Výrazné zpomalení PC s WinXP.

Zpráva

Saman321 · #1 Příspěvek od **Saman321** » 12 kvě 2011 06:59

Přeji všem hezký den. Mám problém s kterým si neumím poradit. Výrazně se mi zpomalil systém na PC. Tato věc se mi stala na stejném počítači už jednou. Tento problém jsem zde řešil 2.března 2011 s upnutými logy, které ale byly čisté. Nakonec dle rady pomohla obnova systému. Teď se mi systém zpomalil znova, ale žádný bod obnovy nebyl nalezen. Takže jsem asi v pr..
PC jsem prohledal všemi možnými antiviry a trojan removery. Nic zásadního nenalezeno.

Napadá vás, pěkně prosím, nějaké možné řešení? Předem děkuji.

chodnik74 · #2 Příspěvek od **chodnik74** » 12 kvě 2011 07:30

Dobrý den

vložte sem Rádcům log z RSIT

Saman321 · #3 Příspěvek od **Saman321** » 12 kvě 2011 07:55

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tom at 2011-05-12 08:47:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 359 GB (75%) free of 477 GB
Total RAM: 1791 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:48:07, on 12.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Documents and Settings\All Users\Dokumenty\Astra 92\Verox\Verox.exe
C:\Tom\RSIT.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SBA4F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O9 - Extra button: Statistika součásti Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.adi-olympo.cz/iiwww/cz/produ ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll, C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8255 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-30 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-01-29 16859648]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2009-10-28 315736]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-10-11 1085440]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"EPSON SX125 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [2009-09-14 200704]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"Display Stix - System tray"=C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe [2004-04-24 245760]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll, C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-02-20 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-28 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveTypeAutoRun_KL_notset"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"="C:\Program Files\Canon\DIAS\CnxDIAS.exe:*:Enabled:Canon Driver Information Assist Service"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Epoch Wars\Epoch Wars.exe"="C:\Program Files\Epoch Wars\Epoch Wars.exe:*:Disabled:Epoch Wars"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-05-12 08:47:49 ----D---- C:\rsit
2011-05-11 13:27:27 ----D---- C:\Program Files\GridinSoft Trojan Killer
2011-05-10 11:58:46 ----D---- C:\CD zadavatele
2011-05-06 11:15:53 ----D---- C:\spoolerlogs
2011-05-06 11:00:24 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2011-05-06 10:59:41 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2011-05-06 10:12:10 ----D---- C:\Documents and Settings\Tom\Data aplikací\IObit
2011-05-06 10:12:08 ----D---- C:\Program Files\IObit
2011-05-06 08:56:28 ----A---- C:\WINDOWS\IE4 Error Log.txt
2011-05-06 08:12:15 ----D---- C:\WINDOWS\system32\NtmsData
2011-05-06 08:01:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-05-05 08:33:04 ----A---- C:\Documents and Settings\Tom\Data aplikací\FixVTS.ini
2011-05-04 08:04:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2011-05-04 08:03:57 ----D---- C:\Documents and Settings\Tom\Data aplikací\AVS4YOU
2011-05-04 08:02:21 ----D---- C:\Program Files\Common Files\AVSMedia
2011-05-04 08:02:17 ----D---- C:\Program Files\AVS4YOU
2011-05-04 08:02:17 ----A---- C:\WINDOWS\system32\msxml3a.dll
2011-05-04 08:02:17 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2011-05-03 06:59:36 ----SHD---- C:\Config.Msi
2011-05-02 08:25:42 ----D---- C:\Program Files\Pegasys Inc
2011-04-29 11:00:44 ----D---- C:\Program Files\MP3Parse
2011-04-28 13:01:10 ----D---- C:\Documents and Settings\Tom\Data aplikací\WindSolutions
2011-04-28 13:01:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\WindSolutions
2011-04-27 08:22:29 ----D---- C:\Program Files\iPod
2011-04-27 08:19:08 ----D---- C:\Program Files\Bonjour
2011-04-22 10:00:36 ----A---- C:\Opera_1110_int_Setup.exe
2011-04-20 13:42:05 ----D---- C:\Program Files\DVDlabPro2
2011-04-20 08:10:32 ----DC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-20 08:10:16 ----DC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-20 08:10:02 ----DC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-20 08:09:51 ----DC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-20 08:07:05 ----DC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-20 08:06:48 ----DC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-20 08:01:31 ----DC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-20 08:01:12 ----DC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-04-20 08:00:57 ----DC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-20 08:00:42 ----DC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-20 08:00:26 ----DC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-20 07:58:38 ----DC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-14 12:59:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Corel
2011-04-14 12:19:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Protexis
2011-04-14 12:18:58 ----D---- C:\Documents and Settings\Tom\Data aplikací\Corel

