VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spam na webu na IPOD

https://forum.viry.cz:443/viewtopic.php?t=128316

Stránka 3 z 3

Re: Spam na webu na IPOD

Napsal: 19 bře 2013 19:44
od 11188
OTL logfile created on: 19.3.2013 19:24:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Uzivatel\Plocha\smazat
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1021,41 Mb Total Physical Memory | 359,81 Mb Available Physical Memory | 35,23% Memory free
2,40 Gb Paging File | 1,84 Gb Available in Paging File | 76,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,50 Gb Total Space | 44,67 Gb Free Space | 59,96% Space Free | Partition Type: NTFS
Drive D: | 173,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC001 | User Name: Uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.19 19:22:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uzivatel\Plocha\smazat\OTL.exe
PRC - [2013.03.08 17:01:28 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.03.01 23:40:01 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
PRC - [2012.07.11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2012.07.03 17:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.06.11 10:33:14 | 000,174,488 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.06.11 10:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.01.10 15:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2010.07.25 18:08:00 | 002,569,616 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.07.22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2010.02.17 12:30:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.02.17 12:30:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.03.12 11:53:46 | 000,483,422 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009.03.12 11:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2005.01.25 08:43:23 | 000,442,368 | ---- | M] () -- C:\Program Files\DreamCom Server\dcsrvice.exe
PRC - [2002.03.08 17:30:52 | 001,748,992 | ---- | M] (FirebirdSQL Project) -- C:\Program Files\FireBird\bin\ibserver.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.19 09:48:18 | 002,074,624 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13031900\algo.dll
MOD - [2013.03.18 22:06:05 | 002,074,624 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13031801\algo.dll
MOD - [2013.03.12 22:55:17 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.08 17:01:27 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.06.26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.06.26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012.06.26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.06.26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.06.26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2012.01.14 00:48:51 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.01.10 15:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 13:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 13:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2009.04.14 23:51:50 | 000,096,768 | ---- | M] () -- C:\WINDOWS\system32\htimon.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.04.08 08:19:20 | 001,459,200 | ---- | M] () -- C:\Program Files\DreamCom Server\dcserver.dll
MOD - [2005.01.25 08:43:23 | 000,442,368 | ---- | M] () -- C:\Program Files\DreamCom Server\dcsrvice.exe
MOD - [2002.01.11 14:59:06 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2001.10.28 17:43:08 | 000,116,736 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll


========== Services (SafeList) ==========

SRV - [2013.03.12 22:55:19 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 17:01:28 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.01 23:40:01 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012.07.03 17:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.07.22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
SRV - [2009.03.12 11:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\IntelXPV_v103\WDM\stacsv.exe -- (STacSV)
SRV - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2005.01.25 08:43:23 | 000,442,368 | ---- | M] () [Auto | Running] -- C:\Program Files\DreamCom Server\dcsrvice.exe -- (DreamService)
SRV - [2002.03.08 17:30:52 | 001,748,992 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files\FireBird\bin\ibserver.exe -- (InterBaseServer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Uzivatel\LOCALS~1\Temp\cpuz133\cpuz133_x32.sys -- (cpuz133)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - [2012.07.03 17:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 17:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 17:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 17:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 17:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 17:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 17:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.06.11 10:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.09 16:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.11.06 03:20:24 | 000,106,880 | ---- | M] (AnyDATA.NET INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbser.sys -- (adusbser)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.03.12 11:53:46 | 001,550,613 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.19 19:46:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 17:01:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.01.12 23:08:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Extensions
[2013.03.17 14:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions
[2013.01.30 00:40:27 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.01.29 21:52:30 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions\51083c38c67da@51083c38c6811.com
[2013.01.09 22:53:10 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\searchplugins\software-112-customized-web-search.xml
[2013.03.08 17:01:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.08 17:01:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.03.08 17:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013.03.08 17:01:08 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\UZIVATEL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\IO68J5ST.DEFAULT-1357168552828\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
[2013.03.08 17:01:29 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.20 09:32:35 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.20 09:32:35 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.20 09:32:35 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.20 09:32:35 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.20 09:32:35 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Prvn\u00ED u\u017Eivatel (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: wxDfast = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ceahdebebmaifmdabjminkineehaednc\1.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SaveByclick = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gmmhgjgoelijbjmcbppddckbkhcajann\1\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Gmail = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.03.18 23:09:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003..\Run: [ccleaner] C:\Programy\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O4 - Startup: C:\Documents and Settings\Uzivatel\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Uzivatel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B1EB5D1-DD9A-49D6-BC49-E3CA9D8335FD}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.29 07:35:00 | 000,000,044 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (dfboottime \??\C:\WINDOWS\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.03.19 19:14:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Uzivatel\Recent
[2013.03.19 08:28:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.03.18 23:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.03.18 22:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\Plocha\smazat
[2013.03.18 08:30:48 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Uzivatel\Plocha\rkill.com
[2013.03.17 21:43:25 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Uzivatel\Plocha\aswMBR.exe
[2013.03.17 21:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013.03.17 18:16:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.03.17 18:16:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.03.17 18:16:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.03.17 18:16:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.03.17 18:16:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.17 18:15:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.03.17 18:13:58 | 005,041,875 | R--- | C] (Swearware) -- C:\Documents and Settings\Uzivatel\Plocha\ComboFix.exe
[2013.03.17 15:56:25 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Uzivatel\Dokumenty\dds.exe
[2013.03.17 09:35:57 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.03.19 19:27:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.19 19:18:03 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.19 19:15:51 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.03.19 19:15:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.19 19:14:35 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 19:14:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.19 14:55:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.18 23:09:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.03.18 08:30:48 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Uzivatel\Plocha\rkill.com
[2013.03.17 21:59:35 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\MBR.dat
[2013.03.17 21:44:41 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Uzivatel\Plocha\aswMBR.exe
[2013.03.17 21:15:51 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2013.03.17 20:40:25 | 000,002,427 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\ABBYY FineReader 10 Professional Edition.lnk
[2013.03.17 18:14:16 | 005,041,875 | R--- | M] (Swearware) -- C:\Documents and Settings\Uzivatel\Plocha\ComboFix.exe
[2013.03.17 15:56:28 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Uzivatel\Dokumenty\dds.exe
[2013.03.17 09:39:10 | 000,597,667 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\adwcleaner.exe
[2013.03.17 09:35:47 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\RSIT.exe
[2013.03.14 19:48:38 | 000,704,049 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\maly-hitler.jpg
[2013.03.12 22:55:18 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.12 22:55:18 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.12 19:49:28 | 000,036,229 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\xwinch-kolecko.jpg
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.19 19:27:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.17 21:48:20 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Plocha\MBR.dat
[2013.03.17 21:15:51 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2013.03.17 18:16:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.03.17 18:16:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.03.17 18:16:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.03.17 18:16:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.03.17 18:16:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.03.17 09:39:10 | 000,597,667 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\adwcleaner.exe
[2013.03.17 09:35:46 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\RSIT.exe
[2013.03.14 19:45:22 | 000,704,049 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Plocha\maly-hitler.jpg
[2013.03.13 18:02:59 | 000,036,229 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Plocha\xwinch-kolecko.jpg
[2013.02.04 22:20:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.29 21:38:02 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Data aplikací\init.dll
[2013.01.29 21:38:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Data aplikací\SYSTEM32.dll
[2013.01.29 21:37:53 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Data aplikací\sound.dll
[2013.01.29 21:36:39 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2013.01.29 21:36:23 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2013.01.29 21:28:47 | 000,096,768 | ---- | C] () -- C:\WINDOWS\System32\htimon.dll
[2013.01.10 00:21:39 | 000,001,634 | ---- | C] () -- C:\WINDOWS\emailer.ini
[2013.01.10 00:21:30 | 000,001,085 | ---- | C] () -- C:\WINDOWS\uidemlr.dll
[2013.01.10 00:18:56 | 000,000,190 | ---- | C] () -- C:\WINDOWS\Adr.INI
[2012.10.16 22:08:21 | 000,000,310 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2012.05.03 22:16:51 | 000,000,385 | ---- | C] () -- C:\WINDOWS\red_dialer.ini
[2012.02.16 12:46:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.22 14:44:17 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.13 16:37:14 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2011.08.02 23:21:34 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.08.02 23:19:55 | 000,218,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.08.02 22:13:33 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\dfboottime.exe
[2011.08.02 22:11:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.08.02 21:33:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.08.02 21:27:27 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.08.03 19:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.06.21 16:22:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.06.21 16:29:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2012.07.11 15:07:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2012.06.21 16:29:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2012.06.21 16:28:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJFAX
[2012.06.21 16:30:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2012.06.21 09:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2012.06.21 16:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2012.06.22 16:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2012.12.03 14:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.08.07 20:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.11.05 20:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2012.11.01 00:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OptimizerPro1
[2012.08.07 20:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2013.01.29 18:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PDF Architect
[2013.01.29 22:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PDF reDirect
[2012.12.28 19:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Premium
[2012.01.13 16:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2013.01.09 23:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.12.28 19:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WoW Worldwide Software LTD
[2012.06.21 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Canon
[2013.03.19 19:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox
[2013.01.10 00:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\esmska
[2012.06.22 16:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\GARMIN
[2013.03.02 23:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ICQ
[2012.11.05 20:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Kastner software
[2013.03.04 17:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Nokia
[2012.01.15 20:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Nvu
[2012.01.14 00:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\OpenOffice.org
[2013.01.16 18:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PC Suite
[2013.01.29 16:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PDF Architect
[2013.03.08 08:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PDF reDirect
[2011.08.06 17:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PhotoFiltre
[2012.01.13 16:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ScanSoft
[2012.01.13 01:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\TeamViewer
[2013.01.07 18:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Wise Registry Cleaner
[2013.01.29 21:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\YCanPDF

