VIRY.CZ

Zdravím.

PC po startu zoufale pomalé, když ho odpojím od netu, tak se chová korektně. Zapojím zpět a můžu pracovat. Prosím o kontrolu logu. (Mám trochu zmatek v tom, z čeho je nejlepší generovat log. Dal jsem UPM.)

Díky moc.

Windows XP SP 3 (build 2600)
Boot Mode: Normal
Microsoft files verification: Yes
Whitelist: Yes
Internet Explorer v7.00.6000.17080 (vista_gdr.100616-0452)
Log generated:12.9.2010 10:49:17
================================================================

SmallARK
================================================================

MBR ROOTKIT DETECTED!

Running processes
================================================================

C:\PROGRAM FILES\AVG\AVG9\AVGCHSVX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGRSX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGWDSVC.EXE
C:\WINXP\SYSTEM32\BGSVCGEN.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JQS.EXE
C:\PROGRAM FILES\CDBURNERXP\NMSACCESSU.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGEMC.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGNSX.EXE
C:\PROGRAM FILES\AVG\AVG9\AVGCSRVX.EXE
C:\WINXP\SOUNDMAN.EXE
C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
C:\PROGRA~1\AVG\AVG9\AVGTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\JAVA\JAVA UPDATE\JUSCHED.EXE
C:\PROGRAM FILES\OLYMPUS\OLYMPUS MASTER\MONITOR.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE

Scanner
================================================================
[?] avgchsvx.exe
No window
File 7%

[?] avgrsx.exe
Similar names: AVGRSX.EXE X AVGNSX.EXE
No window
File 7%

[?] avgcsrvx.exe
No window
File 7%

[?] avgwdsvc.exe
No window
File 7%

[?] bgsvcgen.exe
Non Microsoft in System32:
No window
File 7%

[?] jqs.exe
No window
File 7%

[?] NMSAccessU.exe
Without manufacturer
No window
File 12%

[?] avgemc.exe
No window
File 7%

[?] avgnsx.exe
Similar names: AVGNSX.EXE X AVGRSX.EXE
No window
File 7%

[?] avgcsrvx.exe
No window
File 7%

[S] explorer.exe
Startup entry HKLM Winlogon [Shell]

[?] soundman.exe
Startup entry HKLM Run [SoundMan]

[?] reader_sl.exe
Startup entry HKLM Run [Adobe Reader Speed Launcher]
File 7%

[?] QTTask.exe
Startup entry HKLM Run [QuickTime Task]
File 7%

[?] avgtray.exe
Startup entry HKLM Run [AVG9_TRAY]
File 7%

[?] jusched.exe
Startup entry HKLM Run [SunJavaUpdateSched]
No window
File 7%

[S] ctfmon.exe
Startup entry HKCU Run [CTFMON.EXE]

[?] Monitor.exe
Startup entry HKCU Run [OM_Monitor]
File 14%

[?] GoogleToolbarNotifier.exe
Startup entry HKCU Run [swg]
File 14%

[S] msmsgs.exe
Startup entry HKCU Run [MSMSGS]

Startup
================================================================

HKCU Run
|_ [?][OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
|_ [?][swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
|_ [S][MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background
|_ [X][ICQ] C:\Program Files\ICQ7.1\ICQ.exe silent loginmode=4 (File not found)

HKLM Run
|_ [?][SoundMan] C:\WINXP\SOUNDMAN.EXE
|_ [?][Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
|_ [?][QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime
|_ [?][OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
|_ [?][AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
|_ [?][SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe

HKLM ShellServiceObjectDelayLoad
|_ [?][WebCheck] C:\WINXP\system32\webcheck.dll
|_ [?][PostBootReminder] C:\WINXP\system32\SHELL32.dll
|_ [?][CDBurn] C:\WINXP\system32\SHELL32.dll

HKLM IC
|_ [?][<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] C:\WINXP\system32\ieudinit.exe
|_ [?][>{26923b43-4d38-484f-9b9e-de460746276c}] C:\WINXP\system32\ie4uinit.exe -UserIconConfig
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (File not found)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINXP\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINXP\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINXP\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4383}] C:\WINXP\system32\ie4uinit.exe -BaseSettings

HKLM Winlogon Notify
|_ [?][avgrsstarter] C:\WINXP\system32\avgrsstx.dll

Job
|_ [?][APPLES~1.JOB] C:\Program Files\Apple Software Update\SoftwareUpdate.exe
|_ [?][GOOGLE~2.JOB] C:\Program Files\Google\Update\GoogleUpdate.exe
|_ [?][GOOGLE~3.JOB] C:\Program Files\Google\Update\GoogleUpdate.exe

HKLM BHO
|_ [?][{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
|_ [?][{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] C:\Program Files\AVG\AVG9\avgssie.dll
|_ [?][{A3BC75A2-1F87-4686-AA43-5347D756017C}] C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
|_ [?][{AA58ED58-01DD-4d91-8333-CF10577473F7}] C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
|_ [?][{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
|_ [?][{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
|_ [?][{DBC80044-A445-435b-BC74-9C25C1C588A9}] C:\Program Files\Java\jre6\bin\jp2ssv.dll
|_ [?][{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

HKCU IE WebBrowser Toolbar
|_ [?][{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
|_ [?][{2318C2B1-4965-11D4-9B18-009027A5CD4F}] C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

HKLM IE Toolbar
|_ [?][{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
|_ [?][{2318C2B1-4965-11d4-9B18-009027A5CD4F}] C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

Services (Display running: True, Display stopped: False, Display safe: False)
================================================================
[?] AVG Free E-mail Scanner
|_ Path: C:\Program Files\AVG\AVG9\avgemc.exe
| |_ Manufacturer: AVG Technologies CZ, s.r.o.
| |_ Description: AVG E-Mail Scanner
| |_ MD5: AA054CD537357F03D5BA6ABA7562B35F
|
|_ Name: avg9emc
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency: RPCSS

[?] AVG Free WatchDog
|_ Path: C:\Program Files\AVG\AVG9\avgwdsvc.exe
| |_ Manufacturer: AVG Technologies CZ, s.r.o.
| |_ Description: AVG Watchdog Service
| |_ MD5: C4D15594DB5BE042D3346EA58DF87D89
|
|_ Name: avg9wd
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:

