Prosím o kontrolu počítač dělá neplechu
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kuba at 2010-06-26 20:14:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 285 GB (61%) free of 467 GB
Total RAM: 3327 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:42, on 26.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\vVX1000.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\QIP\qip.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\RSIT.exe
D:\Program Files\trend micro\Kuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] D:\WINDOWS\vVX1000.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5478 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-07-14 570664]
"VX1000"=D:\WINDOWS\vVX1000.exe [2006-12-06 707360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Garena\Garena.exe"="C:\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\QIP\qip.exe"="D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe"="D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Hry\Left4Dead\hl2.exe"="D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Hry\Left4Dead\left4dead.exe"="D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong"
"C:\torrent\uTorrent.exe"="C:\torrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe"="D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe"="D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe"="D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe"="D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"D:\Program Files\Hry\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="D:\Program Files\Hry\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"D:\Program Files\Hry\CaQ 4\Data\CNC4.game"="D:\Program Files\Hry\CaQ 4\Data\CNC4.game:*:Enabled:Command & Conquer™ 4"
"D:\Program Files\Hry\CoD\CoDMP.exe"="D:\Program Files\Hry\CoD\CoDMP.exe:*:Enabled:CoDMP"
"D:\Program Files\Hry\Call of Duty(R) 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Hry\Call of Duty(R) 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Program Files\Hry\Tomy clancys\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe"="D:\Program Files\Hry\Tomy clancys\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:conviction_game"
"D:\Program Files\Hry\left4dead\Steam.exe"="D:\Program Files\Hry\left4dead\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Hry\Left 4 Dead 2\left4dead2.exe"="D:\Program Files\Hry\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2"
"D:\Program Files\Hry\Heroes over europe\heroes2.exe"="D:\Program Files\Hry\Heroes over europe\heroes2.exe:*:Disabled:Heroes Over Europe"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\Program Files\Hry\blur\Blur.exe"="D:\Program Files\Hry\blur\Blur.exe:*:Enabled:Blur"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-06-22 17:20:04 ----D---- D:\Documents and Settings\Kuba\Data aplikací\bizarre creations
2010-06-20 21:39:26 ----A---- D:\WINDOWS\system32\XAudio2_7.dll
2010-06-20 21:39:26 ----A---- D:\WINDOWS\system32\XAPOFX1_5.dll
2010-06-20 21:39:25 ----A---- D:\WINDOWS\system32\xactengine3_7.dll
2010-06-20 21:39:25 ----A---- D:\WINDOWS\system32\D3DCompiler_43.dll
2010-06-20 21:39:24 ----A---- D:\WINDOWS\system32\d3dcsx_43.dll
2010-06-20 21:39:23 ----A---- D:\WINDOWS\system32\d3dx11_43.dll
2010-06-20 21:39:23 ----A---- D:\WINDOWS\system32\d3dx10_43.dll
2010-06-20 21:39:21 ----A---- D:\WINDOWS\system32\D3DX9_43.dll
2010-06-17 15:57:25 ----D---- D:\Documents and Settings\Kuba\Data aplikací\Mount&Blade Warband
2010-06-12 15:09:24 ----A---- D:\WINDOWS\game.ini
2010-06-10 19:23:17 ----D---- D:\Documents and Settings\Kuba\Data aplikací\Ubisoft
======List of files/folders modified in the last 1 months======
2010-06-26 20:14:42 ----D---- D:\WINDOWS\Temp
2010-06-26 20:14:42 ----D---- D:\Program Files\trend micro
2010-06-26 20:12:13 ----D---- D:\Program Files\Mozilla Firefox
2010-06-26 20:12:10 ----D---- D:\WINDOWS\Prefetch
2010-06-26 19:58:11 ----SD---- D:\WINDOWS\Tasks
2010-06-26 19:57:45 ----A---- D:\WINDOWS\NeroDigital.ini
2010-06-26 19:57:42 ----D---- D:\Documents and Settings\Kuba\Data aplikací\vlc
2010-06-26 19:05:19 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
2010-06-26 18:40:57 ----D---- D:\WINDOWS\system32
2010-06-26 18:40:57 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-06-26 18:36:43 ----D---- D:\WINDOWS
2010-06-26 16:33:52 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-06-26 11:24:36 ----D---- D:\Documents and Settings\Kuba\Data aplikací\dvdcss
2010-06-22 21:35:27 ----D---- D:\WINDOWS\system32\CatRoot2
2010-06-22 18:51:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
2010-06-22 16:37:03 ----D---- D:\WINDOWS\system32\DirectX
2010-06-22 16:37:02 ----HD---- D:\WINDOWS\inf
2010-06-22 16:36:41 ----RSD---- D:\WINDOWS\assembly
2010-06-22 16:36:19 ----SHD---- D:\WINDOWS\Installer
2010-06-22 16:36:18 ----D---- D:\WINDOWS\WinSxS
2010-06-22 16:36:11 ----HD---- D:\Program Files\InstallShield Installation Information
2010-06-22 16:29:44 ----D---- D:\Program Files\Hry
2010-06-22 16:28:09 ----RD---- D:\Program Files
2010-06-20 21:39:17 ----HD---- D:\WINDOWS\msdownld.tmp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AsIO;AsIO; D:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; D:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aujpxt5z;aujpxt5z; D:\WINDOWS\system32\drivers\aujpxt5z.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 FsUsbExDisk;FsUsbExDisk; \??\D:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GarenaPEngine;GarenaPEngine; \??\D:\WINDOWS\TEMP\BHL201.tmp []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); D:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); D:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; D:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VX1000;VX-1000; D:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-08-08 38528]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-07-30 73728]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2010-04-26 75064]