========== Purity Check ==========



========== Custom Scans ==========

< >
[2011.08.02 21:29:04 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.08.02 21:35:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.01.13 01:11:47 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.13 01:11:48 | 000,000,944 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.10 08:16:39 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.07.19 19:46:28 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\erdnt\cache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.02 12:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ABBYY
[2011.08.02 22:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Adobe
[2012.06.21 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Canon
[2013.03.19 19:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox
[2013.01.10 00:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\esmska
[2012.06.22 16:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\GARMIN
[2012.12.16 23:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Google
[2013.03.02 23:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ICQ
[2011.08.06 16:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Identities
[2012.11.05 20:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Kastner software
[2012.01.12 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Macromedia
[2012.12.03 19:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Malwarebytes
[2012.12.16 07:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Media Player Classic
[2012.05.29 22:41:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Microsoft
[2012.01.12 23:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla
[2013.03.04 17:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Nokia
[2012.01.15 20:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Nvu
[2012.01.14 00:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\OpenOffice.org
[2013.01.16 18:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PC Suite
[2013.01.29 16:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PDF Architect
[2013.03.08 08:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PDF reDirect
[2011.08.06 17:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PhotoFiltre
[2012.01.13 16:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ScanSoft
[2013.03.17 22:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Skype
[2011.08.02 22:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Sun
[2012.12.04 13:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\SUPERAntiSpyware.com
[2012.01.13 01:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\TeamViewer
[2011.08.03 18:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\WinRAR
[2013.01.07 18:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Wise Registry Cleaner
[2013.01.29 21:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\YCanPDF

< %APPDATA%\*.exe /s >
[2013.01.20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
[2013.01.20 20:29:54 | 000,203,264 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2012.06.14 03:09:00 | 000,874,440 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2012.06.14 03:09:06 | 000,181,776 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Uzivatel\Data aplikací\Dropbox\bin\Uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.03.19 14:55:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.03.19 19:15:51 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.03.19 19:14:35 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 19:18:03 | 000,000,944 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.08.02 23:18:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.08.02 23:18:58 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.08.02 23:18:58 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.19 19:15:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ccleaner" = "C:\Programy\CCleaner\CCleaner.exe" /AUTO -- [2011.06.24 11:53:16 | 002,423,608 | ---- | M] (Piriform Ltd)
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 15:16:10 | 000,491,040 | ---- | M] ()
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.03.08 17:01:28 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=BF2F2717C13A4BD4FD73F2788534E86B -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.19 19:27:23 | 000,000,512 | ---- | M] () MD5=039F26163EB622D88CDE349A5AB8767D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.11.02 11:44:54 | 375,374,952 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\ABBYY-FineReader-11+crack.rar
[2013.02.01 10:22:23 | 393,334,229 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\ABBYY-FineReader-Pro-v10.0.102.95-With-Crack.rar
[2005.08.30 15:13:16 | 000,003,556 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP\CrackF.html

< *keygen* /s >
[2012.11.02 13:56:16 | 004,157,360 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\abbyy_finereader_11_keygen.rar_downloader_224.exe
[2005.08.30 15:13:12 | 000,013,367 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html

