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [28.6.2012 16:23 114144]
.
.
------- Doplňkový sken -------
.
uStart Page =
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.sk/
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-29 17:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-08-29 17:38:35
ComboFix-quarantined-files.txt 2012-08-29 15:38
.
Před spuštěním: Volných bajtů: 12 309 352 448
Po spuštění: Volných bajtů: 12 321 304 576
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 855189F3A7B66A851F01E662D3EB2F2C
ComboFix 12-08-28.03 - Tomas 29.08.2012 17:27:48.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.664 [GMT 2:00]
Spuštěný z: c:\documents and settings\Animatrix\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Desktop_.ini
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-29 )))))))))))))))))))))))))))))))
.
.
2012-08-28 19:12 . 2012-08-28 19:12 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-28 17:59 . 2012-08-28 17:59 -------- d-----w- C:\_OTL
2012-08-28 17:08 . 2012-08-28 17:08 -------- d-----w- c:\documents and settings\Tomas\Local Settings\Data aplikací\Identities
2012-08-28 17:05 . 2012-08-28 17:05 512 ----a-w- C:\PhysicalMBR.bin
2012-08-28 12:02 . 2012-08-28 12:02 -------- d-----w- c:\program files\trend micro
2012-08-28 12:02 . 2012-08-28 12:02 -------- d-----w- C:\rsit
2012-08-26 16:53 . 2012-08-26 16:53 -------- d-----w- c:\documents and settings\Free
2012-08-25 21:30 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2012-08-25 21:12 . 2012-08-25 21:19 -------- d-----w- c:\windows\ie8updates
2012-08-25 21:00 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-08-25 20:59 . 2012-07-02 17:38 629760 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2012-08-25 20:59 . 2012-07-02 17:38 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-08-25 20:59 . 2012-07-02 17:38 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-08-25 20:59 . 2012-07-02 17:38 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-08-25 20:59 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-25 20:59 . 2012-07-02 17:38 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2012-08-25 20:59 . 2012-07-02 17:38 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-08-25 20:57 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-08-25 20:57 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-08-25 20:55 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-08-25 20:55 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-08-25 20:54 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-08-25 20:51 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-08-25 20:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-08-25 20:51 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-08-25 20:51 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-08-25 20:51 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2012-08-25 20:50 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-08-25 20:50 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2012-08-25 20:49 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2012-08-25 20:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2012-08-25 20:47 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2012-08-25 20:47 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2012-08-25 20:46 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2012-08-25 20:44 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2012-08-25 20:44 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-08-25 20:44 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2012-08-25 20:41 . 2012-06-02 13:19 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-08-25 20:41 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-08-25 20:41 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-08-25 20:41 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-08-25 20:41 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-08-23 12:32 . 2012-08-23 12:32 -------- d-----w- c:\documents and settings\Tomas\Local Settings\Data aplikací\GHISLER
2012-08-23 12:17 . 2012-08-23 12:33 -------- d-----w- c:\program files\Tropico
2012-08-19 06:37 . 2012-08-19 06:37 -------- d-sh--w- c:\documents and settings\Animatrix\IECompatCache
2012-08-18 14:37 . 2012-08-18 14:37 -------- d-sh--w- c:\documents and settings\Animatrix\PrivacIE
2012-08-08 17:25 . 2012-08-08 17:25 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\Temp
2012-08-08 17:25 . 2012-08-08 17:25 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\Adobe
2012-08-07 17:00 . 2012-08-07 17:00 -------- d-----w- c:\documents and settings\Mama\Local Settings\Data aplikací\AskToolbar
2012-08-07 16:59 . 2012-08-07 16:59 -------- d-sh--w- c:\documents and settings\Mama\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2012-06-29 09:18 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-06-29 09:18 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-06-29 09:18 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-06-29 09:18 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-06-29 09:18 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-06-29 09:18 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-06-29 09:18 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2012-06-29 09:18 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:12 . 2012-06-29 09:17 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-06-29 09:17 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-15 21:08 . 2012-06-28 16:00 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-15 21:08 . 2012-06-28 16:00 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-15 08:31 . 2012-07-15 08:31 82380 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2012-06-27 20:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-28 11:32 . 2012-06-28 11:32 147456 ----a-w- c:\windows\system32\igfxCoIn_v4885.dll
2012-06-28 11:32 . 2012-06-28 11:18 170520 ----a-w- c:\windows\system32\igfxzoom.exe
2012-06-27 20:53 . 2012-06-27 20:53 315392 ----a-w- c:\windows\HideWin.exe
2012-06-27 20:53 . 2012-06-27 20:53 9715200 ----a-w- c:\windows\RTLCPL.exe
2012-06-27 20:53 . 2012-06-27 20:53 86016 ----a-w- c:\windows\SoundMan.exe
2012-06-27 20:53 . 2012-06-27 20:53 282624 ----a-w- c:\windows\system32\RTSndMgr.cpl
2012-06-27 20:53 . 2012-06-27 20:53 1826816 ----a-w- c:\windows\SkyTel.exe
2012-06-27 20:53 . 2012-06-27 20:53 1191936 ----a-w- c:\windows\RtlUpd.exe
2012-06-27 20:53 . 2012-06-27 20:53 4419584 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2012-06-27 20:53 . 2012-06-27 20:53 16342528 ----a-w- c:\windows\RTHDCPL.exe
2012-06-27 20:53 . 2012-06-27 20:53 2162688 ----a-w- c:\windows\MicCal.exe
2012-06-27 20:53 . 2012-06-27 20:53 299008 ----a-w- c:\windows\system32\ALSndMgr.cpl
2012-06-27 20:53 . 2012-06-27 20:53 2808832 ----a-w- c:\windows\alcwzrd.exe
2012-06-27 20:53 . 2012-06-27 20:53 520192 ----a-w- c:\windows\RtlExUpd.dll
2012-06-27 20:53 . 2012-06-27 20:54 49152 ----a-w- c:\windows\system32\ChCfg.exe
2012-06-05 15:49 . 2012-07-17 21:45 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:35 . 2012-06-27 20:02 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-04 15:35 . 2012-06-04 15:35 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2012-06-27 20:02 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2012-06-27 20:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2012-06-27 20:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2012-06-27 20:02 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2012-06-27 20:02 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2012-06-27 20:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-28 19:12 . 2012-06-28 14:23 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-27 16342528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Animatrix\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-3-16 393216]
.
c:\documents and settings\Tomas\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-3-16 393216]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.6.2012 11:18 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.6.2012 11:18 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.6.2012 11:18 21256]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [28.6.2012 18:35 47616]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.6.2012 15:17 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [28.6.2012 18:00 250056]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [28.6.2012 16:23 114144]
.
.
------- Doplňkový sken -------
.
uStart Page =
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\yowar21o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.sk/
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-29 17:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-08-29 17:38:35
ComboFix-quarantined-files.txt 2012-08-29 15:38
.
Před spuštěním: Volných bajtů: 12 309 352 448
Po spuštění: Volných bajtů: 12 321 304 576
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 855189F3A7B66A851F01E662D3EB2F2C
Re: Spomalenie počítača a prienik do systému
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
V podstate normálne iba občas sa nejaké programy zaseknú. Z niektorými sa vôbec nedá pracovať asi ich budem musieť reinštalovať. Neviem či ešte mám vír alebo sú programy iba poškodené. A ešte by som sa chcel opýtať na nejaký zaručený spôsob odhaľovania vírov v odt. dokumentoch. A ako zabezpečiť pc proti hackerom? Vraj sa môžu dostať do systému i cez skype dá sa nejako táto diera zaplátať?
Re: Spomalenie počítača a prienik do systému
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
Zaruceny zpusob odhalovani malware neexistuje. Co se tyce zabezpeceni, dulezity je antivir a firewall ale nejdulzeitejsi je rozum = neklikat na kdejakou blikajici a skakajici blbinu, nenavstevovat temna zakouti webu (porno, cracky atd), nestahovat nezname soubory (napr. pres skype)"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
Zase som systém musel vypnúť núdzovo lebo systém sa nedokázal vypnúť sám. Skočila iba modrá obrazovka systém windows sa vypína a tá svietila asi 30 min. Po tomto čase ma prešla trpezlivosť a notebook som vypol ručne. Antimalavare hodil iba toto:
Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org
Verzia databázy: v2012.08.30.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tomas :: TOMAS-E012C53FC [administrátor]
Ochrana: Zapnuté
30.8.2012 13:22:40
mbam-log-2012-08-30 (13-22-40).txt
Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 296186
Uplynutý čas: 59 min, 54 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org
Verzia databázy: v2012.08.30.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tomas :: TOMAS-E012C53FC [administrátor]
Ochrana: Zapnuté
30.8.2012 13:22:40
mbam-log-2012-08-30 (13-22-40).txt
Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 296186
Uplynutý čas: 59 min, 54 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 0
(Škodlivé položky neboli zistené)
(koniec)
Re: Spomalenie počítača a prienik do systému
Na havet vypada PC cisty
Problemy s vypinanim se opakuji
Problemy s vypinanim se opakuji
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
Normálne nie iba ak zapnem nejaký program,ktorý som tu stiahol na odvírenie. Tie ktoré potrebujú reštart,vždy nejde vypnúť notebook a ja neviem prečo. Pred chvíľou Program Anti-Malavare našiel dva malavare v mojom pc:
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.31.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Animatrix :: TOMAS-E012C53FC [limited]
Protection: Enabled
31.8.2012 10:01:45
mbam-log-2012-08-31 (10-06-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 143157
Time elapsed: 3 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.
Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 9a15afbfa67edae99f7cf91f1617c144 -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.31.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Animatrix :: TOMAS-E012C53FC [limited]
Protection: Enabled
31.8.2012 10:01:45
mbam-log-2012-08-31 (10-06-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 143157
Time elapsed: 3 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.
Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 9a15afbfa67edae99f7cf91f1617c144 -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Re: Spomalenie počítača a prienik do systému
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Spomalenie počítača a prienik do systému
A niečo rýchlejšie? 6 hodín skenu je priveľa. Nedá sa to urýchliť? Rýchli test prebehol za 3 min. Bohužiaľ nastavenia podľa návodu sken trvá 6 hodín.
Přispějete na provoz fóra?