4604242Logfile of random's system information tool 1.08 (written by random/random)
Run by USER at 2010-09-01 17:58:27
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 155 GB (52%) free of 300 GB
Total RAM: 2047 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:58:46, on 1.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\USER\Plocha\RSIT.exe
C:\Program Files\trend micro\USER.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 11945 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DA0FC3DC-76FC-4156-BE16-95216547D262}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-01-17 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-01-17 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-08 2048352]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2008-03-06 2615688]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2008-03-06 910744]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-03-06 140568]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-26 149280]
"NPSStartup"= []
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"WEBTRAN"= []
"AdobeBridge"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
======List of files/folders created in the last 1 months======
2010-09-01 17:58:27 ----D---- C:\rsit
2010-08-18 20:36:41 ----D---- C:\Program Files\Openoko Entertainment
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-13 20:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-13 20:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-13 20:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-13 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-13 20:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-13 20:51:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-13 20:50:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-13 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-03 21:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
======List of files/folders modified in the last 1 months======
2010-09-01 17:58:42 ----D---- C:\Program Files\trend micro
2010-09-01 17:58:35 ----D---- C:\WINDOWS\Temp
2010-09-01 17:58:34 ----D---- C:\WINDOWS\Prefetch
2010-09-01 17:51:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-01 17:44:51 ----A---- C:\WINDOWS\WINCMD.INI
2010-09-01 17:41:31 ----D---- C:\WINDOWS\Debug
2010-09-01 17:41:31 ----D---- C:\WINDOWS
2010-09-01 17:36:18 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-29 18:52:23 ----A---- C:\WINDOWS\TRNCOM.INI
2010-08-28 19:40:47 ----D---- C:\Documents and Settings\USER\Data aplikací\Vso
2010-08-28 18:25:47 ----D---- C:\Film
2010-08-28 16:01:09 ----HD---- C:\WINDOWS\inf
2010-08-28 16:01:08 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-27 19:06:42 ----D---- C:\$AVG8.VAULT$
2010-08-22 18:28:43 ----D---- C:\WINDOWS\system32
2010-08-22 18:28:43 ----D---- C:\Program Files\Mozilla Firefox
2010-08-18 20:41:46 ----SHD---- C:\WINDOWS\Installer
2010-08-18 20:41:46 ----SHD---- C:\Config.Msi
2010-08-18 20:36:41 ----RD---- C:\Program Files
2010-08-18 20:36:20 ----D---- C:\WINDOWS\system32\DirectX
2010-08-18 20:36:18 ----RSD---- C:\WINDOWS\assembly
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files
2010-08-14 21:01:09 ----D---- C:\RENAULT
2010-08-13 21:47:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 20:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-13 20:54:35 ----D---- C:\WINDOWS\system32\drivers
2010-08-13 20:54:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-13 20:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-13 20:53:45 ----D---- C:\WINDOWS\WinSxS
2010-08-13 20:50:02 ----D---- C:\Program Files\Movie Maker
2010-08-13 20:49:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-03 20:24:45 ----D---- C:\TEMP
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-08-02 18:00:21 ----D---- C:\totalcmd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-15 12552]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-06-14 129248]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2009-06-14 368480]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-06-14 441760]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-15 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-06-14 44384]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-10-20 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-14 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\USER\LOCALS~1\Temp\ALSysIO.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
S3 catchme;catchme; \??\C:\DOCUME~1\USER\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-14 715248]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 427288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-07-31 1370488]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2009-08-31 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.AVG detekoval win32/polycrypt
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Zdravim a pekne rano preji 
Kde presne AVG havet detekoval 
Dokazal jej smazat
Kde presne AVG havet detekoval Dokazal jej smazat "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Stahoval jsem zapakovanej soubor.Jakmile AVG hlásil vir,tak jsem to hned smazal(nerozbaloval jsem to),nevím ale jestli se něco nedostalo do PC,jelikož se mi změnila tapeta na ploše,jinak nic.
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Omlouvam se za zpozdeni 
Byl jsem na nocni...
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTM (viz muj podpis)
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
Byl jsem na nocni... Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
- &Yahoo! Companion
AVG Security Toolbar
Stahnete OTM (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:services ALSysIO :reg [HKCU\Software\Microsoft\Internet Explorer\Main] "Start Page"="www.seznam.cz" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"=- "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "NPSStartup"=- "AdobeCS4ServiceManager"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OEXPRESS"=- "WEBTRAN"=- "AdobeBridge"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\drivers\svchost.exe"=- :files C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\DOCUME~1\USER\LOCALS~1\Temp %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Kliknete na cervene tlacitko MoveIt!
- Sem pote dejte obsah okna Results (pod zelenou carou)
- Pokud budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Omlouvám se za prodlevu.Byl jsem pracovně mimo PC.
Zde je log z OTM
All processes killed
========== SERVICES/DRIVERS ==========
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"www.seznam.cz" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\WPDNSE folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\wardrobe folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\player folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\cars folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\player folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\wardrobe folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\cars folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR01.234 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\MExplorer folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\hsperfdata_USER folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP211.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP244.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31A.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI2.tmp moved successfully.
C:\WINDOWS\Installer\MSIC.tmp moved successfully.
C:\WINDOWS\Temp\02e96bb4-1d05-46f4-9a99-383a4ac67958.tmp moved successfully.
C:\WINDOWS\Temp\07a45073-88fd-42c3-ae82-3ba78c8fe283.tmp moved successfully.
C:\WINDOWS\Temp\0bf51974-c2a7-4d9e-8270-c7907fc3efee.tmp moved successfully.
C:\WINDOWS\Temp\0ed29d2d-163a-4497-98ba-5337ee527e22.tmp moved successfully.
C:\WINDOWS\Temp\0fbdd071-736e-4eca-8cf1-33cd5371f503.tmp moved successfully.
C:\WINDOWS\Temp\0ffe8c07-93a2-4fef-8af1-0136dcc762ac.tmp moved successfully.
C:\WINDOWS\Temp\103ac771-2eb7-4f9f-985f-63ffe0113510.tmp moved successfully.