< *loader* /s >
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2005.08.30 15:13:18 | 000,000,681 | ---- | M] () -- \Documents and Settings\Uzivatel\Data aplikací\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 15:13:18 | 000,008,203 | ---- | M] () -- \Documents and Settings\Uzivatel\Data aplikací\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2012.11.04 23:40:02 | 167,333,603 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\abbyy-finereader-v-9-0-724-pro-vl-multi-cz-_by_okurek_of_uploaders.rar
[2012.11.02 13:56:16 | 004,157,360 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\abbyy_finereader_11_keygen.rar_downloader_224.exe
[2010.02.17 04:44:10 | 000,006,308 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.12.08 23:02:38 | 000,005,425 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2010.06.16 09:18:20 | 000,021,504 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.02.17 11:37:14 | 000,000,171 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.06.16 09:18:46 | 000,029,696 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.02.18 01:06:56 | 000,003,872 | ---- | M] () -- \Documents and Settings\Uzivatel\Dokumenty\Programy\open-office3\OpenOffice.org 3\URE\java\unoloader.jar
[2012.12.05 23:10:06 | 000,004,613 | ---- | M] () -- \Documents and Settings\Uzivatel\Local Settings\Data aplikací\Pokki\Engine\frames\frame\loader.gif
[2012.12.05 23:10:06 | 000,004,613 | ---- | M] () -- \Documents and Settings\Uzivatel\Local Settings\Data aplikací\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\0f674123b9e499a1b42891e31e05b9fc06584c36\img\store\loader.gif
[2012.12.05 23:10:06 | 000,004,613 | ---- | M] () -- \Documents and Settings\Uzivatel\Local Settings\Data aplikací\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\update\img\store\loader.gif
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2010.05.17 11:04:20 | 000,393,728 | ---- | M] () -- \Program Files\E-Mailer\downloader.exe
[2012.01.12 23:32:10 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.12 23:32:11 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.12 23:32:10 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.12 23:34:37 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2005.08.30 15:12:58 | 000,056,807 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Commands\FLVFileLoader.swf
[2005.08.30 15:13:18 | 000,000,681 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 15:13:18 | 000,008,203 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2005.08.30 15:13:30 | 001,040,384 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\JSExtensions\swfloader.dll
[2012.06.26 12:36:20 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2005.06.17 14:42:16 | 000,003,095 | ---- | M] () -- \Program Files\Nvu\components\uriloader.xpt
[2010.02.17 05:44:10 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.01.14 00:48:43 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.02.17 12:37:14 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.01.14 00:48:56 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.02.18 02:06:56 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.10.24 09:43:02 | 000,008,321 | ---- | M] () -- \Program Files\Sweet Home 3D\THIRDPARTY-LICENSE-LOADER3DS.TXT
[2012.10.24 09:43:02 | 000,050,157 | ---- | M] () -- \Program Files\Sweet Home 3D\lib\Loader3DS1_2u.jar
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD022376

< End of report >

Re: Spam na webu na IPOD

Napsal: 20 bře 2013 09:43
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Uzivatel\LOCALS~1\Temp\cpuz133\cpuz133_x32.sys -- (cpuz133)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (btkrnl)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-299502267-1177238915-1407829469-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[2013.01.29 21:52:30 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions\51083c38c67da@51083c38c6811.com
[2013.01.09 22:53:10 | 000,001,054 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\searchplugins\software-112-customized-web-search.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\UZIVATEL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\IO68J5ST.DEFAULT-1357168552828\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
CHR - plugin: Error reading preferences file
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[2013.03.19 14:55:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.03.19 19:15:51 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.03.19 19:14:35 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 19:18:03 | 000,000,944 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD022376

:files
ipconfig /flushdns /c
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Spam na webu na IPOD

Napsal: 20 bře 2013 12:40
od 11188
All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service cpuz133 stopped successfully!
Service cpuz133 deleted successfully!
File C:\DOCUME~1\Uzivatel\LOCALS~1\Temp\cpuz133\cpuz133_x32.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Service btkrnl stopped successfully!
Service btkrnl deleted successfully!
File system32\DRIVERS\btkrnl.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-299502267-1177238915-1407829469-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-299502267-1177238915-1407829469-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-299502267-1177238915-1407829469-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions\51083c38c67da@51083c38c6811.com\content folder moved successfully.
C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\extensions\51083c38c67da@51083c38c6811.com folder moved successfully.
C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\io68j5st.default-1357168552828\searchplugins\software-112-customized-web-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AD022376 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Uzivatel\Plocha\smazat\cmd.bat deleted successfully.
C:\Documents and Settings\Uzivatel\Plocha\smazat\cmd.txt deleted successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Uzivatel
->Temp folder emptied: 811824 bytes
->Temporary Internet Files folder emptied: 720657 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 11729197 bytes
->Google Chrome cache emptied: 8508773 bytes
->Flash cache emptied: 888 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6350 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 21,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Uzivatel
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03202013_123023

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Spam na webu na IPOD

Napsal: 20 bře 2013 13:01
od vyosek
Nastala nejaka zmena?

Re: Spam na webu na IPOD

Napsal: 20 bře 2013 19:55
od 11188
No vypada to zatím dobře....tak uvidíme.Mužuse zeptat v čem byl problém a jak se vir dostal přes Avasta do počítače...
Jinak zasílám Vám příspěvek pres internet banking jak jsem slíbil....dík :thumbsup:
ps:máte nějaký bankovní účet kde vás můžu tedy podpořit?

Re: Spam na webu na IPOD

Napsal: 21 bře 2013 08:43
od vyosek
Tak jeste uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Bohuzel tato mrcha se dostava i pres zabezpeceni, jelikoz se stale modifikuji a je tezke je odhalovat

:arrow: Bankovni ucet naseho fora je 107-275600267/0100 - do zpravy pro prijemce nam dejte prosim Vas nick, at to muzeme priradit. Za podporu jmenem celeho tymu dekuji :thumbsup:

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 3 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz