Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivka-zpomaleny pc

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
amater
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 02 čer 2012 12:03

Re: preventivka-zpomaleny pc

#16 Příspěvek od amater »

predpokladám že je to v poriadku ale to je len názor amatera :D
Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17. 7. 2012 20:53:58
mbam-log-2012-07-17 (20-53-57).txt

Typ: Úplná kontrola (A:\|C:\|D:\|E:\|F:\|G:\|I:\|)
Kontrolované objekty: 377920
Uplynulý čas: 1 hodin, 57 minut, 44 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka-zpomaleny pc

#17 Příspěvek od Márty84 »

No, po dukladnem zhodnoceni bych rekl, ze tento log je opravdu v poradku :lol:


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
amater
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 02 čer 2012 12:03

Re: preventivka-zpomaleny pc

#18 Příspěvek od amater »

otl.txt:

OTL logfile created on: 18. 7. 2012 15:38:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

503,48 Mb Total Physical Memory | 194,43 Mb Available Physical Memory | 38,62% Memory free
1,20 Gb Paging File | 0,90 Gb Available in Paging File | 74,68% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 9,01 Gb Free Space | 12,10% Space Free | Partition Type: NTFS

Computer Name: KAFRIK-171A8F5B | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.18 15:36:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.05.21 16:30:02 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.01.24 12:26:50 | 002,750,976 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004.11.02 15:53:06 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


========== Modules (No Company Name) ==========

MOD - [2012.07.17 21:34:52 | 001,783,808 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12071701\algo.dll
MOD - [2012.06.13 22:21:44 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_762d670e\system.drawing.dll
MOD - [2012.06.13 22:21:16 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_41065eb3\system.windows.forms.dll
MOD - [2012.06.13 22:20:34 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.06.12 14:38:16 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2012.06.12 14:38:16 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2012.05.21 16:30:00 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.04.04 07:54:08 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
MOD - [2012.01.13 12:27:15 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_dda46748\mscorlib.dll
MOD - [2012.01.13 12:26:28 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_b3d283e1\system.xml.dll
MOD - [2012.01.13 12:25:27 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_d602f8d7\system.dll
MOD - [2012.01.13 12:24:47 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.01.13 12:24:06 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010.03.13 12:35:42 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.03.11 16:27:15 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2010.03.11 16:27:15 | 000,007,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2010.03.11 16:27:10 | 000,798,720 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2010.03.11 16:27:10 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll
MOD - [2010.03.11 16:27:06 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2010.03.11 16:26:16 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2010.03.11 16:26:14 | 000,049,152 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2010.03.11 16:26:10 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2010.03.11 16:26:09 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.89__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2010.03.11 16:26:09 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2010.03.11 16:26:09 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.89__9cf889f53ea9b907\lead.drawing.dll
MOD - [2010.03.11 16:26:09 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.89__9cf889f53ea9b907\lead.dll
MOD - [2010.03.11 16:26:09 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2010.03.11 16:26:09 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2010.03.11 16:26:09 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2010.03.11 16:26:08 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2010.03.11 16:26:08 | 000,167,936 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2010.03.11 16:26:08 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2010.03.11 16:26:08 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2010.03.11 16:26:08 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2010.03.11 16:26:08 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2010.03.11 16:26:08 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2010.03.11 16:26:08 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2010.03.11 16:26:08 | 000,007,168 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2010.03.11 16:24:16 | 000,073,728 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2010.03.11 16:24:16 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2010.03.11 16:24:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2010.03.11 16:24:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpdarc\1.0.0.0__19565c63d39c2842\interop.hpdarc.dll
MOD - [2010.03.11 16:24:16 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2010.03.11 16:24:15 | 000,475,136 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2010.03.11 16:24:15 | 000,196,608 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2010.03.11 16:24:15 | 000,184,320 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqccrsc.resources.dll
MOD - [2010.03.11 16:24:15 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2010.03.11 16:24:15 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcmctl.resources.dll
MOD - [2010.03.11 16:22:19 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.11 16:21:11 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.05.21 16:30:03 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2007.12.10 14:59:04 | 000,353,280 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.06.02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.10.13 10:16:36 | 000,081,664 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.01.21 19:22:36 | 002,352,064 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... C84B8AB5BA&
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}: "URL" = http://eis.esnips.com/page/search_provi ... earchTerms}
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2077543
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {B7D3E479-CC68-42B5-A338-938ECE35F419}:2.0.0.66311
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... n_dtid=&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\support@vdownloader.com: C:\Program Files\VDownloader\Addons\FireFox [2011.07.14 15:23:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.05 22:33:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.12 20:38:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 17:02:08 | 000,000,000 | ---D | M]