R2 PnkBstrB;PnkBstrB; D:\WINDOWS\system32\PnkBstrB.exe [2010-06-26 219128]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1181328]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivka
Zdravim a pekne nedelni rano preji 
Doporucuji odinstalovat Ad-Aware - program jiz neni aktualizovan a je zcela zbytecny tudiz
Jak se ta neplecha projevuje 
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Doporucuji odinstalovat Ad-Aware - program jiz neni aktualizovan a je zcela zbytecny tudiz Jak se ta neplecha projevuje Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys autochk.exe /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka
Taky přeju hezký den.....vážně je adware na nic?vzdycky kdyz sem nechal scanovat pocitac nasel nejaky cookies a malware......a problemy s pc : poslední dobou trochu pomalejší internet a když mám třeba zaplé dva programy na jednou tak se kompletně sekne počítač ale to jen zřídka ale i tak....a ten program OTL nefunguje,,asi po minutě se scan sekne na jednom souboru a už to nejede dal:(
Re: preventivka
Ano najde, neco v databazi ma, ale ta jiz neni aktualizovana, takze novinky neodhali. Na obcasne skenovani na havet muzete pouzit
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
- Samozrejme pouzivejte jen jeden z nich
Spustte OTL bez skriptu - jste dalsim userem kde to nefunguje 
urugujem u vyrobce zjisteni priciny"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka
jen jeden log to vyhodilo...ale maler,rano kdyz sem to skenoval a neslo to jsem pak hodil pc do usporneho rezimu a ted kdyz sem ho zapl mam vsude po slozkach roztahane nejake soubory a kdyz je chci odstranit pise mi to ze jsou to systemove soubory u kterych kdyz je odstranim prestanou pracovat nejake programy,pritom to jsou soubory jako obrazek nejakeho alba atd..?...tady je ten log
OTL logfile created on: 27.6.2010 16:19:01 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,63 Gb Free Space | 98,70% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 277,81 Gb Free Space | 60,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.27 08:22:46 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.06.24 15:37:16 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.13 12:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- D:\Program Files\QIP\qip.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.12.06 01:38:57 | 000,707,360 | R--- | M] (Microsoft Corporation) -- D:\WINDOWS\vVX1000.exe
========== Modules (SafeList) ==========
MOD - [2010.06.27 08:22:46 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010.02.03 19:36:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.04.29 05:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.01 13:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.11.25 10:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.09.23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.08.08 18:08:10 | 000,143,360 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.04.14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.06 01:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = About:Blank
IE - HKU\S-1-5-21-2000478354-616249376-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.06.24 15:37:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.06.24 15:37:22 | 000,000,000 | ---D | M]
[2010.01.19 16:24:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Extensions
[2010.06.26 09:22:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.01.19 20:53:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.04 22:45:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\battlefieldheroespatcher@ea.com
[2010.01.24 16:15:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\DTToolbar@toolbarnet.com
[2010.02.03 19:36:47 | 000,002,059 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\daemon-search.xml
[2010.01.19 16:21:52 | 000,002,061 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qipsearch.xml
[2010.06.27 08:07:02 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010.04.04 07:56:49 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.04 07:56:49 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.04 07:56:49 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.04 07:56:49 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.04 07:56:49 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.01.29 15:55:38 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX1000] D:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.18 22:34:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 7 Days ==========
[2010.06.26 09:47:14 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Kuba\Recent
[2010.06.22 17:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Data aplikací\bizarre creations
[2010.06.20 21:39:26 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAudio2_7.dll
[2010.06.20 21:39:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAPOFX1_5.dll
[2010.06.20 21:39:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DCompiler_43.dll
[2010.06.20 21:39:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xactengine3_7.dll
[2010.06.20 21:39:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dcsx_43.dll
[2010.06.20 21:39:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx10_43.dll
[2010.06.20 21:39:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx11_43.dll
[2010.06.20 21:39:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DX9_43.dll
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.06.27 16:18:32 | 005,242,880 | -H-- | M] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.06.27 08:10:26 | 001,020,324 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.27 08:10:26 | 000,432,492 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.06.27 08:10:26 | 000,429,024 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.06.27 08:10:26 | 000,078,052 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.06.27 08:10:26 | 000,067,448 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.06.27 08:06:55 | 000,000,256 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010.06.27 08:06:12 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.06.27 08:06:07 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.06.27 08:06:06 | 000,167,952 | ---- | M] () -- D:\WINDOWS\System32\ativvaxx.cap
[2010.06.27 08:05:25 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.06.27 08:05:23 | 003,746,412 | -H-- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\IconCache.db
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.06.27 08:00:56 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010.06.26 22:22:36 | 000,219,128 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.26 22:20:47 | 000,138,592 | ---- | M] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.26 19:57:45 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010.06.26 19:52:11 | 000,071,168 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.26 09:47:28 | 000,002,332 | ---- | M] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100626_094727.reg
[2010.06.25 19:09:42 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.06.22 21:01:30 | 000,010,858 | ---- | M] () -- D:\Documents and Settings\Kuba\Plocha\Filmy.docx
[2010.06.22 16:36:21 | 000,001,552 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Blur(TM).lnk
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.26 09:47:28 | 000,002,332 | ---- | C] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100626_094727.reg
[2010.06.22 16:36:21 | 000,001,552 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Blur(TM).lnk
[2010.06.12 15:09:24 | 000,000,300 | ---- | C] () -- D:\WINDOWS\game.ini
[2010.05.10 17:37:13 | 000,110,592 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.05.10 17:37:13 | 000,036,608 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.02.21 13:27:24 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\vbzlib1.dll
[2010.01.31 17:04:20 | 000,691,696 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys
[2010.01.23 14:29:01 | 000,015,498 | R--- | C] () -- D:\WINDOWS\VX1000.ini
[2010.01.22 19:02:20 | 000,138,592 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.01.19 20:51:39 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2010.01.19 00:05:02 | 000,024,576 | R--- | C] () -- D:\WINDOWS\System32\AsIO.dll
[2010.01.19 00:05:02 | 000,012,400 | R--- | C] () -- D:\WINDOWS\System32\drivers\AsIO.sys
[2010.01.18 23:51:02 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.18 23:50:50 | 000,028,545 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010.01.18 23:50:50 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.18 23:46:14 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- D:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelFrench.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- D:\WINDOWS\System32\drivers\StarOpen.sys
========== LOP Check ==========
[2010.03.28 12:45:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.01.24 16:15:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.19 16:38:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.05.10 17:39:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.01.31 17:19:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.05.20 17:16:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2010.06.22 17:20:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\bizarre creations
[2010.04.18 16:22:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Command and Conquer 4
[2010.01.24 16:20:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\DAEMON Tools Lite
[2010.04.21 15:06:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Gearbox Software
[2010.01.21 22:06:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\gnupg
[2010.04.22 19:44:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\iScreensaver
[2010.05.15 12:41:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Leadertech
[2010.06.17 16:50:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mount&Blade Warband
[2010.05.10 17:39:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\PC Suite
[2010.05.19 18:12:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Samsung
[2010.04.25 13:53:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\The Creative Assembly
[2010.06.10 21:04:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Ubisoft
[2010.06.22 18:51:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
[2010.06.27 08:00:56 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.06.27 08:06:55 | 000,000,256 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
OTL logfile created on: 27.6.2010 16:19:01 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,63 Gb Free Space | 98,70% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 277,81 Gb Free Space | 60,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.27 08:22:46 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.06.24 15:37:16 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.13 12:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- D:\Program Files\QIP\qip.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.12.06 01:38:57 | 000,707,360 | R--- | M] (Microsoft Corporation) -- D:\WINDOWS\vVX1000.exe
========== Modules (SafeList) ==========
MOD - [2010.06.27 08:22:46 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010.02.03 19:36:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.04.29 05:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.01 13:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.11.25 10:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.09.23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.08.08 18:08:10 | 000,143,360 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.04.14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.06 01:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = About:Blank
IE - HKU\S-1-5-21-2000478354-616249376-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.06.24 15:37:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.06.24 15:37:22 | 000,000,000 | ---D | M]
[2010.01.19 16:24:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Extensions
[2010.06.26 09:22:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.01.19 20:53:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.04 22:45:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\battlefieldheroespatcher@ea.com
[2010.01.24 16:15:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\DTToolbar@toolbarnet.com
[2010.02.03 19:36:47 | 000,002,059 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\daemon-search.xml
[2010.01.19 16:21:52 | 000,002,061 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qipsearch.xml
[2010.06.27 08:07:02 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010.04.04 07:56:49 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.04 07:56:49 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.04 07:56:49 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.04 07:56:49 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.04 07:56:49 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.01.29 15:55:38 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX1000] D:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-616249376-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.18 22:34:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 7 Days ==========
[2010.06.26 09:47:14 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Kuba\Recent
[2010.06.22 17:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Data aplikací\bizarre creations
[2010.06.20 21:39:26 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAudio2_7.dll
[2010.06.20 21:39:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAPOFX1_5.dll
[2010.06.20 21:39:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DCompiler_43.dll
[2010.06.20 21:39:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xactengine3_7.dll
[2010.06.20 21:39:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dcsx_43.dll
[2010.06.20 21:39:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx10_43.dll
[2010.06.20 21:39:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx11_43.dll
[2010.06.20 21:39:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DX9_43.dll
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.06.27 16:18:32 | 005,242,880 | -H-- | M] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.06.27 08:10:26 | 001,020,324 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.27 08:10:26 | 000,432,492 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.06.27 08:10:26 | 000,429,024 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.06.27 08:10:26 | 000,078,052 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.06.27 08:10:26 | 000,067,448 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.06.27 08:06:55 | 000,000,256 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010.06.27 08:06:12 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.06.27 08:06:07 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.06.27 08:06:06 | 000,167,952 | ---- | M] () -- D:\WINDOWS\System32\ativvaxx.cap
[2010.06.27 08:05:25 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.06.27 08:05:23 | 003,746,412 | -H-- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\IconCache.db
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.06.27 08:00:56 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010.06.26 22:22:36 | 000,219,128 | ---- | M] () -- D:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.26 22:20:47 | 000,138,592 | ---- | M] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.26 19:57:45 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010.06.26 19:52:11 | 000,071,168 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.26 09:47:28 | 000,002,332 | ---- | M] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100626_094727.reg
[2010.06.25 19:09:42 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.06.22 21:01:30 | 000,010,858 | ---- | M] () -- D:\Documents and Settings\Kuba\Plocha\Filmy.docx
[2010.06.22 16:36:21 | 000,001,552 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Blur(TM).lnk
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.26 09:47:28 | 000,002,332 | ---- | C] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100626_094727.reg
[2010.06.22 16:36:21 | 000,001,552 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Blur(TM).lnk
[2010.06.12 15:09:24 | 000,000,300 | ---- | C] () -- D:\WINDOWS\game.ini
[2010.05.10 17:37:13 | 000,110,592 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.05.10 17:37:13 | 000,036,608 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.02.21 13:27:24 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\vbzlib1.dll
[2010.01.31 17:04:20 | 000,691,696 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys
[2010.01.23 14:29:01 | 000,015,498 | R--- | C] () -- D:\WINDOWS\VX1000.ini
[2010.01.22 19:02:20 | 000,138,592 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.01.19 20:51:39 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2010.01.19 00:05:02 | 000,024,576 | R--- | C] () -- D:\WINDOWS\System32\AsIO.dll
[2010.01.19 00:05:02 | 000,012,400 | R--- | C] () -- D:\WINDOWS\System32\drivers\AsIO.sys
[2010.01.18 23:51:02 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.18 23:50:50 | 000,028,545 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010.01.18 23:50:50 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.18 23:46:14 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- D:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelFrench.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- D:\WINDOWS\System32\drivers\StarOpen.sys
========== LOP Check ==========
[2010.03.28 12:45:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.01.24 16:15:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.19 16:38:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.05.10 17:39:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.01.31 17:19:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.05.20 17:16:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2010.06.22 17:20:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\bizarre creations
[2010.04.18 16:22:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Command and Conquer 4
[2010.01.24 16:20:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\DAEMON Tools Lite