[?] B's Recorder GOLD Library General Service
|_ Path: C:\WINXP\system32\bgsvcgen.exe
| |_ Manufacturer: B.H.A Corporation
| |_ Description: B's Recorder GOLD Service Library
| |_ MD5: 71489FA2C4A238F178E30AE6E4449013
|
|_ Name: bgsvcgen
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:

[X] Sluba Google Update (gupdate1ca8bc2e3eccd06)
|_ Path: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Manufacturer:
| |_ Description:
| |_ MD5:
|
|_ Name: gupdate1ca8bc2e3eccd06
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Stopped
|_ Type: Win32 Own Process
|_ Dependency: RPCSS

[X] Java Quick Starter
|_ Path: C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
| |_ Manufacturer:
| |_ Description:
| |_ MD5:
|
|_ Name: JavaQuickStarterService
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:

[?] Pracovní stanice
|_ Path: C:\WINXP\system32\svchost.exe
| |_ Manufacturer: Microsoft Corporation
| |_ Description: Generic Host Process for Win32 Services
| |_ MD5: BE4A520E29B6391F49E79CCC52044D93
|
|_ ServiceDLL: C:\WINXP\System32\wkssvc.dll
| |_ Manufacturer: Microsoft Corporation
| |_ Description: Workstation Service DLL
| |_ MD5: 936C1D110232D23B621CB0196E4F80F0
|
|_ Name: lanmanworkstation
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Share Process
|_ Dependency:

[?] NMSAccessU
|_ Path: C:\Program Files\CDBurnerXP\NMSAccessU.exe
| |_ Manufacturer:
| |_ Description:
| |_ MD5: FD306FBCCE7ADB1077B709742E7148E9
|
|_ Name: NMSAccessU
|_ StartName: LocalSystem
|_ Startup type: Auto Start
|_ Status: Running
|_ Type: Win32 Own Process
|_ Dependency:

Drivers (Display running: True, Display stopped: False, Display safe: False)
================================================================
[?] Service for Realtek AC97 Audio (WDM)
|_ Path: C:\WINXP\system32\drivers\ALCXWDM.SYS
| |_ Manufacturer: Realtek Semiconductor Corp.
| |_ Description: Realtek AC'97 Audio Driver (WDM)
| |_ MD5: F3E15607BA53249C765E36388B332C2F
|
|_ Name: ALCXWDM
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] AVG Free AVI Loader Driver x86
|_ Path: C:\WINXP\System32\Drivers\avgldx86.sys
| |_ Manufacturer: AVG Technologies CZ, s.r.o.
| |_ Description: AVG AVI Loader Driver
| |_ MD5: B8C187439D27ABA430DD69FDCF1FA657
|
|_ Name: AvgLdx86
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] AVG Free On-access Scanner Minifilter Driver x86
|_ Path: C:\WINXP\System32\Drivers\avgmfx86.sys
| |_ Manufacturer: AVG Technologies CZ, s.r.o.
| |_ Description: AVG Resident Shield Minifilter Driver
| |_ MD5: 53B3F979930A786A614D29CAFE99F645
|
|_ Name: AvgMfx86
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: File System Driver
|_ Dependency:

[?] AVG Free Network Redirector
|_ Path: C:\WINXP\System32\Drivers\avgtdix.sys
| |_ Manufacturer: AVG Technologies CZ, s.r.o.
| |_ Description: AVG Network connection watcher
| |_ MD5: 22E3B793C3E61720F03D3A22351AF410
|
|_ Name: AvgTdiX
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] cdrbsdrv
|_ Path: C:\WINXP\system32\drivers\cdrbsdrv.sys
| |_ Manufacturer: B.H.A Corporation
| |_ Description: CD-ROM Filter Driver for Windows2000/xp
| |_ MD5: 248349293CA42EE5DB61DC1FD85A2F49
|
|_ Name: cdrbsdrv
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] HTTP
|_ Path: C:\WINXP\System32\Drivers\HTTP.sys
| |_ Manufacturer: Microsoft Corporation
| |_ Description: HTTP Protocol Stack
| |_ MD5: F80A415EF82CD06FFAF0D971528EAD38
|
|_ Name: HTTP
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] MRXSMB
|_ Path: C:\WINXP\system32\DRIVERS\mrxsmb.sys
| |_ Manufacturer: Microsoft Corporation
| |_ Description: Windows NT SMB Minirdr
| |_ MD5: F3AEFB11ABC521122B67095044169E98
|
|_ Name: MRxSmb
|_ StartName:
|_ Startup type: System Start
|_ Status: Running
|_ Type: File System Driver
|_ Dependency:

[?] nvatabus
|_ Path: C:\WINXP\system32\DRIVERS\nvatabus.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA® nForce(TM) IDE Performance Driver
| |_ MD5: 46DEED4C6C5FA765F9A2C723BE60348D
|
|_ Name: nvatabus
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] NVIDIA Network Bus Enumerator
|_ Path: C:\WINXP\system32\DRIVERS\nvnetbus.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA Networking Bus Driver.
| |_ MD5: BCC3722A2DB99AD6F367344997C26654
|
|_ Name: nvnetbus
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] NVIDIA nForce AGP Bus Filter
|_ Path: C:\WINXP\system32\DRIVERS\nv_agp.sys
| |_ Manufacturer: NVIDIA Corporation
| |_ Description: NVIDIA nForce AGP Filter
| |_ MD5: C0FCD544A1C4EEA6D11A0AE6A07DAC9D
|
|_ Name: nv_agp
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] PxHelp20
|_ Path: C:\WINXP\System32\Drivers\PxHelp20.sys
| |_ Manufacturer: Sonic Solutions
| |_ Description: Px Engine Device Driver for Windows 2000/XP
| |_ MD5: D86B4A68565E444D76457F14172C875A
|
|_ Name: PxHelp20
|_ StartName:
|_ Startup type: Boot Start
|_ Status: Running
|_ Type: Kernel Driver
|_ Dependency:

[?] Srv
|_ Path: C:\WINXP\system32\DRIVERS\srv.sys
| |_ Manufacturer: Microsoft Corporation
| |_ Description: Server driver
| |_ MD5: DA852E3E0BF1CEA75D756F9866241E57
|
|_ Name: Srv
|_ StartName:
|_ Startup type: Manual startup
|_ Status: Running
|_ Type: File System Driver
|_ Dependency:

lNetStat
================================================================
Type: PID Process Local <-> Remote Status
------------------------------------------------------------------------------------------
TCP (796) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) System 0.0.0.0:445 LISTENING
TCP (1736) alg.exe 127.0.0.1:1025 LISTENING
TCP (1632) jqs.exe 127.0.0.1:5152 LISTENING
UDP (4) System 0.0.0.0:445 LISTENING
UDP (588) lsass.exe 0.0.0.0:500
UDP (588) lsass.exe 0.0.0.0:4500
UDP (836) svchost.exe 127.0.0.1:123
UDP (1008) svchost.exe 127.0.0.1:1900

Modules (Display safe: False, Only without manufacturer: True, Display registered: False)
================================================================
[?] avgrsstx.dll
|_ Path: C:\WINXP\system32\avgrsstx.dll
|_ MD5: D2A2B291414EB3D256B9E49331ED06C3
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ winlogon.exe (532)

[?] avgclitx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgclitx.dll
|_ MD5: 5412B19162D52E9DE9E83534613E664E
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgchsvx.exe (952)

[?] avglogx.dll
|_ Path: C:\Program Files\AVG\AVG9\avglogx.dll
|_ MD5: 4A2FC89ED82ABE547DDE1B7443C5F321
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgchsvx.exe (952)
|_ avgrsx.exe (960)
|_ avgcsrvx.exe (1080)
|_ avgwdsvc.exe (1528)
|_ avgemc.exe (2044)
|_ avgnsx.exe (164)
|_ avgcsrvx.exe (368)
|_ avgtray.exe (2628)

[?] avgcertx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgcertx.dll
|_ MD5: 6ABB7C1BB86021268BFD0DAC655BED2E
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgchsvx.exe (952)
|_ avgcsrvx.exe (1080)
|_ avgcsrvx.exe (368)

[?] avgchjwx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgchjwx.dll
|_ MD5: A0C86DD4ADAD6C115322977159B32E19
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgchsvx.exe (952)

[?] avgcclix.dll
|_ Path: C:\Program Files\AVG\AVG9\avgcclix.dll
|_ MD5: 7F65F6F91690074AC3B02C14A10FCCCE
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgrsx.exe (960)
|_ avgemc.exe (2044)

[?] avgcorex.dll
|_ Path: C:\Program Files\AVG\AVG9\avgcorex.dll
|_ MD5: 48E09D07626921ADDD121725515B5AFD
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgcsrvx.exe (1080)
|_ avgcsrvx.exe (368)

[?] avgchclx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgchclx.dll
|_ MD5: F284AD3887C458312797FD1F1A920498
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgcsrvx.exe (1080)
|_ avgcsrvx.exe (368)

[?] avgamnot.dll
|_ Path: C:\Program Files\AVG\AVG9\avgamnot.dll
|_ MD5: 6045FD764EA16155A7E28895FB442940
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)

[?] avgcfgx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgcfgx.dll
|_ MD5: 37C58F3C25745E83BF5E141C3E7F555E
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)
|_ avgemc.exe (2044)
|_ avgnsx.exe (164)
|_ avgtray.exe (2628)

[?] avglngx.dll
|_ Path: C:\Program Files\AVG\AVG9\avglngx.dll
|_ MD5: 6E369ACB5D93EC872CABB3FB066FE96F
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)
|_ avgemc.exe (2044)
|_ avgtray.exe (2628)

[?] avgsched.dll
|_ Path: C:\Program Files\AVG\AVG9\avgsched.dll
|_ MD5: F34780EC4BA8D315F415D8DDAACA61D9
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)

[?] avgwd.dll
|_ Path: C:\Program Files\AVG\AVG9\avgwd.dll
|_ MD5: EC007398F0E040017965A4AE378477EE
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)

[?] avgwdwsc.dll
|_ Path: C:\Program Files\AVG\AVG9\avgwdwsc.dll
|_ MD5: 1768312EF86F64620ABBCE147BDB764D
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgwdsvc.exe (1528)

[?] aspnet_perf.dll
|_ Path: C:\WINXP\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
|_ MD5: F1430F5D20F4BB71A003209C3DB3ADDF
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] corperfmonext.dll
|_ Path: C:\WINXP\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
|_ MD5: 2E61C409474416CC78D66300F1BCB722
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] netfxperf.dll
|_ Path: C:\WINXP\system32\netfxperf.dll
|_ MD5: 203D5ECB5CCDA683053CDA42DFF03573
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] perfcounter.dll
|_ Path: C:\WINXP\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
|_ MD5: C5A9554406507AB2AB341B221D97519D
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] mscoree.dll
|_ Path: C:\WINXP\system32\mscoree.dll
|_ MD5: 08A73B0E7EE6E32983B5F9E540A8E380
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] mscorwks.dll
|_ Path: C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
|_ MD5: 4ED92DC066A4DF8384A3E34E03F440FC
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ jqs.exe (1632)

[?] avgapix.dll
|_ Path: C:\Program Files\AVG\AVG9\avgapix.dll
|_ MD5: CCEAE95F3EC435D8C2603BB42CAF41DD
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] avgmvflx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgmvflx.dll
|_ MD5: 5A7D4F5D293B48584AE2112ED5DB4132
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] avgscanx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgscanx.dll
|_ MD5: 61C8FAE993D723E19078D4CAE8FC47A3
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] avgsrmx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgsrmx.dll
|_ MD5: E230DB9A3032E6D2BE44D61285085365
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] avgvvx.dll
|_ Path: C:\Program Files\AVG\AVG9\avgvvx.dll
|_ MD5: 01C10B077D464FEA240A7B1B71A123BC
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] libsasl.dll
|_ Path: C:\Program Files\AVG\AVG9\libsasl.dll
|_ MD5: 6BA10DE5FC60333BF2A7AFC94743F8CB
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] saslplain.dll
|_ Path: C:\Program Files\AVG\AVG9\saslplain.dll
|_ MD5: 6DE53AF6695AA88E5D75C06014D84FA3
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] sasllogin.dll
|_ Path: C:\Program Files\AVG\AVG9\sasllogin.dll
|_ MD5: 1DA5DAAF359873246D9642C65432B163
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] saslcrammd5.dll
|_ Path: C:\Program Files\AVG\AVG9\saslcrammd5.dll
|_ MD5: 5A3F5083157788A4952AADB755AF7B1E
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] sasldigestmd5.dll
|_ Path: C:\Program Files\AVG\AVG9\sasldigestmd5.dll
|_ MD5: FF42698F85DBEFF3729821D8A0E48B20
|_ Manufacturer: AVG Technologies CZ, s.r.o.
|_ Processes
|_ avgemc.exe (2044)

[?] olyuidrw.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\olyuidrw.dll
|_ MD5: B8A71BCCE88CC6A8B0D821DF18950BB3
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olyplgmgr.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlyPlgMgr.dll
|_ MD5: 7E6DD8A6D2619ECBE508154EA7572862
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olycamdetect.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlyCamDetect.dll
|_ MD5: D0B850C181B0F80540E6F6138788B518
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olapcevent.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlAPCEvent.dll
|_ MD5: 1C69690C5336AFC9653D2A3AF914A2F3
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olygloss.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlyGloss.dll
|_ MD5: A843CC6DB39CF0467337F4D65A3C71E5
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olyexiflib.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlyExifLib.dll
|_ MD5: FA23A0DF3A062D1648F04718368091DC
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olilevent.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlILEvent.dll
|_ MD5: F99212BDFC4A1ACDFE0D991C8048F78E
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olyrum.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\OlyRum.dll
|_ MD5: CE96CF296AD92E5650080FBB0D669677
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] ptp-il.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\PTP-IL.dll
|_ MD5: C59202534D7F802C5EE10828914D12EE
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] olcamapi.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\Olcamapi.dll
|_ MD5: 79B8774EED4F86607C0AE48FDCC230EC
|_ Manufacturer: OLYMPUS OPTICAL CO.,LTD.
|_ Processes
|_ Monitor.exe (2676)

[?] olyuictl.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\olyuictl.dll
|_ MD5: DCCCC6BEAAF866349F3D09E7FC43A530
|_ Manufacturer: OLYMPUS IMAGING CORP.
|_ Processes
|_ Monitor.exe (2676)

[?] mfc42.dll
|_ Path: C:\Program Files\OLYMPUS\OLYMPUS Master\MFC42.DLL
|_ MD5: F92E518180CF52FB526C7A76BD9AFD7E
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ Monitor.exe (2676)

[?] swg.dll
|_ Path: C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
|_ MD5: 42CB4EE0B0FC259C8AD20B460FA7D72A
|_ Manufacturer: Google Inc.
|_ Processes
|_ GoogleToolbarNotifier.exe (2708)

[?] gtn.dll
|_ Path: C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\gtn.dll
|_ MD5: EFC5461595187559BB61538143D035ED
|_ Manufacturer: Google Inc.
|_ Processes
|_ GoogleToolbarNotifier.exe (2708)

[?] mscomctl.ocx
|_ Path: C:\WINXP\system32\MSCOMCTL.OCX
|_ MD5: F7BBB7D79ADB9E3ADC13F3B3C33D3D4D
|_ Manufacturer: Microsoft Corporation
|_ Processes
|_ UPM.exe (3492)

================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ] - Not Registered =(

Zdravim a pekne nedelni poledne preji

Nejste tu novackem abyste neznal nase postupy, pokud neznate, tak precist pravidla fora a dejte sem log z RSIT - viz muj podpis...

Díky ... tentokrát tedy log z RSIT - vytvořeno po startu PC, které není připojeno do netu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jana at 2010-09-12 12:59:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 100 GB (66%) free of 153 GB
Total RAM: 511 MB (37% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINXP\tasks\AppleSoftwareUpdate.job
C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-24 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-30 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINXP\SOUNDMAN.EXE [2006-11-17 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2006-05-16 40960]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-15 2065760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-12 39408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINXP\system32\avgrsstx.dll [2010-07-15 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2008-12-08 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINXP\system32\usmt\migwiz.exe"="C:\WINXP\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 2 months======

2010-09-12 12:59:06 ----D---- C:\Program Files\trend micro
2010-09-12 12:59:04 ----D---- C:\rsit
2010-09-10 15:03:05 ----ASH---- C:\hiberfil.sys
2010-09-04 22:09:22 ----HDC---- C:\WINXP\$NtUninstallKB980218$
2010-09-04 22:07:51 ----HDC---- C:\WINXP\$NtUninstallKB960859$
2010-09-04 22:07:42 ----HDC---- C:\WINXP\$NtUninstallKB982214$
2010-09-04 22:07:37 ----HDC---- C:\WINXP\$NtUninstallKB958869$
2010-09-04 22:07:32 ----HDC---- C:\WINXP\$NtUninstallKB970430$
2010-09-04 22:07:23 ----HDC---- C:\WINXP\$NtUninstallKB980232$
2010-09-04 22:07:17 ----HDC---- C:\WINXP\$NtUninstallKB2115168$
2010-09-04 22:07:12 ----HDC---- C:\WINXP\$NtUninstallKB974318$
2010-09-04 22:06:17 ----HDC---- C:\WINXP\$NtUninstallKB969059$
2010-09-04 22:06:04 ----HDC---- C:\WINXP\$NtUninstallKB981349$
2010-09-04 22:05:59 ----HDC---- C:\WINXP\$NtUninstallKB2229593$
2010-09-04 22:05:52 ----HDC---- C:\WINXP\$NtUninstallKB978037$
2010-09-04 22:05:46 ----HDC---- C:\WINXP\$NtUninstallKB975713$
2010-09-04 22:05:12 ----HDC---- C:\WINXP\$NtUninstallKB971657$
2010-09-04 22:05:04 ----HDC---- C:\WINXP\$NtUninstallKB978338$
2010-09-04 22:04:52 ----HDC---- C:\WINXP\$NtUninstallKB961118$
2010-09-04 22:04:36 ----HDC---- C:\WINXP\$NtUninstallKB954155_WM9$
2010-09-04 22:03:13 ----HDC---- C:\WINXP\$NtUninstallKB972270$
2010-09-04 22:03:06 ----HDC---- C:\WINXP\$NtUninstallKB956744$
2010-09-04 22:02:59 ----HDC---- C:\WINXP\$NtUninstallKB974112$
2010-09-04 22:02:48 ----HDC---- C:\WINXP\$NtUninstallKB956844$
2010-09-04 22:02:34 ----HDC---- C:\WINXP\$NtUninstallKB981852$
2010-09-04 22:02:11 ----HDC---- C:\WINXP\$NtUninstallKB2079403$
2010-09-04 21:55:19 ----HDC---- C:\WINXP\$NtUninstallKB973869$
2010-09-04 21:55:11 ----HDC---- C:\WINXP\$NtUninstallKB975025$
2010-09-04 21:51:08 ----HDC---- C:\WINXP\$NtUninstallKB974571$
2010-09-04 21:51:00 ----HDC---- C:\WINXP\$NtUninstallKB975560$
2010-09-04 21:50:46 ----HDC---- C:\WINXP\$NtUninstallKB973507$
2010-09-04 21:50:13 ----HDC---- C:\WINXP\$NtUninstallKB2160329$
2010-09-04 21:50:03 ----HDC---- C:\WINXP\$NtUninstallKB977816$
2010-09-04 21:48:20 ----HDC---- C:\WINXP\$NtUninstallKB978601$
2010-09-04 21:48:07 ----HDC---- C:\WINXP\$NtUninstallKB980436$
2010-09-04 21:44:57 ----HDC---- C:\WINXP\$NtUninstallKB978695_WM9$
2010-09-04 21:44:08 ----HDC---- C:\WINXP\$NtUninstallKB973904$
2010-09-04 21:43:58 ----HDC---- C:\WINXP\$NtUninstallKB973540_WM9$
2010-09-04 21:43:28 ----SHD---- C:\Config.Msi
2010-09-04 21:43:12 ----HDC---- C:\WINXP\$NtUninstallKB974392$
2010-09-04 21:43:05 ----HDC---- C:\WINXP\$NtUninstallKB971737$
2010-09-04 21:42:48 ----HDC---- C:\WINXP\$NtUninstallKB977914$
2010-09-04 21:41:24 ----HDC---- C:\WINXP\$NtUninstallKB978542$
2010-09-04 21:41:15 ----HDC---- C:\WINXP\$NtUninstallKB2286198$
2010-09-04 21:41:04 ----HDC---- C:\WINXP\$NtUninstallKB979309$
2010-09-04 21:40:56 ----HDC---- C:\WINXP\$NtUninstallKB979482$
2010-09-04 21:40:48 ----HDC---- C:\WINXP\$NtUninstallKB978706$
2010-09-04 21:40:41 ----HDC---- C:\WINXP\$NtUninstallKB981997$
2010-09-04 21:40:34 ----HDC---- C:\WINXP\$NtUninstallKB973815$
2010-09-04 21:40:15 ----HDC---- C:\WINXP\$NtUninstallKB975562$
2010-09-04 21:31:30 ----HDC---- C:\WINXP\$NtUninstallKB982665$
2010-09-04 21:30:28 ----HDC---- C:\WINXP\$NtUninstallKB971961$
2010-09-04 16:38:09 ----A---- C:\WINXP\system32\javaws.exe
2010-09-04 16:38:08 ----A---- C:\WINXP\system32\javaw.exe
2010-09-04 16:38:08 ----A---- C:\WINXP\system32\java.exe
2010-09-04 11:23:49 ----D---- C:\Program Files\Ultimate Process Manager
2010-09-04 09:40:33 ----A---- C:\WINXP\ntbtlog.txt
2010-08-22 17:14:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-07-15 16:39:52 ----A---- C:\WINXP\system32\avgrsstx.dll

======List of files/folders modified in the last 2 months======

2010-09-12 12:59:06 ----RD---- C:\Program Files
2010-09-12 12:58:37 ----D---- C:\WINXP\Temp
2010-09-12 11:03:31 ----A---- C:\WINXP\SchedLgU.Txt
2010-09-12 10:53:08 ----D---- C:\WINXP\Prefetch
2010-09-12 10:48:33 ----D---- C:\WINXP\system32\CatRoot2
2010-09-10 13:35:52 ----D---- C:\WINXP
2010-09-09 11:24:10 ----D---- C:\WINXP\system32\drivers\Avg
2010-09-05 11:25:38 ----D---- C:\WINXP\Microsoft.NET
2010-09-05 11:25:34 ----RSD---- C:\WINXP\assembly
2010-09-05 10:36:18 ----D---- C:\WINXP\system32
2010-09-05 10:36:18 ----A---- C:\WINXP\system32\PerfStringBackup.INI
2010-09-05 10:34:14 ----D---- C:\Program Files\Internet Explorer
2010-09-04 22:09:25 ----HD---- C:\WINXP\inf
2010-09-04 22:09:23 ----RSHDC---- C:\WINXP\system32\dllcache
2010-09-04 22:09:15 ----A---- C:\WINXP\imsins.BAK
2010-09-04 22:09:03 ----D---- C:\WINXP\system32\cs-cz
2010-09-04 22:07:43 ----D---- C:\WINXP\system32\drivers
2010-09-04 22:07:40 ----HD---- C:\WINXP\$hf_mig$
2010-09-04 22:07:38 ----D---- C:\WINXP\WinSxS
2010-09-04 22:07:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-09-04 22:07:04 ----SHD---- C:\WINXP\Installer
2010-09-04 22:05:44 ----D---- C:\WINXP\system32\CatRoot
2010-09-04 21:41:26 ----D---- C:\Program Files\Outlook Express
2010-09-04 21:40:43 ----D---- C:\Program Files\Movie Maker
2010-09-04 16:37:53 ----A---- C:\WINXP\system32\deploytk.dll
2010-09-04 16:37:50 ----D---- C:\Program Files\Java
2010-09-04 11:43:05 ----D---- C:\Program Files\Norton Security Scan
2010-09-04 11:43:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-09-04 11:43:02 ----SD---- C:\WINXP\Tasks
2010-09-04 09:43:11 ----D---- C:\WINXP\system32\config
2010-09-04 09:43:01 ----D---- C:\WINXP\system32\wbem
2010-09-04 09:43:01 ----D---- C:\WINXP\Registration
2010-09-04 09:40:49 ----D---- C:\Documents and Settings
2010-08-27 16:38:38 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-08-22 17:14:36 ----D---- C:\Program Files\Common Files\Java
2010-08-09 16:36:07 ----D---- C:\WINXP\Minidump
2010-08-03 11:09:32 ----A---- C:\WINXP\system32\MRT.exe
2010-07-27 08:30:31 ----A---- C:\WINXP\system32\shell32.dll
2010-07-24 17:45:14 ----D---- C:\Documents and Settings\Jana\Data aplikací\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINXP\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINXP\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 PxHelp20;PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [2009-11-14 43528]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINXP\System32\Drivers\avgldx86.sys [2010-07-15 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINXP\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINXP\System32\Drivers\avgtdix.sys [2010-07-15 243024]
R1 cdrbsdrv;cdrbsdrv; C:\WINXP\system32\drivers\cdrbsdrv.sys [2005-05-11 32256]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINXP\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINXP\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myi standardu HID; C:\WINXP\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINXP\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINXP\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINXP\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 USBSTOR;Ovladač velkokapacitního paměového zařízení USB; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINXP\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2008-12-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2008-12-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-24 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-15 308136]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINXP\system32\bgsvcgen.exe [2005-04-30 86016]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-04 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S2 gupdate1ca8bc2e3eccd06;Sluba Google Update (gupdate1ca8bc2e3eccd06); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-02 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-12 182768]
S3 idsvc;Windows CardSpace; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Sluba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

A jeste jeden sken udelame - jsem otravnej, vim

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Odinstaloval jsem jen Skype toolbar, google toolbar je běžně používán a AVG jsem zatím neřešil.

Skeny jsou zde.....díky

OTL logfile created on: 12.9.2010 17:29:51 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = F:\HAVET
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 173,00 Mb Available Physical Memory | 34,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 97,68 Gb Free Space | 65,54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1,87 Gb Total Space | 0,70 Gb Free Space | 37,41% Space Free | Partition Type: FAT
Drive F: | 3,72 Gb Total Space | 1,68 Gb Free Space | 44,99% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POCITAC
Current User Name: Jana
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.12 13:38:50 | 000,576,000 | ---- | M] (OldTimer Tools) -- F:\HAVET\OTL.exe
PRC - [2010.07.24 17:28:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.07.15 16:40:14 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.07.15 16:39:53 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.07.15 16:39:52 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.07.15 16:39:23 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.07.15 16:36:58 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.07.15 16:36:52 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009.11.12 20:00:49 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe
PRC - [2006.11.17 05:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINXP\soundman.exe
PRC - [2006.05.16 17:51:00 | 000,057,344 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
PRC - [2005.04.30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINXP\system32\bgsvcgen.exe

========== Modules (SafeList) ==========

MOD - [2010.09.12 13:38:50 | 000,576,000 | ---- | M] (OldTimer Tools) -- F:\HAVET\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINXP\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINXP\System32\hidserv.dll -- (HidServ)
SRV - [2010.07.24 17:28:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.07.15 16:39:23 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.04.19 10:25:38 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2005.04.30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINXP\system32\bgsvcgen.exe -- (bgsvcgen)

========== Driver Services (SafeList) ==========

DRV - [2010.07.15 16:40:04 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINXP\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.07.15 16:36:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINXP\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.03 16:57:10 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINXP\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.04.14 00:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.05.11 00:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINXP\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINXP\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004.05.17 14:00:54 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.05.17 14:00:52 | 000,033,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2003.10.29 13:02:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINXP\system32\DRIVERS\nv_agp.sys -- (nv_agp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.04.07 17:10:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.07.24 17:31:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.30 23:52:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.04 09:42:19 | 000,000,000 | ---D | M]

[2010.09.04 16:38:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.04 09:42:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008.03.31 21:06:24 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2008.03.31 21:06:24 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2008.01.27 11:57:20 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2008.01.27 11:57:20 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2008.03.31 21:06:24 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [SoundMan] C:\WINXP\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-839522115-573735546-1177238915-1004..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe File not found
O4 - HKU\S-1-5-21-839522115-573735546-1177238915-1004..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-839522115-573735546-1177238915-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINXP\system32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINXP\system32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-839522115-573735546-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.40.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINXP\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jana\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jana\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.09 21:44:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.30 17:56:48 | 000,000,170 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{08d24cde-b806-11df-9bd6-0050fc98e1e3}\Shell\AutoRun\command - "" = F:\mint4win.exe -- [2010.05.13 12:35:00 | 001,401,680 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINXP\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINXP\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINXP\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINXP\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINXP\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINXP\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINXP\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINXP\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINXP\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINXP\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINXP\System32\Pvmjpg21.dll (Pegasus Imaging Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 7 Days ==========

[2010.09.12 17:27:30 | 000,000,000 | ---D | C] -- C:\WINXP\System32\appmgmt
[2010.09.12 12:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.12 12:59:04 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.12 10:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.09.12 17:25:20 | 000,000,936 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 17:24:17 | 000,000,006 | -H-- | M] () -- C:\WINXP\tasks\SA.DAT
[2010.09.12 17:24:13 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2010.09.12 17:24:12 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.12 13:00:07 | 003,145,728 | ---- | M] () -- C:\Documents and Settings\Jana\ntuser.dat
[2010.09.12 13:00:07 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jana\ntuser.ini
[2010.09.12 13:00:01 | 003,229,622 | -H-- | M] () -- C:\Documents and Settings\Jana\Local Settings\Data aplikací\IconCache.db
[2010.09.12 10:17:33 | 000,000,940 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.09 11:22:56 | 064,443,496 | ---- | M] () -- C:\WINXP\System32\drivers\Avg\incavi.avm
[2010.09.09 11:15:45 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2010.09.06 20:30:01 | 000,000,284 | ---- | M] () -- C:\WINXP\tasks\AppleSoftwareUpdate.job
[2010.09.06 09:37:11 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\Jana\Dokumenty\Pozvánka na třídní sraz.doc
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.10 15:03:05 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010.09.06 09:22:58 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\Jana\Dokumenty\Pozvánka na třídní sraz.doc
[2009.06.09 23:26:39 | 000,147,456 | R--- | C] () -- C:\WINXP\System32\RtlCPAPI.dll
[2009.06.09 23:26:30 | 000,000,164 | R--- | C] () -- C:\WINXP\avrack.ini
[2009.06.09 22:43:12 | 000,000,311 | ---- | C] () -- C:\WINXP\WINCMD.INI
[2008.02.01 08:18:14 | 000,009,216 | ---- | C] () -- C:\WINXP\System32\drivers\FlashSys.sys

========== LOP Check ==========

[2010.04.07 17:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.04.07 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.03.24 20:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.07.24 17:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\ICQ
[2009.06.16 14:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\OLYMPUS
[2009.08.08 14:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Karel.POCITAC\Data aplikací\OLYMPUS
[2009.06.28 16:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC.POCITAC\Data aplikací\Canneverbe_Limited
[2009.06.17 17:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC.POCITAC\Data aplikací\OLYMPUS

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINXP\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"OM_Monitor" = C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -- [2006.05.16 17:51:00 | 000,057,344 | ---- | M] (OLYMPUS IMAGING CORP.)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.11.12 20:00:49 | 000,039,408 | ---- | M] (Google Inc.)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4 -- File not found

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.06.25 15:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Adobe
[2009.06.17 13:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Apple Computer
[2009.11.13 08:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Google
[2010.07.24 17:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\ICQ
[2009.06.11 19:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Identities
[2009.06.11 19:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Macromedia
[2010.04.07 17:04:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jana\Data aplikací\Microsoft
[2010.01.25 12:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Mozilla
[2009.06.16 14:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\OLYMPUS
[2010.06.15 20:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Skype
[2010.06.14 16:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\skypePM
[2009.06.11 19:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\Sun
[2010.02.08 15:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jana\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.02.12 11:35:52 | 000,038,208 | ---- | M] () -- C:\Documents and Settings\Jana\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINXP\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINXP\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINXP\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINXP\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINXP\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINXP\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINXP\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINXP\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINXP\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINXP\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINXP\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINXP\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINXP\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINXP\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINXP\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINXP\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINXP\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\Install\drivers\motherboard\IDE\Win2K\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\Install\drivers\motherboard\IDE\WinXP\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINXP\system32\drivers\nvatabus.sys

< MD5 for: NVRAID.SYS >
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\Install\drivers\motherboard\IDE\Win2K\nvraid.sys
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\Install\drivers\motherboard\IDE\WinXP\nvraid.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINXP\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINXP\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINXP\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINXP\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINXP\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINXP\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINXP\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINXP\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINXP\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINXP\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINXP\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINXP\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINXP\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINXP\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\cryptdll.dll
[2008.04.14 08:51:46 | 000,095,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\iphlpapi.dll
[2008.04.14 08:51:48 | 000,071,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\msacm32.dll
[2008.04.14 00:00:48 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\msvcrt40.dll
[2008.04.14 08:51:56 | 000,237,056 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rasapi32.dll
[2008.04.14 08:51:56 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rasman.dll
[2008.04.14 08:51:56 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rtutils.dll
[2008.04.14 08:51:56 | 000,007,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\sensapi.dll
[2008.04.14 08:52:04 | 000,713,728 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\sxs.dll
[2008.04.14 08:52:04 | 000,181,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\tapi32.dll
[2008.04.14 00:06:06 | 002,927,616 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\xpsp2res.dll
[1 C:\WINXP\system32\*.tmp files -> C:\WINXP\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.06.09 23:28:22 | 000,094,208 | ---- | M] () -- C:\WINXP\system32\config\default.sav
[2009.06.09 23:28:22 | 001,093,632 | ---- | M] () -- C:\WINXP\system32\config\software.sav
[2009.06.09 23:28:22 | 000,483,328 | ---- | M] () -- C:\WINXP\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\cryptdll.dll
[2008.04.14 08:51:46 | 000,095,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\iphlpapi.dll
[2008.04.14 08:51:48 | 000,071,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\msacm32.dll
[2008.04.14 00:00:48 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\msvcrt40.dll
[2008.04.14 08:51:56 | 000,237,056 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rasapi32.dll
[2008.04.14 08:51:56 | 000,061,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rasman.dll
[2008.04.14 08:51:56 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\rtutils.dll
[2008.04.14 08:51:56 | 000,007,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\sensapi.dll
[2008.04.14 08:52:04 | 000,713,728 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\sxs.dll
[2008.04.14 08:52:04 | 000,181,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\tapi32.dll
[2008.04.14 00:06:06 | 002,927,616 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINXP\system32\xpsp2res.dll
[1 C:\WINXP\system32\*.tmp files -> C:\WINXP\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[1 C:\WINXP\system32\*.tmp files -> C:\WINXP\system32\*.tmp -> ]
< End of report >

----------------

OTL Extras logfile created on: 12.9.2010 17:29:51 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = F:\HAVET
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 173,00 Mb Available Physical Memory | 34,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 97,68 Gb Free Space | 65,54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1,87 Gb Total Space | 0,70 Gb Free Space | 37,41% Space Free | Partition Type: FAT
Drive F: | 3,72 Gb Total Space | 1,68 Gb Free Space | 44,99% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POCITAC
Current User Name: Jana
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINXP\system32\usmt\migwiz.exe" = C:\WINXP\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG9Uninstall" = AVG Free 9.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.4.2010 11:04:39 | Computer Name = POCITAC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 7.0.6000.16850, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 1.5.2010 11:19:49 | Computer Name = POCITAC | Source = ESENT | ID = 490
Description = svchost (864) Pokus o otevření souboru C:\WINXP\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 1.5.2010 11:41:05 | Computer Name = POCITAC | Source = ESENT | ID = 490
Description = svchost (864) Pokus o otevření souboru C:\WINXP\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 1.5.2010 12:51:46 | Computer Name = POCITAC | Source = Application Error | ID = 1000
Description = Chybující aplikace rajce.exe, verze 1.56.164.0, chybující modul rajce.exe,
verze 1.56.164.0, adresa chyby 0x00005861.

Error - 4.5.2010 13:37:48 | Computer Name = POCITAC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 21.5.2010 10:27:35 | Computer Name = POCITAC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 22.5.2010 14:32:17 | Computer Name = POCITAC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.5.2010 1:26:21 | Computer Name = POCITAC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 28.5.2010 7:57:01 | Computer Name = POCITAC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 7.0.6000.16850, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 3.6.2010 10:56:14 | Computer Name = POCITAC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 10.9.2010 7:40:24 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 10.9.2010 9:00:27 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 10.9.2010 9:00:29 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 10.9.2010 9:01:42 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 10.9.2010 9:01:42 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 10.9.2010 9:01:42 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 10.9.2010 9:01:42 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 10.9.2010 9:01:42 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd
Rdbss
Tcpip

Error - 10.9.2010 9:02:08 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12.9.2010 4:47:12 | Computer Name = POCITAC | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 00000004, parametr2 00000002, parametr3
00000001, parametr4 804fdbca.

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- C:\WINXP\System32\hidserv.dll -- (HidServ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-839522115-573735546-1177238915-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
O4 - HKU\S-1-5-21-839522115-573735546-1177238915-1004..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"MSMSGS"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-

:files
C:\WINXP\tasks\AppleSoftwareUpdate.job
C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

díky, provedeno ... log přikládám
Po restartu PC naskočilo i s logem a v zápětí hned spadlo (to se prý také stávalo, nicméně to by mohla být nějaká hardwarová chybka). Po novém restartu naskočil log opět - naštěstí - když jsem ho chtěl vložit a spustil explorer, tak vyskočilo okno "vypnutí systému atd. atd. ... vyvolal nt authority system ...." Po proběhnutí odpočítávání okno zmizelo (mezitím jsem uložil log), ale pak už s počítačem nešlo nic moc udělat - jen vypnutí natvrdo.

All processes killed
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINXP\System32\hidserv.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-839522115-573735546-1177238915-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-839522115-573735546-1177238915-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-839522115-573735546-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINXP\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINXP\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\WINXP\SET3.tmp deleted successfully.
C:\WINXP\SET4.tmp deleted successfully.
C:\WINXP\SET8.tmp deleted successfully.
C:\WINXP\System32\CONFIG.TMP deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\WINXP\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\WINXP\system32\*.tmp.dll not found.
File/Folder C:\WINXP\system32\SET*.tmp not found.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AC.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP396.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3ED.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C5.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F5.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP505.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP615.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP710.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71F.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP80F.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E7.tmp folder moved successfully.
C:\WINXP\Temp\CR_17.tmp folder moved successfully.
C:\WINXP\Temp\CR_3.tmp folder moved successfully.
C:\WINXP\Temp\CR_30.tmp folder moved successfully.
C:\WINXP\Temp\CR_5.tmp folder moved successfully.
C:\WINXP\Temp\CR_7.tmp folder moved successfully.
C:\WINXP\Temp\CR_7F.tmp folder moved successfully.
C:\WINXP\Temp\CR_8.tmp folder moved successfully.
C:\WINXP\Temp\CR_9.tmp folder moved successfully.
C:\WINXP\Temp\CR_A.tmp folder moved successfully.
C:\WINXP\Temp\CR_D.tmp folder moved successfully.
C:\WINXP\Temp\GUR1.tmp moved successfully.
C:\WINXP\Temp\GUR2.tmp moved successfully.
C:\WINXP\Temp\GUR3.tmp moved successfully.
C:\WINXP\Temp\GUR4.tmp moved successfully.
========== COMMANDS ==========
C:\WINXP\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 314 bytes
->Temporary Internet Files folder emptied: 321899 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jana
->Temp folder emptied: 88638655 bytes
->Temporary Internet Files folder emptied: 37689386 bytes
->Java cache emptied: 103204670 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 51623 bytes

User: Karel

User: Karel.POCITAC
->Temp folder emptied: 139551505 bytes
->Temporary Internet Files folder emptied: 289306664 bytes
->Java cache emptied: 92997903 bytes
->Google Chrome cache emptied: 397218527 bytes
->Flash cache emptied: 81620 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10673719 bytes
->Flash cache emptied: 763 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2110765 bytes

User: PC.POCITAC
->Temp folder emptied: 6962216 bytes
->Temporary Internet Files folder emptied: 45035292 bytes
->Java cache emptied: 72595328 bytes
->Google Chrome cache emptied: 1905008 bytes
->Flash cache emptied: 749 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58680334 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 65382174 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4294635881 bytes

Total Files Cleaned = 5 444,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Jana
->Flash cache emptied: 0 bytes

User: Karel

User: Karel.POCITAC
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: PC.POCITAC
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.12.0 log created on 09132010_205245

Files\Folders moved on Reboot...
C:\Documents and Settings\Jana\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\80UTQUJ1\readMessageScreen[1].htm moved successfully.
C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\6588R2DU\afr[1].htm moved successfully.
C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\6588R2DU\emptyScreen[2].htm moved successfully.
C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\0SPWS3QP\framesetScreen[1].htm moved successfully.
C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.

Registry entries deleted on Reboot...

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Jana\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log not found!
File\Folder C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\80UTQUJ1\readMessageScreen[1].htm not found!
File\Folder C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\6588R2DU\afr[1].htm not found!
File\Folder C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\6588R2DU\emptyScreen[2].htm not found!
File\Folder C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\Content.IE5\0SPWS3QP\framesetScreen[1].htm not found!
File\Folder C:\Documents and Settings\Jana\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat not found!

Registry entries deleted on Reboot...

Takze chovani PC je ted jake

PC naskočil a běžel v pohodě, pustil jsem explorer. Nějaký ten Seznam se zobrazil, pak ještě viry.cz, pak vyskočilo "okno odpočítávání" a od té doby se žádná nová stránka nezobrazila

Zkuste Internet Explorer preinstalovat...

VIRY.CZ

Pomalý PC připojené do internetu

Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu

Re: Pomalý PC připojené do internetu