[2010.03.08 19:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Mozilla\Extensions
[2012.05.02 07:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Mozilla\Firefox\Profiles\ic39xcue.default\extensions
[2011.01.28 15:56:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Mozilla\Firefox\Profiles\ic39xcue.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.06 12:12:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Mozilla\Firefox\Profiles\ic39xcue.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.13 20:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.06.24 14:17:31 | 000,000,000 | ---D | M] (iMesh MediaBar) -- C:\Program Files\Mozilla Firefox\extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN.KAFRIK-171A8F5B\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\IC39XCUE.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
[2012.07.05 22:33:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010.03.15 20:12:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.14 15:23:46 | 000,000,000 | ---D | M] (VDownloader) -- C:\PROGRAM FILES\VDOWNLOADER\ADDONS\FIREFOX
[2012.05.21 16:30:02 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.12.06 14:59:08 | 000,192,512 | ---- | M] () -- C:\Program Files\mozilla firefox\components\mhxpcom.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.26 12:16:47 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012.02.26 12:16:47 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012.02.26 12:16:47 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2010.08.25 12:08:33 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
[2012.02.26 12:16:47 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012.02.26 12:16:47 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012.02.26 12:16:47 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-682003330-838170752-1177238915-1003..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-838170752-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4DFC928-C4BC-4431-B636-97798351E480}: DhcpNameServer = 8.8.8.8 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\SASWINLO.DLL) - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.26 20:25:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3a296092-7d32-11df-a743-000461998dd6}\Shell - "" = AutoRun
O33 - MountPoints2\{3a296092-7d32-11df-a743-000461998dd6}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{4afe58da-36a3-11df-a661-000461998dd6}\Shell - "" = AutoRun
O33 - MountPoints2\{4afe58da-36a3-11df-a661-000461998dd6}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.07.18 15:36:01 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\OTL.exe
[2012.07.14 17:24:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Recent
[2012.07.12 20:37:54 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.07.12 20:34:21 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\OTM.exe
[2012.07.11 09:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.11 09:35:39 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.05 22:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google Chrome
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.18 15:42:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.18 15:36:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\OTL.exe
[2012.07.18 12:10:20 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.18 12:09:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.17 18:44:35 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.15 11:12:51 | 000,195,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.14 17:02:32 | 000,200,996 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Dokumenty\cc_20120714_170214.reg
[2012.07.12 20:34:31 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\OTM.exe
[2012.07.11 09:35:23 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\RSIT.exe
[2012.07.05 22:33:24 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.05 22:21:54 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.18 15:42:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.15 11:12:51 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.14 17:02:23 | 000,200,996 | ---- | C] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Dokumenty\cc_20120714_170214.reg
[2012.07.11 09:35:22 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\RSIT.exe
[2012.07.05 22:33:24 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.05 22:21:54 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2012.06.12 14:28:55 | 000,070,094 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2012.06.12 14:28:55 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2012.02.15 11:48:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.05 16:46:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2011.07.14 15:23:50 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011.06.30 11:58:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\{A9DB0ECF-8EAF-45B3-A319-72D9C3597F29}
[2011.03.18 16:20:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2011.03.18 16:03:36 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2011.01.27 21:32:51 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\EpfwUser.dat
[2010.03.23 20:54:47 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.11 17:56:27 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\fusioncache.dat

========== LOP Check ==========

[2011.01.20 19:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\AidemMedia
[2011.04.19 16:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Anthropics
[2010.09.24 15:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer
[2010.03.09 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer Pro
[2011.12.13 23:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\ElevatedDiagnostics
[2011.04.12 15:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\ESET
[2010.08.25 12:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Logia
[2010.04.30 19:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Nokia
[2010.10.27 22:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Nokia Multimedia Player
[2010.07.20 19:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\nvda
[2011.07.14 15:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy
[2010.04.30 19:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PC Suite
[2010.05.05 16:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PhotoFiltre Studio X
[2011.01.03 21:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PLANStudio Setup
[2011.12.12 23:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PriceGong
[2012.02.26 12:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\RenPy
[2010.04.10 20:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\UDC Profiles
[2010.08.29 22:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\UseNeXT
[2012.05.30 16:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\uTorrent
[2011.07.14 15:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\VDownloader
[2010.04.10 19:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\XnView
[2011.12.15 14:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2012.02.01 18:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Electronic Arts
[2011.01.16 16:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GoldWave
[2010.03.17 17:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2010.04.16 19:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
[2010.04.16 20:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
[2012.03.20 18:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\phenomedia
[2011.03.11 17:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Toolbar4
[2012.07.18 12:10:20 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\system32\dllcache\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[25 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.03 19:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Adobe
[2011.01.20 19:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\AidemMedia
[2011.04.19 16:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Anthropics
[2010.03.22 16:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Apple Computer
[2010.09.24 15:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer
[2010.03.09 19:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer Pro
[2010.07.31 21:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\DivX
[2011.12.13 23:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\ElevatedDiagnostics
[2011.04.12 15:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\ESET
[2010.04.10 12:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Google
[2010.04.14 14:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Help
[2010.05.05 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Identities
[2010.04.06 13:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Lavasoft
[2010.08.25 12:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Logia
[2010.03.09 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Macromedia
[2011.12.14 20:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Malwarebytes
[2012.02.03 19:39:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Microsoft
[2010.03.08 19:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Mozilla
[2010.04.30 19:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Nokia
[2010.10.27 22:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Nokia Multimedia Player
[2010.07.20 19:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\nvda
[2011.07.14 15:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy
[2010.04.30 19:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PC Suite
[2010.05.05 16:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PhotoFiltre Studio X
[2011.01.03 21:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PLANStudio Setup
[2011.12.12 23:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\PriceGong
[2011.05.06 17:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Real
[2012.02.26 12:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\RenPy
[2012.07.14 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Skype
[2011.06.25 07:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\skypePM
[2010.03.15 20:09:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Sun
[2012.05.25 17:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\SUPERAntiSpyware.com
[2012.06.16 18:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\U3
[2010.04.10 20:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\UDC Profiles
[2010.08.29 22:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\UseNeXT
[2012.05.30 16:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\uTorrent
[2011.07.14 15:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\VDownloader
[2010.03.14 14:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\WinRAR
[2010.04.10 19:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2010.02.01 03:45:40 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.07.14 15:23:30 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy\OpenCandy_785EACD669A44950B3062DEF827B753E\LatestDLMgr.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy\OpenCandy_785EACD669A44950B3062DEF827B753E\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy\OpenCandy_785EACD669A44950B3062DEF827B753E\ZrychleniPocitace.exe
[2011.07.14 15:23:52 | 001,842,096 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\OpenCandy\OpenCandy_785EACD669A44950B3062DEF827B753E\ZrychleniPocitace_p2v1.exe
[2006.04.05 19:38:10 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\U3\000018474963423F\cleanup.exe
[2006.04.11 11:56:58 | 002,461,696 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\U3\000018474963423F\Launchpad Removal.exe
[2006.05.11 15:41:42 | 004,231,168 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\U3\000018474963423F\LaunchPad.exe
[2006.04.05 19:38:10 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\U3\temp\cleanup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.03.08 19:21:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.03.08 19:21:56 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.03.08 19:21:56 | 000,495,616 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.17 18:44:35 | 000,002,300 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- [2009.09.03 23:17:14 | 003,342,336 | ---- | M] (Electronic Arts)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.18 15:42:44 | 000,000,512 | ---- | M] () MD5=3AC7A850FDC8AE706D4C1E204B512501 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.07.18 08:57:30 | 000,028,396 | ---- | M] () -- \Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\data\sounds\Wav\Alc\baseballcrack.wav
[2009.12.15 23:22:58 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *loader* /s >
[2010.08.25 12:13:24 | 000,000,283 | ---- | M] () -- \Documents and Settings\admin.KAFRIK-171A8F5B\Data aplikací\Logia\eSnipsDownloaderLog.txt
[2010.05.12 19:47:31 | 000,000,523 | ---- | M] () -- \Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\ApplicationHistory\VDownloader.exe.6b408798.ini
[2010.05.12 19:47:59 | 000,000,000 | ---- | M] () -- \Documents and Settings\admin.KAFRIK-171A8F5B\Local Settings\Data aplikací\ApplicationHistory\VDownloader.exe.6b408798.ini.inuse
[2011.07.14 15:20:46 | 013,063,236 | ---- | M] () -- \Documents and Settings\admin.KAFRIK-171A8F5B\Plocha\VDownloaderSetup.exe
[2008.04.10 16:12:23 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\alien-hive\en\alien_hive.dcr\MiniclipLoaderAd.sol
[2008.09.01 10:46:54 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\bush-royal-rampage\en\bushroyalrampage.swf\MiniclipLoaderAd.sol
[2008.09.01 10:54:45 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\cab-driver\en\cab_driver.dcr\MiniclipLoaderAd.sol
[2008.08.12 10:17:53 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\fire-storm\en\fire_storm.dcr\MiniclipLoaderAd.sol
[2008.04.09 17:36:44 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\free-wheels\en\free_wheels.dcr\MiniclipLoaderAd.sol
[2009.12.06 19:57:58 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\golf-ace-hawaii\en\golf_ace_hawaii.dcr\MiniclipLoaderAd.sol
[2008.08.08 10:40:22 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\china-2008\en\china_2008.dcr\MiniclipLoaderAd.sol
[2008.04.08 16:21:59 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\kickboxing\en\kickboxing.dcr\MiniclipLoaderAd.sol
[2008.04.06 19:19:40 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\motocross-urban-fever\en\motocross_urban_fever.dcr\MiniclipLoaderAd.sol
[2008.04.09 17:43:07 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\snow-riders\en\snow_riders.dcr\MiniclipLoaderAd.sol
[2008.04.06 19:15:42 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\sportbike-sprint\en\sportbike_sprint.dcr\MiniclipLoaderAd.sol
[2008.08.11 12:52:49 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\miniclip.com\games\wakeboard-pro\en\wakeboard_pro.dcr\MiniclipLoaderAd.sol
[2009.11.27 19:08:31 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\sk3.superhry.cz\HSO_40e1f9z\heliattack.swf\MiniclipLoaderAd.sol
[2009.03.05 20:16:41 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\sk3.superhry.cz\HSO_40e1f9z\hostileskies.swf\MiniclipLoaderAd.sol
[2008.09.01 10:43:46 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\superhry.cz\HSO_40e1f9z\bushroaylits.swf\MiniclipLoaderAd.sol
[2008.11.12 21:22:11 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\superhry.cz\HSO_40e1f9z\nordic-chill.swf\MiniclipLoaderAd.sol
[2009.04.07 17:35:25 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\1714.swf\MiniclipLoaderAd.sol
[2010.01.17 10:45:30 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\303.swf\MiniclipLoaderAd.sol
[2009.04.19 10:47:23 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\322.swf\MiniclipLoaderAd.sol
[2009.02.15 11:36:49 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\328.swf\MiniclipLoaderAd.sol
[2009.02.11 18:10:48 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\335.swf\MiniclipLoaderAd.sol
[2008.05.14 18:41:46 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\342.swf\MiniclipLoaderAd.sol
[2009.02.02 17:28:18 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\345.swf\MiniclipLoaderAd.sol
[2009.03.03 10:49:34 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\353.swf\MiniclipLoaderAd.sol
[2008.04.23 17:51:33 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\373.dcr\MiniclipLoaderAd.sol
[2010.02.08 16:27:00 | 000,000,060 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Flash Player\#SharedObjects\HCFLA9PD\tophry.net\games\375.dcr\MiniclipLoaderAd.sol
[2009.02.03 18:06:16 | 000,000,055 | ---- | M] () -- \Documents and Settings\admin\Application Data\Macromedia\Shockwave Player\Prefs\J7CFUF3Y\grooveloader.txt
[2009.09.20 12:46:18 | 000,009,225 | ---- | M] () -- \Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\e7srohte.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\content\scriptdownloader.js
[2007.01.15 16:49:55 | 000,003,287 | ---- | M] () -- \Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DataLoader.class-11d751d0-34ca97af.class
[2007.01.15 16:49:55 | 000,000,267 | ---- | M] () -- \Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\DataLoader.class-11d751d0-34ca97af.idx
[2010.02.21 04:01:47 | 000,074,268 | ---- | M] () -- \Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FacebookPhotoUploader5.jar-62950ace-3a869b6c.idx
[2009.02.09 20:45:43 | 001,769,957 | ---- | M] () -- \Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FacebookPhotoUploader5.jar-62950ace-3a869b6c.zip
[2006.07.31 14:51:14 | 000,000,892 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\2BS5ADSZ\loader240x180[1].swf
[2006.08.26 17:41:04 | 000,038,543 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\2BS5ADSZ\loader[1].swf
[2006.07.14 09:45:06 | 000,001,466 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\2BS5ADSZ\template_loader[1].swf
[2006.08.03 15:49:27 | 000,000,892 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\655A3QHO\loader240x180[1].swf
[2006.07.23 09:22:39 | 000,057,694 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\655A3QHO\maploader[2].js
[1 \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\655A3QHO\*.tmp files -> \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\655A3QHO\*.tmp -> ]
[2006.08.02 22:44:02 | 000,004,161 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\973RXDKE\maploader[1].htm
[2006.10.16 18:33:53 | 000,000,081 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\A3EJ25Q7\font_uk_loader[1].swf
[2006.10.16 18:35:24 | 000,000,079 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\A3EJ25Q7\font_uk_loader[2].swf
[2006.07.18 09:13:50 | 000,000,903 | ---- | M] () -- \Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\AFEZEDUN\loader160x120[1].swf
[2011.07.14 15:23:54 | 000,001,550 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\VDownloader\VDownloader.lnk
[2009.12.27 17:50:48 | 000,000,685 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Uninstall.lnk
[2009.12.27 17:50:48 | 000,000,928 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Website.lnk
[2009.12.27 17:50:47 | 000,001,809 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App.lnk
[2005.06.07 00:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.07 00:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.07 00:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2004.09.07 11:30:08 | 000,086,016 | ---- | M] () -- \Program Files\Common Files\Ahead\AudioPlugins\Downloaders.dll
[2002.08.18 21:14:40 | 000,348,160 | ---- | M] () -- \Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2009.09.03 00:09:22 | 000,003,614 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2000.11.28 09:09:52 | 000,045,056 | ---- | M] () -- \Program Files\LANGMaster\eduExplorer\AppData\edurom\all\Setup\bin\program files\common files\graphboard 2.50\internetloader.dll
[2009.09.21 15:04:18 | 000,002,713 | ---- | M] () -- \Program Files\Red Kawa\Video Converter App\components\uriloader.xpt
[2009.10.03 17:11:50 | 000,245,760 | ---- | M] () -- \Program Files\Regensoft\Downloader App\DownloaderApp.exe
[2009.12.27 17:50:48 | 000,000,063 | ---- | M] () -- \Program Files\Regensoft\Downloader App\YouTube Downloader App.url
[2009.09.21 15:04:18 | 000,002,713 | ---- | M] () -- \Program Files\Regensoft\Downloader App\components\uriloader.xpt
[2006.01.30 16:01:18 | 000,495,616 | ---- | M] () -- \Program Files\Sony Ericsson\Mobile2\Sync Station\NotesPimAdaptorLoader.dll
[2011.07.11 11:09:14 | 001,957,376 | ---- | M] () -- \Program Files\VDOWNLOADER\VDownloader.exe
[2011.03.06 17:42:30 | 000,015,086 | ---- | M] () -- \Program Files\VDOWNLOADER\VDownloader.ico
[2010.07.23 22:44:48 | 004,528,971 | ---- | M] () -- \Program Files\VDOWNLOADER\VDownloader.zip
[2011.07.09 14:39:30 | 003,539,968 | ---- | M] () -- \Program Files\VDOWNLOADER\Addons\npVDownloader.dll
[2011.07.09 14:35:50 | 000,000,247 | ---- | M] () -- \Program Files\VDOWNLOADER\Addons\FireFox\chrome\content\vdownloader.xul
[2011.07.09 22:59:48 | 000,049,152 | ---- | M] () -- \Program Files\VDOWNLOADER\ar\VDownloader.resources.dll
[2011.07.09 22:59:48 | 000,053,248 | ---- | M] () -- \Program Files\VDOWNLOADER\de\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,049,152 | ---- | M] () -- \Program Files\VDOWNLOADER\es\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,053,248 | ---- | M] () -- \Program Files\VDOWNLOADER\fr\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,036,864 | ---- | M] () -- \Program Files\VDOWNLOADER\hu\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,049,152 | ---- | M] () -- \Program Files\VDOWNLOADER\it\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,049,152 | ---- | M] () -- \Program Files\VDOWNLOADER\ja\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,032,768 | ---- | M] () -- \Program Files\VDOWNLOADER\ko\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,049,152 | ---- | M] () -- \Program Files\VDOWNLOADER\nl\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,032,768 | ---- | M] () -- \Program Files\VDOWNLOADER\pl\VDownloader.resources.dll
[2010.08.18 09:42:50 | 000,003,584 | ---- | M] () -- \Program Files\VDOWNLOADER\pt\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,036,864 | ---- | M] () -- \Program Files\VDOWNLOADER\pt-BR\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,053,248 | ---- | M] () -- \Program Files\VDOWNLOADER\ru\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,028,672 | ---- | M] () -- \Program Files\VDOWNLOADER\sr\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,045,056 | ---- | M] () -- \Program Files\VDOWNLOADER\tr\VDownloader.resources.dll
[2011.07.09 22:59:50 | 000,045,056 | ---- | M] () -- \Program Files\VDOWNLOADER\zh-CHS\VDownloader.resources.dll
[2010.02.10 19:10:12 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2003.07.18 08:57:30 | 000,001,430 | ---- | M] () -- \Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\data\anims\skater_misc\SitNodska.dat

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010.02.02 22:44:12 | 000,000,513 | ---- | M] () -- \Documents and Settings\admin\Recent\NCISerial.avi.lnk
[2010.02.02 23:04:49 | 000,000,488 | ---- | M] () -- \Documents and Settings\admin\Recent\NCISerial.lnk
[2008.09.18 07:17:22 | 000,004,335 | ---- | M] () -- \Program Files\Mozilla Sunbird\js\calIcsSerializer.js
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.12.03 14:51:16 | 000,035,648 | ---- | M] () -- \Program Files\Usb to Serial Driver 1.12.28\Drivers\Win98\SERIAL98.SYS
[2004.11.01 19:05:56 | 000,063,756 | ---- | M] () -- \Program Files\Usb to Serial Driver 1.12.28\Drivers\Win98\SERIAL98.VXD
[2011.07.09 22:59:38 | 000,065,536 | ---- | M] () -- \Program Files\VDOWNLOADER\Core.XmlSerializers.dll
[2010.03.11 16:22:18 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.03.13 12:35:37 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.13 22:31:07 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.31 19:26:52 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.15 18:15:32 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.15 18:19:04 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2004.07.15 15:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 20:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 08:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\system32\dllcache\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\dllcache\serial.sys
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >
Nahoru
amater
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 02 čer 2012 12:03

Re: preventivka-zpomaleny pc

#19 Příspěvek od amater »

extras.txt

OTL Extras logfile created on: 18. 7. 2012 15:38:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\admin.KAFRIK-171A8F5B\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

503,48 Mb Total Physical Memory | 194,43 Mb Available Physical Memory | 38,62% Memory free
1,20 Gb Paging File | 0,90 Gb Available in Paging File | 74,68% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 9,01 Gb Free Space | 12,10% Space Free | Partition Type: NTFS

Computer Name: KAFRIK-171A8F5B | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prehliadať v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Disabled:µTorrent
"C:\TRANSLAT\WEBTRANS.EXE" = C:\TRANSLAT\WEBTRANS.EXE:*:Disabled:WebTrans
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Disabled:Steam


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}" = Nokia Connectivity Cable Driver
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{12E83A6C-62D6-4893-0093-FB396C480F7B}" = FIFA 2003 Demo
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 30
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29466F9C-7C6A-419C-B301-F440FAF78760}" = Nokia PC Suite
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3C6D1F24-C121-407D-A49D-46C0971C9751}" = Moorhuhn Soccer
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Zem
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7F786438-F6F2-41C0-886F-06E42BBF62CC}" = JourneySoftware
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{904CD0E4-4B72-4CF7-9828-267C6678A22E}" = System Requirements Lab for Intel
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.5.905
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Slovak
"{ADD31791-D676-4A7B-8FA8-A6EE7F1B4E5A}" = JourneySoftwarePromo
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}" = PC Connectivity Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"10prstami5" = 10prstami5 5.2
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Attac Car" = Attac Car
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"BeatScanner 1.43_is1" = BeatScanner 1.43
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"EADM" = EA Download Manager
"GoldWave v5.58" = GoldWave v5.58
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hmyzí válka" = Hmyzí válka
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"ie8" = Windows Internet Explorer 8
"James Bond 007: Nightfire Demo" = James Bond 007: Nightfire Demo
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verzia 1.51.0.1200
"MER Innebandy" = MER Innebandy
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 12.0 (x86 sk)" = Mozilla Firefox 12.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"Trophy Hunter 2003_is1" = Trophy Hunter 2003 - Rocky Mountain Adventures
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29. 6. 2012 13:50:30 | Computer Name = KAFRIK-171A8F5B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 12.0.0.4493, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11. 7. 2012 3:11:43 | Computer Name = KAFRIK-171A8F5B | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 12. 7. 2012 15:03:53 | Computer Name = KAFRIK-171A8F5B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.21.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12. 7. 2012 15:03:53 | Computer Name = KAFRIK-171A8F5B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTM.exe, verze 3.1.21.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17. 7. 2012 13:00:55 | Computer Name = KAFRIK-171A8F5B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 12.0.0.4493, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17. 7. 2012 15:03:59 | Computer Name = KAFRIK-171A8F5B | Source = MsiInstaller | ID = 11706
Description = Product: PhotoGallery -- Error 1706.No valid source could be found
for product PhotoGallery. The Windows Installer cannot continue.

Error - 18. 7. 2012 1:10:50 | Computer Name = KAFRIK-171A8F5B | Source = MsiInstaller | ID = 11706
Description = Product: PhotoGallery -- Error 1706.No valid source could be found
for product PhotoGallery. The Windows Installer cannot continue.

Error - 18. 7. 2012 6:12:24 | Computer Name = KAFRIK-171A8F5B | Source = MsiInstaller | ID = 11706
Description = Product: PhotoGallery -- Error 1706.No valid source could be found
for product PhotoGallery. The Windows Installer cannot continue.

Error - 18. 7. 2012 10:09:15 | Computer Name = KAFRIK-171A8F5B | Source = MsiInstaller | ID = 11706
Description = Product: PhotoGallery -- Error 1706.No valid source could be found
for product PhotoGallery. The Windows Installer cannot continue.

Error - 18. 7. 2012 10:12:02 | Computer Name = KAFRIK-171A8F5B | Source = MsiInstaller | ID = 11706
Description = Product: PhotoGallery -- Error 1706.No valid source could be found
for product PhotoGallery. The Windows Installer cannot continue.

[ System Events ]
Error - 12. 7. 2012 14:38:25 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7034
Description = Služba ServiceLayer byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 14. 7. 2012 5:38:08 | Computer Name = KAFRIK-171A8F5B | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 14. 7. 2012 5:38:08 | Computer Name = KAFRIK-171A8F5B | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 14. 7. 2012 5:38:24 | Computer Name = KAFRIK-171A8F5B | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 14. 7. 2012 5:38:24 | Computer Name = KAFRIK-171A8F5B | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 15. 7. 2012 5:25:26 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Pml Driver HPZ12.

Error - 15. 7. 2012 5:25:26 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7000
Description = Služba Pml Driver HPZ12 neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 17. 7. 2012 14:45:34 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Pml Driver HPZ12.

Error - 17. 7. 2012 14:45:34 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7000
Description = Služba Pml Driver HPZ12 neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 18. 7. 2012 8:54:51 | Computer Name = KAFRIK-171A8F5B | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby WZCSVC.


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka-zpomaleny pc

#20 Příspěvek od Márty84 »

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=VX&apn_dtid=&apn_uid=0F89B573-5007-4B5E-A67C-524298900C46&apn_sauid=8CE18A93-73F1-446E-91E5-C1C84B8AB5BA&
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}: "URL" = http://eis.esnips.com/page/search_provi ... 8d1391d&q={searchTerms}
IE - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2077543
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14778&locale=en_EU&apn_uid=0F89B573-5007-4B5E-A67C-524298900C46&apn_ptnrs=VX&apn_sauid=8CE18A93-73F1-446E-91E5-C1C84B8AB5BA&apn_dtid=&q="
O3 - HKU\S-1-5-21-682003330-838170752-1177238915-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[25 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
amater
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 02 čer 2012 12:03

Re: preventivka-zpomaleny pc

#21 Příspěvek od amater »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 41275623 bytes

User: admin.KAFRIK-171A8F5B
->Temp folder emptied: 59098358 bytes
->Temporary Internet Files folder emptied: 1090970 bytes
->Java cache emptied: 13382647 bytes
->FireFox cache emptied: 237146047 bytes
->Flash cache emptied: 45058 bytes

User: ADMIN~1~KAF

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: DETEKTIVNE
->Temp folder emptied: 106309 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33177 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1942891 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 156987426 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 449799656 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 917,00 mb


[EMPTYFLASH]

User: admin

User: admin.KAFRIK-171A8F5B
->Flash cache emptied: 0 bytes

User: ADMIN~1~KAF

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: DETEKTIVNE

User: LocalService

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25477387-2310-45df-933D-E9416D3D0303}\ not found.
Registry key HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems
Prefs.js: "http://websearch.ask.com/redirect?clien ... n_dtid=&q=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-682003330-838170752-1177238915-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1398.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13AA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1407.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1487.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14AE.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14AE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1590.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP159F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP163D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP167E.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP167E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16AC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP178E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP196.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1BEA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C0.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C17.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E.tmp\Microsoft.Build.Tasks.v3.5.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP223F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2251.tmp\System.ServiceModel.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2251.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP237.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP53A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP714.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99B.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC4F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI14F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI172.tmp deleted successfully.
C:\WINDOWS\Installer\MSI173.tmp deleted successfully.
C:\WINDOWS\Installer\MSI175.tmp deleted successfully.
C:\WINDOWS\Installer\MSI179.tmp deleted successfully.
C:\WINDOWS\Installer\MSI18A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI207.tmp deleted successfully.
C:\WINDOWS\Installer\MSI21A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI239.tmp deleted successfully.
C:\WINDOWS\Installer\MSI26.tmp deleted successfully.
C:\WINDOWS\Installer\MSI267.tmp deleted successfully.
C:\WINDOWS\Installer\MSI27A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI40D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI41C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI48.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5061.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5066.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI98.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA9.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBF.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC6.tmp deleted successfully.
C:\WINDOWS\Installer\MSICE.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.

OTL by OldTimer - Version 3.2.54.0 log created on 07192012_165644

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012.07.19 17:00:14 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka-zpomaleny pc

#22 Příspěvek od Márty84 »

:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete :)
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci :)



:arrow: Az vse provedete, dejte sem novy log z RSIT a napiste, jak je na tom pc
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
amater
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 02 čer 2012 12:03

Re: preventivka-zpomaleny pc

#23 Příspěvek od amater »

vykonám :idea: ccleaner používam bežne takže ho nemusím stahovat potom sem hodím log
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: preventivka-zpomaleny pc

#24 Příspěvek od Márty84 »

OK :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“