[2010.04.21 15:06:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Gearbox Software
[2010.01.21 22:06:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\gnupg
[2010.04.22 19:44:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\iScreensaver
[2010.05.15 12:41:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Leadertech
[2010.06.17 16:50:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mount&Blade Warband
[2010.05.10 17:39:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\PC Suite
[2010.05.19 18:12:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Samsung
[2010.04.25 13:53:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\The Creative Assembly
[2010.06.10 21:04:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Ubisoft
[2010.06.22 18:51:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
[2010.06.27 08:00:56 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.06.27 08:06:55 | 000,000,256 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
< End of report >
Re: preventivka
Problem co popisujete, zrejme vim o co se jedna. Ty ikony jsou takove jakoby zasedle (podobne jako kdyz date prikaz "vyjmout"), ze? jsou to skryte soubory - otl je obcas odkryje. Dejte nastroje-moznosti slozky-zobrazeni-nezobrazovat skryte soubory a slozky Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found [3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ] [2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.06.27 08:00:58 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010.06.27 08:00:57 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010.06.27 08:00:56 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010.06.27 08:06:55 | 000,000,256 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job :files C:\WINDOWS\system32\*.tmp.dll /s C:\WINDOWS\system32\SET*.tmp /s C:\WINDOWS\*.tmp /s :commands [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka
už se to schovalo jen nechápu že nějaký obrázek muže být softwarový soubor který když smažu udělá v počítači nepořádek....tady je ten log
All processes killed
========== OTL ==========
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Prefs.js: battlefieldheroespatcher@ea.com:4.0.36.0 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems
Prefs.js: battlefieldheroespatcher@ea.com:4.0.36.0 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
D:\WINDOWS\506DDFBE983F4BC384B865F423B2D798.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\506DDFBE983F4BC384B865F423B2D798.TMP folder deleted successfully.
D:\WINDOWS\74224F8D4A1748169EDB7BB854DE532C.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\74224F8D4A1748169EDB7BB854DE532C.TMP folder deleted successfully.
D:\WINDOWS\msdownld.tmp folder deleted successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job moved successfully.
D:\WINDOWS\Tasks\WGASetup.job moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 699490 bytes
->FireFox cache emptied: 68200210 bytes
->Flash cache emptied: 2819 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97696 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3120078712 bytes
Total Files Cleaned = 3 042,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kuba
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.7.0 log created on 06282010_070553
Files\Folders moved on Reboot...
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
D:\WINDOWS\temp\Perflib_Perfdata_5a4.dat moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Prefs.js: battlefieldheroespatcher@ea.com:4.0.36.0 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems
Prefs.js: battlefieldheroespatcher@ea.com:4.0.36.0 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
D:\WINDOWS\506DDFBE983F4BC384B865F423B2D798.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\506DDFBE983F4BC384B865F423B2D798.TMP folder deleted successfully.
D:\WINDOWS\74224F8D4A1748169EDB7BB854DE532C.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\74224F8D4A1748169EDB7BB854DE532C.TMP folder deleted successfully.
D:\WINDOWS\msdownld.tmp folder deleted successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job moved successfully.
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job moved successfully.
D:\WINDOWS\Tasks\WGASetup.job moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 699490 bytes
->FireFox cache emptied: 68200210 bytes
->Flash cache emptied: 2819 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97696 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3120078712 bytes
Total Files Cleaned = 3 042,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kuba
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.7.0 log created on 06282010_070553
Files\Folders moved on Reboot...
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
D:\WINDOWS\temp\Perflib_Perfdata_5a4.dat moved successfully.
Registry entries deleted on Reboot...
Re: preventivka
taky netusim, ale pokud to neni nejaka velka svina (par giga) tak radeji nemazat Co skript pocitac, jak se ted chova "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka
ještě se koukám na ty ochrany počítače co ste mi doporučil místo ad aware...ten superAntispyware ve free verzi mi teda neodstraní ty "šmejdstva" z počítače?pouze je analyzuje?
Re: preventivka
skript počítač? ted moc nechápu
Re: preventivka
ad skript - myslel jsem jak se chova PC po oprave co jsme udelali skriptem otl ad SAS - ve free verzi jej lze pouzit jako skener (analyzuje, smaze) nema ochranu v realnem case..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: preventivka
Zatim to vypada v pohode to sekani pocitace bylo fakt jen obcasny ale i tak to trosku prida na starosti o pocitac kdyby byl zas nejaky problem urcite napisu moc dekuju az pomoc a preju hezky den
moc dekuju az pomoc a preju hezky denRe: preventivka
Jeste mi neutikejte, ceka nas uklid a zaverecna kontrola Sekani muze byt zpusobeno i velkym horkem - hlavne grafika a proceor nemaji teplo rady TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Poprosim o novy log ze RSITu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?