C:\WINDOWS\Temp\19a2b916-093e-41e4-8650-d1e2e569a548.tmp moved successfully.
C:\WINDOWS\Temp\1bd35733-1211-40ab-a4af-d9ebb25c8fcf.tmp moved successfully.
C:\WINDOWS\Temp\1cf5ee27-0211-4541-a030-2a29558645c3.tmp moved successfully.
C:\WINDOWS\Temp\229f9696-5881-4a6d-9a21-9689298f77a2.tmp moved successfully.
C:\WINDOWS\Temp\2582bd06-6bee-42e1-a42a-5beef0239125.tmp moved successfully.
C:\WINDOWS\Temp\27d9ede6-4e48-4789-a6c2-06a091aff6eb.tmp moved successfully.
C:\WINDOWS\Temp\28411f38-45c3-4406-a505-d96ef0593c6e.tmp moved successfully.
C:\WINDOWS\Temp\2b499104-34b8-4274-b969-0e72be211705.tmp moved successfully.
C:\WINDOWS\Temp\2cebc9ce-13bb-4c2d-8090-35f9c5887bde.tmp moved successfully.
C:\WINDOWS\Temp\2d94bb63-809d-47ad-8fea-4696ead64c6b.tmp moved successfully.
C:\WINDOWS\Temp\2dd95c6e-de4b-4c72-a4c2-398be2a4f95a.tmp moved successfully.
C:\WINDOWS\Temp\2f864a92-3358-4e3e-9634-172ce25006da.tmp moved successfully.
C:\WINDOWS\Temp\2fcb3bd5-3a9f-413c-bbc0-dafe2a118a41.tmp moved successfully.
C:\WINDOWS\Temp\300026e7-37fb-42a5-85bc-c511256eb760.tmp moved successfully.
C:\WINDOWS\Temp\331710e7-0cd6-4e63-8b3c-5e4c764d35e4.tmp moved successfully.
C:\WINDOWS\Temp\33d827ae-2f1d-41c9-b549-7661bd01185e.tmp moved successfully.
C:\WINDOWS\Temp\3427670a-e82b-4013-958d-57553536c221.tmp moved successfully.
C:\WINDOWS\Temp\3438b97b-93a1-4485-95fd-ecda12cf17b4.tmp moved successfully.
C:\WINDOWS\Temp\35547d62-c6d4-462b-9c7f-2574efbb5480.tmp moved successfully.
C:\WINDOWS\Temp\3acb1ad7-93ba-408b-a4bc-f6b62304533d.tmp moved successfully.
C:\WINDOWS\Temp\3b39bc68-baf7-43f2-aea2-bd384fa54724.tmp moved successfully.
C:\WINDOWS\Temp\3bb6fcfa-c09a-49c6-8fd9-3aca302b671b.tmp moved successfully.
C:\WINDOWS\Temp\3bef2968-1929-4f1b-9c8c-cd8909dc1c25.tmp moved successfully.
C:\WINDOWS\Temp\3e7aa341-0de4-4bf6-970c-5184d554f277.tmp moved successfully.
C:\WINDOWS\Temp\3ef3d59d-ae2c-4c10-8c2d-39b9fdd68b1f.tmp moved successfully.
C:\WINDOWS\Temp\3fc497a8-cb8e-4a5b-ac39-8579ff795887.tmp moved successfully.
C:\WINDOWS\Temp\40daa79d-174a-4c73-9702-29aea1f26fda.tmp moved successfully.
C:\WINDOWS\Temp\42e989dd-794c-4d8a-881f-57a704724567.tmp moved successfully.
C:\WINDOWS\Temp\48473650-3b00-40f4-81e0-1ffd88aa6a65.tmp moved successfully.
C:\WINDOWS\Temp\484a269e-039d-4387-a7d2-a26f3e58e65d.tmp moved successfully.
C:\WINDOWS\Temp\4e83887b-cccf-42d8-8a56-ffc84c98e16f.tmp moved successfully.
C:\WINDOWS\Temp\4ebb3e45-ae67-4f93-8176-4cdd1df26621.tmp moved successfully.
C:\WINDOWS\Temp\4edca13a-25ef-4534-a56a-43eebb972c24.tmp moved successfully.
C:\WINDOWS\Temp\4fa2824d-d8e1-4792-9d96-5353dd0fb6ff.tmp moved successfully.
C:\WINDOWS\Temp\514648cf-03bb-4873-ad3e-3ed1d2542eaf.tmp moved successfully.
C:\WINDOWS\Temp\51fdaeef-dbfe-44c3-9669-3a5ce46e9f11.tmp moved successfully.
C:\WINDOWS\Temp\54ce2b28-a9ab-4310-9d0a-b5553d170537.tmp moved successfully.
C:\WINDOWS\Temp\57b9a8ca-0812-4943-b679-10170fb40d56.tmp moved successfully.
C:\WINDOWS\Temp\5816ae9e-1689-4d97-a990-713c03ea6f62.tmp moved successfully.
C:\WINDOWS\Temp\59699d4a-1a12-4e90-a885-2e63e5ee5be9.tmp moved successfully.
C:\WINDOWS\Temp\5b2caa0b-4a99-49a5-ab2d-d872c2acd169.tmp moved successfully.
C:\WINDOWS\Temp\5be57c47-a014-4cb8-8dd3-2185dcfe10a2.tmp moved successfully.
C:\WINDOWS\Temp\5c3a2af0-4fcf-4c6e-8abd-414dca21a6ad.tmp moved successfully.
C:\WINDOWS\Temp\61622481-aecb-479b-a74a-bd3d675cd069.tmp moved successfully.
C:\WINDOWS\Temp\6383aa12-ed16-405f-bbcb-60c8ca01d850.tmp moved successfully.
C:\WINDOWS\Temp\681d5652-578a-482b-a841-3746364006b2.tmp moved successfully.
C:\WINDOWS\Temp\6b67b9a7-201a-4973-a0a8-13b90692051c.tmp moved successfully.
C:\WINDOWS\Temp\6c65dc82-e084-4a13-97e2-aeb1e257cb21.tmp moved successfully.
C:\WINDOWS\Temp\6ea920b7-ae81-43aa-ad3b-fde45e518245.tmp moved successfully.
C:\WINDOWS\Temp\770e26f5-2fbd-4f17-b2ba-87233967f9a2.tmp moved successfully.
C:\WINDOWS\Temp\7806bb6f-1062-460b-8c3e-b8071569a24b.tmp moved successfully.
C:\WINDOWS\Temp\78ccb7b0-45f6-422f-a775-1fd254f1de38.tmp moved successfully.
C:\WINDOWS\Temp\78e05bc3-354d-48e2-841f-3bd27c9c91a8.tmp moved successfully.
C:\WINDOWS\Temp\7c131669-4d38-47f8-9ba0-3631faa21336.tmp moved successfully.
C:\WINDOWS\Temp\7e9f6e5a-ba9f-46b1-8de3-d416405de6a0.tmp moved successfully.
C:\WINDOWS\Temp\7f3d0fe9-1d2c-4e07-89cd-d2c3a4d7eb19.tmp moved successfully.
C:\WINDOWS\Temp\8119a43d-34b8-446e-9307-729185628cfc.tmp moved successfully.
C:\WINDOWS\Temp\81aa267b-0dd4-4466-8ed1-c5ddaa372351.tmp moved successfully.
C:\WINDOWS\Temp\82224875-0343-47ef-bc6b-ca54b1db0f08.tmp moved successfully.
C:\WINDOWS\Temp\8298e57e-a21b-40e4-a3c3-bf69002acfa5.tmp moved successfully.
C:\WINDOWS\Temp\85fe281c-5df2-4b15-b754-662573940661.tmp moved successfully.
C:\WINDOWS\Temp\86353f4c-51b1-48dc-b397-6196ebfec3ec.tmp moved successfully.
C:\WINDOWS\Temp\8796d7b4-6bcf-4c95-9993-06392c218777.tmp moved successfully.
C:\WINDOWS\Temp\8911e034-210b-4c5a-8d72-7aaf57f70117.tmp moved successfully.
C:\WINDOWS\Temp\8a997575-ae87-41d7-9664-84798f9def39.tmp moved successfully.
C:\WINDOWS\Temp\911f8802-a400-448a-8334-7ff8b383bcfe.tmp moved successfully.
C:\WINDOWS\Temp\9218a68c-55f8-4727-8fee-fa8ce5187665.tmp moved successfully.
C:\WINDOWS\Temp\940d26fc-0965-46c9-ab26-0277eb4a6fe9.tmp moved successfully.
C:\WINDOWS\Temp\955c71e5-9ab9-4589-82c6-9da22844998f.tmp moved successfully.
C:\WINDOWS\Temp\970306d9-bb36-4f9a-a4b9-0fbc9a7fbfe1.tmp moved successfully.
C:\WINDOWS\Temp\989d2575-bc77-42da-9b6d-671b08589408.tmp moved successfully.
C:\WINDOWS\Temp\98e409ec-fe86-4266-82e3-1724b2da1aa2.tmp moved successfully.
C:\WINDOWS\Temp\9c6bc887-3325-4cc2-9c5f-5237bf2eb8c6.tmp moved successfully.
C:\WINDOWS\Temp\9cc9670e-c7fe-4190-ad4e-30279f8f62f5.tmp moved successfully.
C:\WINDOWS\Temp\9e5e0490-e2b8-403c-bf3d-5d22d854f504.tmp moved successfully.
C:\WINDOWS\Temp\a0293cec-5036-4219-8d75-a454bd83ddb8.tmp moved successfully.
C:\WINDOWS\Temp\a71ff999-6277-4cf1-97e9-16566d0e29d1.tmp moved successfully.
C:\WINDOWS\Temp\a900d8e3-7a41-4e7c-8bb4-2d19bb501182.tmp moved successfully.
C:\WINDOWS\Temp\aab76399-39be-4e4f-8d26-140bcec1a864.tmp moved successfully.
C:\WINDOWS\Temp\aad02aeb-aa18-4849-b5c5-8c83284d8df4.tmp moved successfully.
C:\WINDOWS\Temp\aced40f2-0ca0-4be8-8660-619d5d312dc4.tmp moved successfully.
C:\WINDOWS\Temp\ae4782ee-bdca-44c3-9114-758624879ada.tmp moved successfully.
C:\WINDOWS\Temp\af5ac765-471e-45e8-ba16-7c0d7f6dc38e.tmp moved successfully.
C:\WINDOWS\Temp\b1ceb86c-67e2-4376-a64a-b1b56f9eee93.tmp moved successfully.
C:\WINDOWS\Temp\b2beaf4e-0843-4946-977d-ae1eb17ff4ac.tmp moved successfully.
C:\WINDOWS\Temp\b3f09f8c-4645-4646-9e70-1d9df6104353.tmp moved successfully.
C:\WINDOWS\Temp\b456b014-0685-48ff-b560-6adb4e54138e.tmp moved successfully.
C:\WINDOWS\Temp\b4ddb69c-4c04-4295-954b-7ba2b8c2eff5.tmp moved successfully.
C:\WINDOWS\Temp\b5a0d8b8-3073-4696-884d-1d85741eeb95.tmp moved successfully.
C:\WINDOWS\Temp\b69ca5cb-4604-4bbe-9f20-a2b561a04c7e.tmp moved successfully.
C:\WINDOWS\Temp\b6b39031-95c2-4376-89db-b08207b760ed.tmp moved successfully.
C:\WINDOWS\Temp\b91d9d47-3752-4f3a-a669-ffcf1bb26a00.tmp moved successfully.
C:\WINDOWS\Temp\bb01ff83-b067-47dc-a06b-bcdf5f958202.tmp moved successfully.
C:\WINDOWS\Temp\bc8f9ece-57e2-49fa-9989-41b0c9bed0b3.tmp moved successfully.
C:\WINDOWS\Temp\bdd739b3-5473-41c8-8aaf-704f3e01787f.tmp moved successfully.
C:\WINDOWS\Temp\c00455b7-7d99-4a3d-a3c3-18e9f5872308.tmp moved successfully.
C:\WINDOWS\Temp\c0afb90a-ffd6-4c1e-8926-674cd30ca405.tmp moved successfully.
C:\WINDOWS\Temp\c84a053c-d409-41a4-a923-cb7ed04a7c30.tmp moved successfully.
C:\WINDOWS\Temp\c9fd8b8f-ea57-44d3-92c1-1cc50838b063.tmp moved successfully.
C:\WINDOWS\Temp\cf94abe2-bfce-4b77-8524-60179e2f7d42.tmp moved successfully.
C:\WINDOWS\Temp\d0666806-6edf-4c08-a8b0-0c091366c78c.tmp moved successfully.
C:\WINDOWS\Temp\d092a706-00fd-433a-9dc1-e0923e212e9a.tmp moved successfully.
C:\WINDOWS\Temp\d1056ae9-548b-424d-bc5d-dab32be9b005.tmp moved successfully.
C:\WINDOWS\Temp\d18d0af1-d746-435e-888f-9811981985e3.tmp moved successfully.
C:\WINDOWS\Temp\d238e339-68b9-4837-9500-5dd8e5b41385.tmp moved successfully.
C:\WINDOWS\Temp\d3739984-5b03-49f8-81c6-caf38a8191f5.tmp moved successfully.
C:\WINDOWS\Temp\d3fa2476-fc2a-41f9-9b15-7518d5dc7f1d.tmp moved successfully.
C:\WINDOWS\Temp\de3a21a8-caed-4d37-9a4d-13d4c7f8392c.tmp moved successfully.
C:\WINDOWS\Temp\e0e24a3b-a0b6-4ee9-a2c6-1dbf94d8f556.tmp moved successfully.
C:\WINDOWS\Temp\e30e673e-c402-491c-9c60-fb642cb89dc4.tmp moved successfully.
C:\WINDOWS\Temp\e86da3a3-eaac-438a-8a0b-b71aedec3b57.tmp moved successfully.
C:\WINDOWS\Temp\eabbfa14-73be-4421-bfc4-4a682a03c77d.tmp moved successfully.
C:\WINDOWS\Temp\eb2391b3-fc41-4628-9e17-cd3f1b1cce4a.tmp moved successfully.
C:\WINDOWS\Temp\ee4e4975-48bb-4cd1-8bb1-b10e8e38ee1a.tmp moved successfully.
C:\WINDOWS\Temp\f156996c-51f3-4aff-a2a6-3f3a253c1ef5.tmp moved successfully.
C:\WINDOWS\Temp\f1e5f146-4fc9-47f9-8d43-3dadb4498121.tmp moved successfully.
C:\WINDOWS\Temp\f48d6236-2da0-42ed-996f-8fb90c4dd0a5.tmp moved successfully.
C:\WINDOWS\Temp\f4946c29-d70f-4ecf-82f5-6a4f8521c1f7.tmp moved successfully.
C:\WINDOWS\Temp\f5d39acd-8d74-49ae-ab91-7963b1d4b3f0.tmp moved successfully.
C:\WINDOWS\Temp\fadba044-eceb-4fbe-ba8b-fb6d44eb5b0e.tmp moved successfully.
C:\WINDOWS\Temp\fba057f3-ca71-4b61-8204-81edf041b3db.tmp moved successfully.
C:\WINDOWS\Temp\fcf1f6ab-f1da-40bc-9143-87df1f746438.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: JooFoo
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: USER
->Temporary Internet Files folder emptied: 10989667 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 90743070 bytes
->Flash cache emptied: 4353 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 25533786 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2903923442 bytes
Total Files Cleaned = 2 891,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.15.0 log created on 09072010_191813
Files moved on Reboot...
Registry entries deleted on Reboot...
Zde je log z OTM
All processes killed
========== SERVICES/DRIVERS ==========
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"www.seznam.cz" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\%windir%\system32\drivers\svchost.exe deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\WPDNSE folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\wardrobe folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\player folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\cars folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR96.157 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR93.235 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\player folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.9078 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\wardrobe folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.7157 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.4313 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds\cars folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man\sds folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs\cnt_made_man folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW\dlcs folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.3078 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0844 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR14.0735 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2782 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016\Crack\Crack v3 - CFB folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR12.2016 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594\Crack\CrackFix - SKIDROW folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594\Crack folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR11.9594 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\Rar$DR01.234 folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\MExplorer folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp\hsperfdata_USER folder moved successfully.
C:\DOCUME~1\USER\LOCALS~1\temp folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP211.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP244.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31A.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI2.tmp moved successfully.
C:\WINDOWS\Installer\MSIC.tmp moved successfully.
C:\WINDOWS\Temp\02e96bb4-1d05-46f4-9a99-383a4ac67958.tmp moved successfully.
C:\WINDOWS\Temp\07a45073-88fd-42c3-ae82-3ba78c8fe283.tmp moved successfully.
C:\WINDOWS\Temp\0bf51974-c2a7-4d9e-8270-c7907fc3efee.tmp moved successfully.
C:\WINDOWS\Temp\0ed29d2d-163a-4497-98ba-5337ee527e22.tmp moved successfully.
C:\WINDOWS\Temp\0fbdd071-736e-4eca-8cf1-33cd5371f503.tmp moved successfully.
C:\WINDOWS\Temp\0ffe8c07-93a2-4fef-8af1-0136dcc762ac.tmp moved successfully.
C:\WINDOWS\Temp\103ac771-2eb7-4f9f-985f-63ffe0113510.tmp moved successfully.
C:\WINDOWS\Temp\19a2b916-093e-41e4-8650-d1e2e569a548.tmp moved successfully.
C:\WINDOWS\Temp\1bd35733-1211-40ab-a4af-d9ebb25c8fcf.tmp moved successfully.
C:\WINDOWS\Temp\1cf5ee27-0211-4541-a030-2a29558645c3.tmp moved successfully.
C:\WINDOWS\Temp\229f9696-5881-4a6d-9a21-9689298f77a2.tmp moved successfully.
C:\WINDOWS\Temp\2582bd06-6bee-42e1-a42a-5beef0239125.tmp moved successfully.
C:\WINDOWS\Temp\27d9ede6-4e48-4789-a6c2-06a091aff6eb.tmp moved successfully.
C:\WINDOWS\Temp\28411f38-45c3-4406-a505-d96ef0593c6e.tmp moved successfully.
C:\WINDOWS\Temp\2b499104-34b8-4274-b969-0e72be211705.tmp moved successfully.
C:\WINDOWS\Temp\2cebc9ce-13bb-4c2d-8090-35f9c5887bde.tmp moved successfully.
C:\WINDOWS\Temp\2d94bb63-809d-47ad-8fea-4696ead64c6b.tmp moved successfully.
C:\WINDOWS\Temp\2dd95c6e-de4b-4c72-a4c2-398be2a4f95a.tmp moved successfully.
C:\WINDOWS\Temp\2f864a92-3358-4e3e-9634-172ce25006da.tmp moved successfully.
C:\WINDOWS\Temp\2fcb3bd5-3a9f-413c-bbc0-dafe2a118a41.tmp moved successfully.
C:\WINDOWS\Temp\300026e7-37fb-42a5-85bc-c511256eb760.tmp moved successfully.
C:\WINDOWS\Temp\331710e7-0cd6-4e63-8b3c-5e4c764d35e4.tmp moved successfully.
C:\WINDOWS\Temp\33d827ae-2f1d-41c9-b549-7661bd01185e.tmp moved successfully.
C:\WINDOWS\Temp\3427670a-e82b-4013-958d-57553536c221.tmp moved successfully.
C:\WINDOWS\Temp\3438b97b-93a1-4485-95fd-ecda12cf17b4.tmp moved successfully.
C:\WINDOWS\Temp\35547d62-c6d4-462b-9c7f-2574efbb5480.tmp moved successfully.
C:\WINDOWS\Temp\3acb1ad7-93ba-408b-a4bc-f6b62304533d.tmp moved successfully.
C:\WINDOWS\Temp\3b39bc68-baf7-43f2-aea2-bd384fa54724.tmp moved successfully.
C:\WINDOWS\Temp\3bb6fcfa-c09a-49c6-8fd9-3aca302b671b.tmp moved successfully.
C:\WINDOWS\Temp\3bef2968-1929-4f1b-9c8c-cd8909dc1c25.tmp moved successfully.
C:\WINDOWS\Temp\3e7aa341-0de4-4bf6-970c-5184d554f277.tmp moved successfully.
C:\WINDOWS\Temp\3ef3d59d-ae2c-4c10-8c2d-39b9fdd68b1f.tmp moved successfully.
C:\WINDOWS\Temp\3fc497a8-cb8e-4a5b-ac39-8579ff795887.tmp moved successfully.
C:\WINDOWS\Temp\40daa79d-174a-4c73-9702-29aea1f26fda.tmp moved successfully.
C:\WINDOWS\Temp\42e989dd-794c-4d8a-881f-57a704724567.tmp moved successfully.
C:\WINDOWS\Temp\48473650-3b00-40f4-81e0-1ffd88aa6a65.tmp moved successfully.
C:\WINDOWS\Temp\484a269e-039d-4387-a7d2-a26f3e58e65d.tmp moved successfully.
C:\WINDOWS\Temp\4e83887b-cccf-42d8-8a56-ffc84c98e16f.tmp moved successfully.
C:\WINDOWS\Temp\4ebb3e45-ae67-4f93-8176-4cdd1df26621.tmp moved successfully.
C:\WINDOWS\Temp\4edca13a-25ef-4534-a56a-43eebb972c24.tmp moved successfully.
C:\WINDOWS\Temp\4fa2824d-d8e1-4792-9d96-5353dd0fb6ff.tmp moved successfully.
C:\WINDOWS\Temp\514648cf-03bb-4873-ad3e-3ed1d2542eaf.tmp moved successfully.
C:\WINDOWS\Temp\51fdaeef-dbfe-44c3-9669-3a5ce46e9f11.tmp moved successfully.
C:\WINDOWS\Temp\54ce2b28-a9ab-4310-9d0a-b5553d170537.tmp moved successfully.
C:\WINDOWS\Temp\57b9a8ca-0812-4943-b679-10170fb40d56.tmp moved successfully.
C:\WINDOWS\Temp\5816ae9e-1689-4d97-a990-713c03ea6f62.tmp moved successfully.
C:\WINDOWS\Temp\59699d4a-1a12-4e90-a885-2e63e5ee5be9.tmp moved successfully.
C:\WINDOWS\Temp\5b2caa0b-4a99-49a5-ab2d-d872c2acd169.tmp moved successfully.
C:\WINDOWS\Temp\5be57c47-a014-4cb8-8dd3-2185dcfe10a2.tmp moved successfully.
C:\WINDOWS\Temp\5c3a2af0-4fcf-4c6e-8abd-414dca21a6ad.tmp moved successfully.
C:\WINDOWS\Temp\61622481-aecb-479b-a74a-bd3d675cd069.tmp moved successfully.
C:\WINDOWS\Temp\6383aa12-ed16-405f-bbcb-60c8ca01d850.tmp moved successfully.
C:\WINDOWS\Temp\681d5652-578a-482b-a841-3746364006b2.tmp moved successfully.
C:\WINDOWS\Temp\6b67b9a7-201a-4973-a0a8-13b90692051c.tmp moved successfully.
C:\WINDOWS\Temp\6c65dc82-e084-4a13-97e2-aeb1e257cb21.tmp moved successfully.
C:\WINDOWS\Temp\6ea920b7-ae81-43aa-ad3b-fde45e518245.tmp moved successfully.
C:\WINDOWS\Temp\770e26f5-2fbd-4f17-b2ba-87233967f9a2.tmp moved successfully.
C:\WINDOWS\Temp\7806bb6f-1062-460b-8c3e-b8071569a24b.tmp moved successfully.
C:\WINDOWS\Temp\78ccb7b0-45f6-422f-a775-1fd254f1de38.tmp moved successfully.
C:\WINDOWS\Temp\78e05bc3-354d-48e2-841f-3bd27c9c91a8.tmp moved successfully.
C:\WINDOWS\Temp\7c131669-4d38-47f8-9ba0-3631faa21336.tmp moved successfully.
C:\WINDOWS\Temp\7e9f6e5a-ba9f-46b1-8de3-d416405de6a0.tmp moved successfully.
C:\WINDOWS\Temp\7f3d0fe9-1d2c-4e07-89cd-d2c3a4d7eb19.tmp moved successfully.
C:\WINDOWS\Temp\8119a43d-34b8-446e-9307-729185628cfc.tmp moved successfully.
C:\WINDOWS\Temp\81aa267b-0dd4-4466-8ed1-c5ddaa372351.tmp moved successfully.
C:\WINDOWS\Temp\82224875-0343-47ef-bc6b-ca54b1db0f08.tmp moved successfully.
C:\WINDOWS\Temp\8298e57e-a21b-40e4-a3c3-bf69002acfa5.tmp moved successfully.
C:\WINDOWS\Temp\85fe281c-5df2-4b15-b754-662573940661.tmp moved successfully.
C:\WINDOWS\Temp\86353f4c-51b1-48dc-b397-6196ebfec3ec.tmp moved successfully.
C:\WINDOWS\Temp\8796d7b4-6bcf-4c95-9993-06392c218777.tmp moved successfully.
C:\WINDOWS\Temp\8911e034-210b-4c5a-8d72-7aaf57f70117.tmp moved successfully.
C:\WINDOWS\Temp\8a997575-ae87-41d7-9664-84798f9def39.tmp moved successfully.
C:\WINDOWS\Temp\911f8802-a400-448a-8334-7ff8b383bcfe.tmp moved successfully.
C:\WINDOWS\Temp\9218a68c-55f8-4727-8fee-fa8ce5187665.tmp moved successfully.
C:\WINDOWS\Temp\940d26fc-0965-46c9-ab26-0277eb4a6fe9.tmp moved successfully.
C:\WINDOWS\Temp\955c71e5-9ab9-4589-82c6-9da22844998f.tmp moved successfully.
C:\WINDOWS\Temp\970306d9-bb36-4f9a-a4b9-0fbc9a7fbfe1.tmp moved successfully.
C:\WINDOWS\Temp\989d2575-bc77-42da-9b6d-671b08589408.tmp moved successfully.
C:\WINDOWS\Temp\98e409ec-fe86-4266-82e3-1724b2da1aa2.tmp moved successfully.
C:\WINDOWS\Temp\9c6bc887-3325-4cc2-9c5f-5237bf2eb8c6.tmp moved successfully.
C:\WINDOWS\Temp\9cc9670e-c7fe-4190-ad4e-30279f8f62f5.tmp moved successfully.
C:\WINDOWS\Temp\9e5e0490-e2b8-403c-bf3d-5d22d854f504.tmp moved successfully.
C:\WINDOWS\Temp\a0293cec-5036-4219-8d75-a454bd83ddb8.tmp moved successfully.
C:\WINDOWS\Temp\a71ff999-6277-4cf1-97e9-16566d0e29d1.tmp moved successfully.
C:\WINDOWS\Temp\a900d8e3-7a41-4e7c-8bb4-2d19bb501182.tmp moved successfully.
C:\WINDOWS\Temp\aab76399-39be-4e4f-8d26-140bcec1a864.tmp moved successfully.
C:\WINDOWS\Temp\aad02aeb-aa18-4849-b5c5-8c83284d8df4.tmp moved successfully.
C:\WINDOWS\Temp\aced40f2-0ca0-4be8-8660-619d5d312dc4.tmp moved successfully.
C:\WINDOWS\Temp\ae4782ee-bdca-44c3-9114-758624879ada.tmp moved successfully.
C:\WINDOWS\Temp\af5ac765-471e-45e8-ba16-7c0d7f6dc38e.tmp moved successfully.
C:\WINDOWS\Temp\b1ceb86c-67e2-4376-a64a-b1b56f9eee93.tmp moved successfully.
C:\WINDOWS\Temp\b2beaf4e-0843-4946-977d-ae1eb17ff4ac.tmp moved successfully.
C:\WINDOWS\Temp\b3f09f8c-4645-4646-9e70-1d9df6104353.tmp moved successfully.
C:\WINDOWS\Temp\b456b014-0685-48ff-b560-6adb4e54138e.tmp moved successfully.
C:\WINDOWS\Temp\b4ddb69c-4c04-4295-954b-7ba2b8c2eff5.tmp moved successfully.
C:\WINDOWS\Temp\b5a0d8b8-3073-4696-884d-1d85741eeb95.tmp moved successfully.
C:\WINDOWS\Temp\b69ca5cb-4604-4bbe-9f20-a2b561a04c7e.tmp moved successfully.
C:\WINDOWS\Temp\b6b39031-95c2-4376-89db-b08207b760ed.tmp moved successfully.
C:\WINDOWS\Temp\b91d9d47-3752-4f3a-a669-ffcf1bb26a00.tmp moved successfully.
C:\WINDOWS\Temp\bb01ff83-b067-47dc-a06b-bcdf5f958202.tmp moved successfully.
C:\WINDOWS\Temp\bc8f9ece-57e2-49fa-9989-41b0c9bed0b3.tmp moved successfully.
C:\WINDOWS\Temp\bdd739b3-5473-41c8-8aaf-704f3e01787f.tmp moved successfully.
C:\WINDOWS\Temp\c00455b7-7d99-4a3d-a3c3-18e9f5872308.tmp moved successfully.
C:\WINDOWS\Temp\c0afb90a-ffd6-4c1e-8926-674cd30ca405.tmp moved successfully.
C:\WINDOWS\Temp\c84a053c-d409-41a4-a923-cb7ed04a7c30.tmp moved successfully.
C:\WINDOWS\Temp\c9fd8b8f-ea57-44d3-92c1-1cc50838b063.tmp moved successfully.
C:\WINDOWS\Temp\cf94abe2-bfce-4b77-8524-60179e2f7d42.tmp moved successfully.
C:\WINDOWS\Temp\d0666806-6edf-4c08-a8b0-0c091366c78c.tmp moved successfully.
C:\WINDOWS\Temp\d092a706-00fd-433a-9dc1-e0923e212e9a.tmp moved successfully.
C:\WINDOWS\Temp\d1056ae9-548b-424d-bc5d-dab32be9b005.tmp moved successfully.
C:\WINDOWS\Temp\d18d0af1-d746-435e-888f-9811981985e3.tmp moved successfully.
C:\WINDOWS\Temp\d238e339-68b9-4837-9500-5dd8e5b41385.tmp moved successfully.
C:\WINDOWS\Temp\d3739984-5b03-49f8-81c6-caf38a8191f5.tmp moved successfully.
C:\WINDOWS\Temp\d3fa2476-fc2a-41f9-9b15-7518d5dc7f1d.tmp moved successfully.
C:\WINDOWS\Temp\de3a21a8-caed-4d37-9a4d-13d4c7f8392c.tmp moved successfully.
C:\WINDOWS\Temp\e0e24a3b-a0b6-4ee9-a2c6-1dbf94d8f556.tmp moved successfully.
C:\WINDOWS\Temp\e30e673e-c402-491c-9c60-fb642cb89dc4.tmp moved successfully.
C:\WINDOWS\Temp\e86da3a3-eaac-438a-8a0b-b71aedec3b57.tmp moved successfully.
C:\WINDOWS\Temp\eabbfa14-73be-4421-bfc4-4a682a03c77d.tmp moved successfully.
C:\WINDOWS\Temp\eb2391b3-fc41-4628-9e17-cd3f1b1cce4a.tmp moved successfully.
C:\WINDOWS\Temp\ee4e4975-48bb-4cd1-8bb1-b10e8e38ee1a.tmp moved successfully.
C:\WINDOWS\Temp\f156996c-51f3-4aff-a2a6-3f3a253c1ef5.tmp moved successfully.
C:\WINDOWS\Temp\f1e5f146-4fc9-47f9-8d43-3dadb4498121.tmp moved successfully.
C:\WINDOWS\Temp\f48d6236-2da0-42ed-996f-8fb90c4dd0a5.tmp moved successfully.
C:\WINDOWS\Temp\f4946c29-d70f-4ecf-82f5-6a4f8521c1f7.tmp moved successfully.
C:\WINDOWS\Temp\f5d39acd-8d74-49ae-ab91-7963b1d4b3f0.tmp moved successfully.
C:\WINDOWS\Temp\fadba044-eceb-4fbe-ba8b-fb6d44eb5b0e.tmp moved successfully.
C:\WINDOWS\Temp\fba057f3-ca71-4b61-8204-81edf041b3db.tmp moved successfully.
C:\WINDOWS\Temp\fcf1f6ab-f1da-40bc-9143-87df1f746438.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: JooFoo
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: USER
->Temporary Internet Files folder emptied: 10989667 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 90743070 bytes
->Flash cache emptied: 4353 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 25533786 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2903923442 bytes
Total Files Cleaned = 2 891,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.15.0 log created on 09072010_191813
Files moved on Reboot...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Zde je log z MBAM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4563
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.9.2010 20:10:40
mbam-log-2010-09-07 (20-10-40).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 235548
Uplynulý čas: 39 minuta(y), 26 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Documents and Settings\USER\Data aplikací\Gmail\rygwz7313434.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\WinSys2.exe (Trojan.Agent) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4563
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.9.2010 20:10:40
mbam-log-2010-09-07 (20-10-40).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 235548
Uplynulý čas: 39 minuta(y), 26 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Documents and Settings\USER\Data aplikací\Gmail\rygwz7313434.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\WinSys2.exe (Trojan.Agent) -> No action taken.
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Vse co nasel MBAM smazte Napiste jak se chova PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Zatím je vše OK.
Díky za radu.
Díky za radu.
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Vlozte novy log ze RSITu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Uděláno vše dle manuálu.
Log z RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by USER at 2010-09-08 19:55:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 179 GB (60%) free of 300 GB
Total RAM: 2047 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:31, on 8.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\USER\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\Program Files\trend micro\USER.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 11009 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{DA0FC3DC-76FC-4156-BE16-95216547D262}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-01-17 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-08 2048352]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2008-03-06 2615688]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2008-03-06 910744]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-03-06 140568]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-09-08 19:55:19 ----D---- C:\rsit
2010-09-07 19:29:26 ----D---- C:\Documents and Settings\USER\Data aplikací\Malwarebytes
2010-09-07 19:29:17 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-07 19:29:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-07 19:29:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-09-07 19:29:16 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-01 22:57:20 ----D---- C:\Documents and Settings\USER\Data aplikací\NVIDIA
2010-09-01 22:38:48 ----D---- C:\Program Files\Mafia II
2010-08-18 20:36:41 ----D---- C:\Program Files\Openoko Entertainment
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-13 20:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-13 20:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-13 20:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-13 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-13 20:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-13 20:51:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-13 20:50:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-13 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
======List of files/folders modified in the last 1 months======
2010-09-08 19:55:28 ----D---- C:\Program Files\trend micro
2010-09-08 19:55:25 ----D---- C:\WINDOWS\Prefetch
2010-09-08 19:53:18 ----RD---- C:\Program Files
2010-09-08 19:52:31 ----A---- C:\WINDOWS\WINCMD.INI
2010-09-08 19:51:01 ----D---- C:\WINDOWS
2010-09-08 19:49:54 ----D---- C:\WINDOWS\Temp
2010-09-08 19:49:30 ----D---- C:\Program Files\Mozilla Firefox
2010-09-08 19:47:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-08 19:19:33 ----D---- C:\WINDOWS\system32
2010-09-08 19:13:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-09-08 19:09:48 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-07 19:29:17 ----D---- C:\WINDOWS\system32\drivers
2010-09-07 19:18:46 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-07 19:18:41 ----SHD---- C:\WINDOWS\Installer
2010-09-07 19:18:20 ----SD---- C:\WINDOWS\Tasks
2010-09-05 17:43:51 ----SHD---- C:\Config.Msi
2010-09-05 17:34:32 ----D---- C:\hra
2010-09-05 17:32:38 ----D---- C:\Documents and Settings\USER\Data aplikací\Vso
2010-09-02 21:05:10 ----D---- C:\WINDOWS\Corel
2010-09-02 21:04:59 ----D---- C:\TEMP
2010-09-02 21:04:58 ----RSD---- C:\WINDOWS\Fonts
2010-09-01 22:46:20 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-01 22:44:30 ----D---- C:\WINDOWS\system32\DirectX
2010-09-01 22:44:29 ----HD---- C:\WINDOWS\inf
2010-09-01 22:44:00 ----RSD---- C:\WINDOWS\assembly
2010-09-01 22:43:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-01 17:41:31 ----D---- C:\WINDOWS\Debug
2010-08-28 18:25:47 ----D---- C:\Film
2010-08-27 19:06:42 ----D---- C:\$AVG8.VAULT$
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files
2010-08-14 21:01:09 ----D---- C:\RENAULT
2010-08-13 21:47:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 20:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-13 20:54:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-13 20:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-13 20:53:45 ----D---- C:\WINDOWS\WinSxS
2010-08-13 20:50:02 ----D---- C:\Program Files\Movie Maker
2010-08-13 20:49:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-15 12552]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-06-14 129248]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2009-06-14 368480]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-06-14 441760]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-15 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-06-14 44384]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-10-20 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-14 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-14 715248]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 427288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-07-31 1370488]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2009-08-31 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Log z RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by USER at 2010-09-08 19:55:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 179 GB (60%) free of 300 GB
Total RAM: 2047 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:31, on 8.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\USER\Plocha\Nepoužívané odkazy plochy\RSIT.exe
C:\Program Files\trend micro\USER.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 11009 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{DA0FC3DC-76FC-4156-BE16-95216547D262}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-01-17 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-08 2048352]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2008-03-06 2615688]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2008-03-06 910744]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-03-06 140568]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-09-08 19:55:19 ----D---- C:\rsit
2010-09-07 19:29:26 ----D---- C:\Documents and Settings\USER\Data aplikací\Malwarebytes
2010-09-07 19:29:17 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-07 19:29:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-07 19:29:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-09-07 19:29:16 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-01 22:57:20 ----D---- C:\Documents and Settings\USER\Data aplikací\NVIDIA
2010-09-01 22:38:48 ----D---- C:\Program Files\Mafia II
2010-08-18 20:36:41 ----D---- C:\Program Files\Openoko Entertainment
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-13 20:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-13 20:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-13 20:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-13 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-13 20:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-13 20:51:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-13 20:50:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-13 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
======List of files/folders modified in the last 1 months======
2010-09-08 19:55:28 ----D---- C:\Program Files\trend micro
2010-09-08 19:55:25 ----D---- C:\WINDOWS\Prefetch
2010-09-08 19:53:18 ----RD---- C:\Program Files
2010-09-08 19:52:31 ----A---- C:\WINDOWS\WINCMD.INI
2010-09-08 19:51:01 ----D---- C:\WINDOWS
2010-09-08 19:49:54 ----D---- C:\WINDOWS\Temp
2010-09-08 19:49:30 ----D---- C:\Program Files\Mozilla Firefox
2010-09-08 19:47:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-08 19:19:33 ----D---- C:\WINDOWS\system32
2010-09-08 19:13:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-09-08 19:09:48 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-07 19:29:17 ----D---- C:\WINDOWS\system32\drivers
2010-09-07 19:18:46 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-07 19:18:41 ----SHD---- C:\WINDOWS\Installer
2010-09-07 19:18:20 ----SD---- C:\WINDOWS\Tasks
2010-09-05 17:43:51 ----SHD---- C:\Config.Msi
2010-09-05 17:34:32 ----D---- C:\hra
2010-09-05 17:32:38 ----D---- C:\Documents and Settings\USER\Data aplikací\Vso
2010-09-02 21:05:10 ----D---- C:\WINDOWS\Corel
2010-09-02 21:04:59 ----D---- C:\TEMP
2010-09-02 21:04:58 ----RSD---- C:\WINDOWS\Fonts
2010-09-01 22:46:20 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-01 22:44:30 ----D---- C:\WINDOWS\system32\DirectX
2010-09-01 22:44:29 ----HD---- C:\WINDOWS\inf
2010-09-01 22:44:00 ----RSD---- C:\WINDOWS\assembly
2010-09-01 22:43:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-01 17:41:31 ----D---- C:\WINDOWS\Debug
2010-08-28 18:25:47 ----D---- C:\Film
2010-08-27 19:06:42 ----D---- C:\$AVG8.VAULT$
2010-08-18 20:33:41 ----D---- C:\Program Files\Common Files
2010-08-14 21:01:09 ----D---- C:\RENAULT
2010-08-13 21:47:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 20:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-13 20:54:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-13 20:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-13 20:53:45 ----D---- C:\WINDOWS\WinSxS
2010-08-13 20:50:02 ----D---- C:\Program Files\Movie Maker
2010-08-13 20:49:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-15 12552]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-06-14 129248]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2009-06-14 368480]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-06-14 441760]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-15 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-06-14 44384]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-10-20 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-14 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-06-15 29208]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-14 715248]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-03-06 427288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-07-31 1370488]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2009-08-31 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-03-06 495936]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
A jeste Vam nedam pokoj 
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
Otevrete si poznamkovy blok
Rucne smazte tento soubor
Jinak log vypada OK 
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Java Quick Starter
- U kazde provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\drivers\svchost.exe"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Rucne smazte tento soubor
- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
Jinak log vypada OK "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Díky.Jako poděkování jsem poslal nějaký Kč na podporu fora.
Re: Prosím o kontrolu.AVG detekoval win32/polycrypt
Nemate zac, rad jsem pomohl Za podporu fora za cely tym viry.cz dekuji 
Zase nekdy nashledanou
Za podporu fora za cely tym viry.cz dekuji Zase nekdy nashledanou
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?