======List of files/folders modified in the last 1 months======

2011-05-12 08:47:57 ----D---- C:\WINDOWS\Prefetch
2011-05-12 08:47:56 ----D---- C:\Program Files\trend micro
2011-05-12 08:47:51 ----D---- C:\WINDOWS\Temp
2011-05-12 08:46:47 ----D---- C:\Tom
2011-05-12 08:02:50 ----D---- C:\ZAKÁZKY
2011-05-12 07:29:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2011-05-12 07:22:17 ----D---- C:\WINDOWS\system32\config
2011-05-12 07:20:02 ----D---- C:\WINDOWS\system32\wbem
2011-05-12 07:19:55 ----D---- C:\WINDOWS\Registration
2011-05-12 07:18:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-12 07:11:24 ----D---- C:\WINDOWS
2011-05-12 07:11:15 ----SHD---- C:\System Volume Information
2011-05-12 07:11:15 ----D---- C:\WINDOWS\system32\Restore
2011-05-12 07:07:41 ----D---- C:\WINDOWS\security
2011-05-12 07:03:19 ----A---- C:\WINDOWS\ntbtlog.txt
2011-05-12 06:59:46 ----D---- C:\WINDOWS\system32
2011-05-12 06:59:41 ----D---- C:\WINDOWS\system32\drivers
2011-05-12 06:58:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-11 14:01:31 ----D---- C:\W
2011-05-11 13:40:05 ----D---- C:\WINDOWS\system32\CatRoot
2011-05-11 13:27:27 ----RD---- C:\Program Files
2011-05-11 12:39:48 ----D---- C:\Documents and Settings\Tom\Data aplikací\ICQ
2011-05-10 12:06:44 ----D---- C:\Documents and Settings\Tom\Data aplikací\uTorrent
2011-05-10 11:30:57 ----D---- C:\CENÍKY
2011-05-09 07:39:04 ----D---- C:\Documents and Settings\Tom\Data aplikací\vlc
2011-05-09 07:39:04 ----D---- C:\Documents and Settings\Tom\Data aplikací\dvdcss
2011-05-09 06:54:28 ----SD---- C:\WINDOWS\Tasks
2011-05-06 11:00:37 ----HD---- C:\WINDOWS\inf
2011-05-06 10:59:58 ----A---- C:\WINDOWS\imsins.BAK
2011-05-06 10:59:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-06 10:35:21 ----D---- C:\Temp
2011-05-06 10:35:21 ----D---- C:\Fraps
2011-05-06 10:35:21 ----D---- C:\ConvertTemp
2011-05-06 08:12:14 ----D---- C:\WINDOWS\repair
2011-05-04 08:02:44 ----RSD---- C:\WINDOWS\Fonts
2011-05-04 08:02:21 ----D---- C:\Program Files\Common Files
2011-05-03 07:00:52 ----SHD---- C:\WINDOWS\Installer
2011-05-03 06:55:30 ----RSD---- C:\WINDOWS\assembly
2011-05-03 06:54:13 ----D---- C:\WINDOWS\WinSxS
2011-04-28 14:45:14 ----D---- C:\Documents and Settings\Tom\Data aplikací\DAEMON Tools Lite
2011-04-27 11:32:43 ----D---- C:\Documents and Settings\Tom\Data aplikací\Apple Computer
2011-04-27 08:23:02 ----D---- C:\Program Files\iTunes
2011-04-27 08:22:28 ----D---- C:\Program Files\Common Files\Apple
2011-04-22 10:01:27 ----D---- C:\Program Files\Opera
2011-04-20 13:31:49 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-20 08:12:21 ----D---- C:\Program Files\uTorrent
2011-04-20 08:10:30 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-14 13:03:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-14 11:26:09 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-21 691696]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-06-11 223760]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-02-20 2863616]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-01-30 4725760]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-15 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-12-05 104064]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S2 DeviceScanner;UMAX Astra 4400 Scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 adgqoikl;adgqoikl; C:\WINDOWS\system32\drivers\adgqoikl.sys []
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-11-12 47360]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-02-20 520192]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2009-10-28 315736]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2007-03-27 1738288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-03 153376]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 12 kvě 2011 08:08

Zdravim a pekny den preji

Dekuji kolegovi za uvodni post, ted jej s dovolenim prevezmu

Nehuci Vam PC nejak moc = neprehriva se

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Saman321 · #5 Příspěvek od **Saman321** » 12 kvě 2011 09:54

Dobrý den. Počítač se nepřehřívá ani nijak více nehučí. Nemyslím si, že je to hardwarová záležitost. Posledně pomohla obnova systému, dnes se závada projevuje naprosto stejně jako minule.

log z TDSSKiller
2011/05/12 09:43:03.0750 2916 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/12 09:43:04.0062 2916 ================================================================================
2011/05/12 09:43:04.0062 2916 SystemInfo:
2011/05/12 09:43:04.0062 2916
2011/05/12 09:43:04.0062 2916 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/12 09:43:04.0062 2916 Product type: Workstation
2011/05/12 09:43:04.0062 2916 ComputerName: ELEKTRO-917313D
2011/05/12 09:43:04.0062 2916 UserName: Tom
2011/05/12 09:43:04.0062 2916 Windows directory: C:\WINDOWS
2011/05/12 09:43:04.0062 2916 System windows directory: C:\WINDOWS
2011/05/12 09:43:04.0062 2916 Processor architecture: Intel x86
2011/05/12 09:43:04.0062 2916 Number of processors: 2
2011/05/12 09:43:04.0062 2916 Page size: 0x1000
2011/05/12 09:43:04.0062 2916 Boot type: Normal boot
2011/05/12 09:43:04.0062 2916 ================================================================================
2011/05/12 09:43:05.0031 2916 Initialize success
2011/05/12 09:43:24.0718 2520 ================================================================================
2011/05/12 09:43:24.0718 2520 Scan started
2011/05/12 09:43:24.0718 2520 Mode: Manual;
2011/05/12 09:43:24.0718 2520 ================================================================================
2011/05/12 09:43:26.0765 2520 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/12 09:43:27.0265 2520 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/05/12 09:43:28.0171 2520 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/12 09:43:28.0718 2520 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/05/12 09:43:30.0750 2520 AmdK8 (fcffa85cfd4bf7a4711012847048dca3) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/05/12 09:43:32.0921 2520 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/12 09:43:33.0625 2520 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/12 09:43:36.0203 2520 ati2mtag (141befa4455ef989576c9bd8fb264389) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/05/12 09:43:38.0406 2520 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/12 09:43:38.0843 2520 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/12 09:43:39.0515 2520 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/12 09:43:40.0015 2520 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/12 09:43:40.0812 2520 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/12 09:43:41.0281 2520 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/12 09:43:41.0750 2520 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/12 09:43:44.0171 2520 DeviceScanner (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/12 09:43:44.0593 2520 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/12 09:43:45.0484 2520 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/12 09:43:46.0406 2520 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/12 09:43:46.0843 2520 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/12 09:43:47.0296 2520 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/12 09:43:48.0359 2520 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/12 09:43:48.0859 2520 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/12 09:43:49.0359 2520 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/05/12 09:43:49.0796 2520 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/12 09:43:50.0343 2520 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/05/12 09:43:50.0828 2520 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/05/12 09:43:51.0265 2520 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/12 09:43:51.0734 2520 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/12 09:43:52.0203 2520 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/05/12 09:43:53.0171 2520 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/12 09:43:53.0781 2520 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/12 09:43:54.0281 2520 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/05/12 09:43:55.0218 2520 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/12 09:43:56.0578 2520 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/05/12 09:43:57.0015 2520 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/12 09:44:00.0843 2520 IntcAzAudAddService (f7f3328544e1ac2e97caea9b39d9b9de) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/05/12 09:44:04.0531 2520 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/05/12 09:44:04.0953 2520 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/12 09:44:05.0375 2520 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/12 09:44:05.0859 2520 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/12 09:44:06.0375 2520 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/12 09:44:06.0781 2520 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/12 09:44:07.0234 2520 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/12 09:44:07.0656 2520 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/12 09:44:08.0140 2520 kl1 (ce3958f58547454884e97bda78cd7040) C:\WINDOWS\system32\drivers\kl1.sys
2011/05/12 09:44:08.0625 2520 KLFLTDEV (adda474c9b18fd829a6c8351485c4842) C:\WINDOWS\system32\DRIVERS\klfltdev.sys
2011/05/12 09:44:09.0187 2520 KLIF (7391ea3fc728c3a7d2c99822d20fe11d) C:\WINDOWS\system32\DRIVERS\klif.sys
2011/05/12 09:44:09.0703 2520 klim5 (fbdc2034b58d2135d25fe99eb8b747c3) C:\WINDOWS\system32\DRIVERS\klim5.sys
2011/05/12 09:44:10.0218 2520 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/12 09:44:10.0765 2520 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/12 09:44:11.0640 2520 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/12 09:44:12.0078 2520 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/12 09:44:12.0500 2520 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/12 09:44:13.0015 2520 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/05/12 09:44:13.0656 2520 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/12 09:44:14.0593 2520 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/12 09:44:15.0375 2520 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/12 09:44:16.0046 2520 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/12 09:44:16.0468 2520 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/12 09:44:17.0140 2520 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/12 09:44:17.0546 2520 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/12 09:44:18.0203 2520 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/12 09:44:18.0609 2520 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/05/12 09:44:19.0359 2520 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/12 09:44:20.0187 2520 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/12 09:44:20.0703 2520 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/12 09:44:21.0359 2520 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/12 09:44:21.0812 2520 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/12 09:44:22.0500 2520 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/12 09:44:23.0203 2520 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/12 09:44:23.0703 2520 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/12 09:44:26.0546 2520 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/12 09:44:27.0562 2520 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/12 09:44:28.0562 2520 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/12 09:44:29.0265 2520 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/12 09:44:29.0671 2520 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/12 09:44:30.0125 2520 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/12 09:44:30.0531 2520 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/12 09:44:30.0953 2520 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/12 09:44:31.0390 2520 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/12 09:44:32.0203 2520 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/12 09:44:32.0671 2520 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/05/12 09:44:33.0187 2520 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/05/12 09:44:35.0984 2520 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/12 09:44:36.0406 2520 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/05/12 09:44:36.0843 2520 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/12 09:44:37.0265 2520 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/12 09:44:39.0640 2520 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/12 09:44:40.0078 2520 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/12 09:44:40.0515 2520 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/12 09:44:40.0906 2520 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/12 09:44:41.0421 2520 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/12 09:44:41.0890 2520 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/12 09:44:42.0406 2520 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/05/12 09:44:43.0093 2520 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/12 09:44:43.0750 2520 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/12 09:44:44.0296 2520 RTLE8023xp (7aa960ae3855aac44781d7dd04038aa1) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/05/12 09:44:44.0750 2520 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/12 09:44:45.0156 2520 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/12 09:44:45.0609 2520 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/05/12 09:44:46.0031 2520 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/05/12 09:44:47.0328 2520 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/12 09:44:48.0437 2520 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/05/12 09:44:48.0437 2520 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/05/12 09:44:48.0437 2520 sptd - detected LockedFile.Multi.Generic (1)
2011/05/12 09:44:48.0953 2520 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/12 09:44:49.0625 2520 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/12 09:44:50.0375 2520 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/05/12 09:44:50.0796 2520 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/12 09:44:51.0234 2520 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/12 09:44:53.0218 2520 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/12 09:44:53.0859 2520 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/12 09:44:54.0562 2520 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/12 09:44:55.0031 2520 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/12 09:44:55.0468 2520 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/12 09:44:56.0390 2520 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/12 09:44:56.0921 2520 UnlockerDriver5 (f365fa561c3ab455d8685770d208691a) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/05/12 09:44:57.0593 2520 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/12 09:44:58.0640 2520 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/05/12 09:44:59.0062 2520 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/12 09:44:59.0546 2520 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/12 09:45:00.0000 2520 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/12 09:45:00.0421 2520 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/05/12 09:45:00.0859 2520 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/12 09:45:01.0296 2520 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/12 09:45:01.0718 2520 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/05/12 09:45:02.0593 2520 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/12 09:45:03.0015 2520 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/12 09:45:03.0859 2520 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/12 09:45:04.0375 2520 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/12 09:45:05.0093 2520 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/05/12 09:45:06.0250 2520 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/12 09:45:06.0796 2520 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/05/12 09:45:07.0265 2520 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/05/12 09:45:07.0718 2520 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/05/12 09:45:08.0125 2520 ================================================================================
2011/05/12 09:45:08.0125 2520 Scan finished
2011/05/12 09:45:08.0125 2520 ================================================================================
2011/05/12 09:45:08.0140 0204 Detected object count: 1
2011/05/12 09:45:29.0500 0204 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/12 09:45:37.0531 0728 Deinitialize success

Saman321 · #6 Příspěvek od **Saman321** » 12 kvě 2011 09:54

logy z OTL

OTL logfile created on: 12.5.2011 9:49:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Tom
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 350,90 Gb Free Space | 75,34% Space Free | Partition Type: NTFS
Drive E: | 610,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ELEKTRO-917313D | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.05.12 09:46:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Tom\OTL.exe
PRC - [2011.04.22 10:01:21 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.01.05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.2\ICQ.exe
PRC - [2010.07.28 13:17:42 | 010,263,040 | ---- | M] (Foxit Corporation) -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.12.03 11:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009.10.28 22:30:22 | 000,315,736 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
PRC - [2009.10.26 09:33:41 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009.01.14 12:30:20 | 000,724,992 | ---- | M] (ASTRA 92 a.s.) -- C:\Documents and Settings\All Users\Dokumenty\Astra 92\Verox\Verox.exe
PRC - [2008.04.14 07:52:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 18:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007.03.27 13:55:24 | 001,738,288 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\DIAS\CnxDIAS.exe
PRC - [2004.04.24 20:16:47 | 000,245,760 | ---- | M] (Fractalis Software) -- C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe

========== Modules (SafeList) ==========

MOD - [2011.05.12 09:46:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Tom\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009.10.26 09:33:32 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009.10.28 22:30:22 | 000,315,736 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe -- (AVP)
SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2007.03.27 13:55:24 | 001,738,288 | ---- | M] (CANON INC.) [Auto | Running] -- C:\Program Files\Canon\DIAS\CnxDIAS.exe -- (Canon Driver Information Assist Service)

========== Driver Services (SafeList) ==========

DRV - [2010.06.21 11:37:30 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.11 08:42:14 | 000,223,760 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009.09.14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009.09.03 15:24:40 | 000,024,848 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV)
DRV - [2009.09.01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008.02.20 07:52:00 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.30 05:28:36 | 004,725,760 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.12.05 15:45:30 | 000,104,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.15 02:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google

IE - HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
IE - HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-515967899-287218729-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-287218729-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2011.03.01 11:21:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-287218729-682003330-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-515967899-287218729-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-515967899-287218729-682003330-1003..\Run: [Display Stix - System tray] C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe (Fractalis Software)
O4 - HKU\S-1-5-21-515967899-287218729-682003330-1003..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-515967899-287218729-682003330-1003..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun_KL_notset = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm ()
O9 - Extra Button: Statistika součásti Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://www.adi-olympo.cz/iiwww/cz/produ ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.33.2 192.168.33.1 212.71.128.8 212.71.133.6
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\adialhk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.11 07:40:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001.10.25 12:00:00 | 000,000,112 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65315805348233216)

========== Files/Folders - Created Within 7 Days ==========

[2011.05.12 08:47:49 | 000,000,000 | ---D | C] -- C:\rsit
[2011.05.11 13:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GridinSoft
[2011.05.11 13:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011.05.10 11:58:46 | 000,000,000 | ---D | C] -- C:\CD zadavatele
[2011.05.06 11:15:53 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2011.05.06 10:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Data aplikací\IObit
[2011.05.06 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011.05.06 09:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Opera
[2011.05.06 09:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Opera
[2011.05.06 08:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2011.05.06 08:12:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.05.06 08:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.05.12 09:48:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003UA.job
[2011.05.12 09:47:13 | 000,000,461 | ---- | M] () -- C:\Documents and Settings\Tom\Plocha\Zástupce - OTL.exe.lnk
[2011.05.12 07:48:02 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003Core.job
[2011.05.12 07:25:07 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011.05.12 07:24:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.05.11 13:27:39 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk
[2011.05.11 13:26:20 | 018,160,713 | ---- | M] () -- C:\Trojan_Killer_2.0.9.4_0.rar
[2011.05.11 12:34:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.05.10 06:49:58 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\Tom\Plocha\Google Chrome.lnk
[2011.05.09 13:30:44 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Tom\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.09 06:48:15 | 000,364,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.05.06 10:59:58 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.12 09:47:13 | 000,000,461 | ---- | C] () -- C:\Documents and Settings\Tom\Plocha\Zástupce - OTL.exe.lnk
[2011.05.11 13:27:39 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk
[2011.05.11 13:25:23 | 018,160,713 | ---- | C] () -- C:\Trojan_Killer_2.0.9.4_0.rar
[2011.05.06 10:13:12 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011.05.06 08:00:37 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Tom\Data aplikací\chrtmp
[2011.05.05 08:33:04 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Tom\Data aplikací\FixVTS.ini
[2011.01.24 11:30:55 | 000,000,066 | ---- | C] () -- C:\WINDOWS\System32\ProtectionLog.dat
[2011.01.07 09:25:29 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.01.03 10:46:37 | 000,000,922 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2011.01.03 10:46:35 | 000,001,830 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010.12.17 15:51:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010.11.30 14:03:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.23 15:44:40 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.11.23 15:44:40 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.11.23 15:23:05 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf09a.dat
[2010.11.23 15:22:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010.11.15 15:54:56 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2010.08.02 14:35:00 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS53.DLL
[2010.07.26 14:31:43 | 000,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2010.07.22 09:19:17 | 000,000,150 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2010.07.22 08:59:53 | 000,027,648 | ---- | C] () -- C:\WINDOWS\vudcli32.dll
[2010.07.22 08:59:52 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2010.07.22 08:59:52 | 000,047,616 | R--- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2010.07.22 08:59:52 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2010.07.22 08:59:52 | 000,005,379 | ---- | C] () -- C:\WINDOWS\VsConfig.ini
[2010.07.22 08:59:52 | 000,001,148 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2010.07.22 08:59:51 | 000,393,216 | ---- | C] () -- C:\WINDOWS\RTS8891U.dll
[2010.07.22 08:59:51 | 000,036,864 | ---- | C] () -- C:\WINDOWS\urt4400.dll
[2010.07.22 08:59:51 | 000,001,413 | ---- | C] () -- C:\WINDOWS\umaxuapi.ini
[2010.07.22 08:59:51 | 000,000,065 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2010.07.22 08:59:51 | 000,000,026 | ---- | C] () -- C:\WINDOWS\ucmsp_32.ini
[2010.07.22 08:59:50 | 000,003,493 | ---- | C] () -- C:\WINDOWS\Button.ini
[2010.07.22 08:59:50 | 000,000,195 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2010.07.22 08:59:49 | 000,001,571 | ---- | C] () -- C:\WINDOWS\faxcpp1.ini
[2010.07.22 08:59:49 | 000,000,422 | ---- | C] () -- C:\WINDOWS\faxcpp.ini
[2010.07.19 13:49:03 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.07.14 08:54:21 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2010.07.02 15:05:48 | 001,071,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.06.28 08:51:05 | 001,085,616 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010.06.17 09:22:49 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.17 09:19:57 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.06.17 09:19:57 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.06.17 09:15:43 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.06.15 12:48:12 | 000,000,005 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2010.06.15 12:47:14 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2010.06.14 07:38:40 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.06.14 07:21:44 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2010.06.11 09:30:27 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.11 09:29:22 | 000,364,912 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.11 08:42:49 | 000,115,267 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.06.11 08:42:49 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.06.11 08:10:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.06.11 08:08:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.06.11 07:57:04 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.06.11 07:57:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2010.06.11 07:57:03 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.06.11 07:57:03 | 000,166,450 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.11 07:55:58 | 000,028,578 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010.06.11 07:55:50 | 000,028,165 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.06.11 07:55:50 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.06.11 07:55:41 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.06.11 07:42:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.11 07:37:46 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.09.09 18:01:40 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2008.04.14 08:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.08.22 00:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007.08.21 22:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.12.31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.07.27 13:58:48 | 000,015,776 | ---- | C] () -- C:\WINDOWS\prevod.exe
[2004.07.27 13:58:46 | 000,688,128 | ---- | C] () -- C:\WINDOWS\System32\BCGCB474.dll
[2004.07.27 13:58:46 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResSKY.dll
[2004.07.27 13:58:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResCSY.dll
[2004.06.27 03:00:00 | 000,078,988 | ---- | C] () -- C:\WINDOWS\unins001.exe
[2004.06.27 03:00:00 | 000,078,988 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.10.25 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 12:00:00 | 000,472,998 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 12:00:00 | 000,468,454 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 12:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 12:00:00 | 000,087,766 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 12:00:00 | 000,075,900 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 12:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.01.05 08:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2011.02.25 15:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\aliasworlds
[2010.11.02 16:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AuditPro
[2010.07.01 10:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2011.02.01 15:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Awem
[2010.06.21 11:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.01.07 10:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easy CD-DA Extractor
[2011.03.10 10:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2011.04.08 09:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fugazo
[2011.01.17 08:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Green Clover Games
[2010.07.02 14:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.06.14 14:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.01.07 08:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2011.03.21 14:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Princess Isabella
[2011.03.22 15:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.04.07 07:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Try2
[2010.12.15 12:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2011.04.28 13:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WindSolutions
[2010.07.27 08:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.03.11 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Acoustica
[2011.02.25 15:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\aliasworlds
[2010.07.01 10:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Autodesk
[2011.01.31 09:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\avidemux
[2011.04.28 14:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\DAEMON Tools Lite
[2010.10.15 10:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\DVDFab
[2011.03.10 10:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\EPSON
[2010.06.30 15:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Foxit Software
[2010.11.09 13:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\GHISLER
[2011.01.03 11:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\GraveyardShift
[2011.01.17 08:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Green Clover Games
[2011.05.11 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\ICQ
[2011.01.03 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\IGC
[2011.05.06 10:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\IObit
[2011.01.26 10:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\LEAPS
[2011.02.02 16:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\mkvtoolnix
[2010.06.11 08:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Opera
[2011.01.26 10:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Pegasys Inc
[2011.01.05 14:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\PgcEdit
[2011.01.07 13:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Publish Providers
[2011.01.04 08:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Settlement. Colossus
[2010.11.11 16:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\SharePod
[2011.01.07 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Sony
[2011.01.12 13:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Sony Creative Software
[2010.07.26 07:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Thinstall
[2011.04.07 07:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Try2
[2011.05.10 12:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\uTorrent
[2011.04.28 13:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\WindSolutions
[2011.05.06 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Opera
[2011.05.12 07:25:07 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"EPSON SX125 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SBA4F.tmp" /EF "HKCU" -- [2009.09.14 09:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION)
"ICQ" = "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2011.01.05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.)
"Display Stix - System tray" = C:\Program Files\Fractalis Software\Display Stix 2.5\dstix.exe -- [2004.04.24 20:16:47 | 000,245,760 | ---- | M] (Fractalis Software)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.11.23 15:14:24 | 043,531,856 | ---- | M] (A.I.SOFT,INC.) -- C:\6890-INST-A.EXE
[2011.04.11 13:07:04 | 037,033,368 | ---- | M] (Adobe Systems Incorporated) -- C:\AdbeRdr1000_cs_CZ.exe
[2010.09.15 14:25:33 | 242,743,296 | ---- | M] (Microsoft Corporation) -- C:\dotnetfx35.exe
[2011.01.03 08:23:11 | 046,854,560 | ---- | M] (InstallShield Software Corporation) -- C:\freedwgviewer.exe
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2011.04.22 10:00:50 | 009,861,288 | ---- | M] (Opera Software ASA) -- C:\Opera_1110_int_Setup.exe
[2010.07.13 09:40:56 | 236,576,863 | ---- | M] () -- C:\PDFT30_45.exe
[2010.06.18 14:34:01 | 000,220,454 | ---- | M] () -- C:\unlocker1.8.8.exe
[2010.07.13 09:54:25 | 001,520,004 | ---- | M] () -- C:\wrar393cz.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.06.28 08:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\AccurateRip
[2011.03.11 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Acoustica
[2011.04.11 13:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Adobe
[2011.02.25 15:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\aliasworlds
[2011.04.27 11:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Apple Computer
[2010.06.11 08:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\ATI
[2010.07.01 10:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Autodesk
[2011.01.31 09:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\avidemux
[2011.05.04 08:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\AVS4YOU
[2010.11.23 15:45:50 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Tom\Data aplikací\Brother
[2011.04.14 12:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Corel
[2011.04.28 14:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\DAEMON Tools Lite
[2011.05.09 07:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\dvdcss
[2010.10.15 10:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\DVDFab
[2011.03.10 10:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\EPSON
[2010.06.30 15:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Foxit Software
[2010.11.09 13:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\GHISLER
[2011.01.03 11:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\GraveyardShift
[2011.01.17 08:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Green Clover Games
[2011.05.11 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\ICQ
[2010.06.11 07:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Identities
[2011.01.03 09:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\IGC
[2010.06.11 08:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\InstallShield
[2011.05.06 10:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\IObit
[2011.01.26 10:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\LEAPS
[2010.06.11 10:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Macromedia
[2011.02.01 09:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Malwarebytes
[2011.04.11 13:08:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tom\Data aplikací\Microsoft
[2011.02.02 16:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\mkvtoolnix
[2011.03.30 13:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Mozilla
[2010.11.03 12:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Nero
[2010.06.11 08:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Opera
[2011.01.26 10:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Pegasys Inc
[2011.01.05 14:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\PgcEdit
[2011.01.07 13:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Publish Providers
[2011.03.30 13:14:41 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Tom\Data aplikací\SecuROM
[2011.01.04 08:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Settlement. Colossus
[2010.11.11 16:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\SharePod
[2011.01.07 13:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Sony
[2011.01.12 13:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Sony Creative Software
[2010.09.03 07:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Sun
[2010.07.26 07:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Thinstall
[2011.04.07 07:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\Try2
[2011.05.10 12:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\uTorrent
[2011.05.09 07:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\vlc
[2011.04.28 13:05:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\WindSolutions
[2010.07.13 09:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2011.04.28 13:02:55 | 006,208,712 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Tom\Data aplikací\WindSolutions\CopyTransControlCenter\Applications\CopyTrans.exe
[2011.04.28 13:01:15 | 003,455,768 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Tom\Data aplikací\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2011.04.28 13:05:38 | 007,592,936 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Tom\Data aplikací\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe

< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 07:51:42 | 000,380,445 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\expsrv.dll
[2010.09.18 08:53:37 | 000,974,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mfc42.dll
[2001.10.25 12:00:00 | 001,355,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm50.dll
[2008.04.14 07:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.21 11:37:30 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.06.11 09:28:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.06.11 09:28:27 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.06.11 09:28:27 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 07:51:42 | 000,380,445 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\expsrv.dll
[2010.09.18 08:53:37 | 000,974,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mfc42.dll
[2001.10.25 12:00:00 | 001,355,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm50.dll
[2008.04.14 07:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.05.11 12:34:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2011.01.04 08:04:56 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\Data aplikac?) -- C:\Documents and Settings\All Users\Data aplikac�
(C:\Documents and Settings\All Users\Data aplikac?) -- C:\Documents and Settings\All Users\Data aplikac�

========== Alternate Data Streams ==========

@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DB7FB6BE
@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DE406C3E
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4769CB2A
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:026CBA8C
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D

< End of report >

OTL Extras logfile created on: 12.5.2011 9:49:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Tom
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 350,90 Gb Free Space | 75,34% Space Free | Partition Type: NTFS
Drive E: | 610,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ELEKTRO-917313D | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Canon\DIAS\CnxDIAS.exe" = C:\Program Files\Canon\DIAS\CnxDIAS.exe:*:Enabled:Canon Driver Information Assist Service -- (CANON INC.)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Epoch Wars\Epoch Wars.exe" = C:\Program Files\Epoch Wars\Epoch Wars.exe:*:Disabled:Epoch Wars
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FDED37-21C7-A377-1678-27E0243A8B14}" = Catalyst Control Center Localization Norwegian
"{020C320F-C892-8BA3-9A6A-0B34F86D972A}" = Catalyst Control Center Localization Greek
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05BD7474-311B-AAFC-05AD-035CFB2E1712}" = CCC Help Czech
"{086317A9-61BE-B86A-2DBB-E9C7CF418396}" = CCC Help Chinese Traditional
"{0AB5D577-A9AC-44FA-8D1B-02190B789494}" = Catalyst Control Center Localization Turkish
"{0B0AC9FC-5EC6-E100-820D-A688846235DC}" = ccc-core-preinstall
"{1B2D3F17-0736-92F0-30AD-786929FE2E35}" = Catalyst Control Center Localization Dutch
"{1C0C7037-3103-4190-87F3-A7F276807751}" = Catalyst Control Center Localization Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8920E8-FBB5-6D68-9334-F72843C96E9A}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{285FA0DA-A5A3-3ADE-AFE0-509AB442E706}" = Catalyst Control Center Localization Danish
"{2945A595-F9F5-7F48-BF40-9F25E08C1EF9}" = Catalyst Control Center Localization Korean
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2DEAF1DC-D686-5132-DF84-2E9711D17C69}" = CCC Help Chinese Standard
"{2E92EC64-9B2B-87C0-F93E-792FC8458B86}" = Catalyst Control Center Localization Italian
"{335E56F3-9073-B629-6EAA-B4A598C7D529}" = Catalyst Control Center Localization Czech
"{33BA9D83-1755-12B2-2250-F7EE4CAD31C8}" = CCC Help Portuguese
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{376E76B2-2DFE-1B9C-A127-3123B3EEB120}" = Catalyst Control Center Localization Chinese Standard
"{3972B92B-3A3A-B5F8-6945-58F17977D506}" = Catalyst Control Center Graphics Full Existing
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C629AAF-F321-216D-6506-7CD2FD3BB1CE}" = CCC Help Russian
"{424C80E0-14A3-E0A6-A802-365EF33230AD}" = Skins
"{444211EE-AD21-DED8-D47A-F9D4545CF126}" = Catalyst Control Center Localization Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E464B20-65A0-11D5-80F8-0050BA493FB5}" = VistaScan
"{524DE171-3CB6-7BB6-4ACC-6E6CEEDF630F}" = Catalyst Control Center Localization Portuguese
"{537D99B4-8587-857E-535B-0E2F79A57F11}" = CCC Help Swedish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D6-7028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2009
"{59F2F140-848A-8125-35EC-E5D2ACAF761D}" = CCC Help German
"{68C68774-8903-4A0B-BDBF-4AE6CF6E2567}" = CCC Help Polish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB23D88-04C3-6E2B-BC8A-3E35A84CC3FE}" = Catalyst Control Center Localization German
"{6B841CB5-E66A-7AF7-9077-B7821E98213C}" = Catalyst Control Center Localization Swedish
"{6FEA9687-48C1-542A-1800-9214DBD8A8CA}" = CCC Help Finnish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{766C3108-2A8F-D1C3-5058-F88EF9E2371C}" = CCC Help English
"{7A04F76C-A87A-58E1-B886-919190F5A3E4}" = CCC Help Danish
"{7C0F8E54-64BD-18D3-ABFD-08FAFB9C14F5}" = ccc-utility
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{8ED6F771-FB0F-4B34-8DAD-757A20F6A27D}" = TMPGEnc 4.0 XPress
"{8F023021-A7EB-45D3-9269-D65264C81729}" = Kaspersky Anti-Virus 6.0 pro pracovní stanice Windows
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{91130405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{94E0F029-7F05-B4EC-D0BA-C2ACBE0160C9}" = CCC Help Greek
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9985E336-2933-596C-42D4-1407BC931084}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A140FABF-A17D-3BB3-7C79-EC95F3F87C8C}" = Catalyst Control Center Localization French
"{A2112CEE-DACC-BCD4-7804-0849EDB37231}" = CCC Help Japanese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85C7B97-CC73-4853-B05C-DA25CDC03F54}" = Brother MFL-Pro Suite MFC-6890CDW
"{AA2FCFAC-4AFB-1BB6-0EAD-48C1AA45BD57}" = Catalyst Control Center Graphics Full New
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{ABD38213-5C20-A164-BEBE-733915B19623}" = CCC Help Thai
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{AC840D75-4C27-92EF-CE7E-14B2E4D340C9}" = CCC Help Dutch
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF9E9D48-65B7-0581-AF97-98978FAE4A96}" = Catalyst Control Center Localization Japanese
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 7.0
"{BE26112F-1BC6-FF40-086C-1F2CAB216A27}" = Catalyst Control Center Core Implementation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6787EF8-30DA-3124-731E-E55C2125FEE3}" = CCC Help French
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CDE77684-5DF0-DAAA-35F7-82E268007FE7}" = Catalyst Control Center Graphics Light
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D131439B-BA24-9744-F538-C4D4727E9A10}" = Catalyst Control Center Localization Thai
"{D15D18CA-ED5E-DAD5-00A3-E8A841933A93}" = Catalyst Control Center Localization Polish
"{D7208B9D-F7E2-BC6A-963D-403861E38792}" = ccc-core-static
"{DD96F057-0214-7B6D-7700-EACA3AFF4DB5}" = Catalyst Control Center Localization Hungarian
"{ED81C955-CF72-0FE5-F8C4-0C1048B14104}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1800F1F-40D6-E752-DBF8-E7A3547C1D17}" = Catalyst Control Center Localization Finnish
"{F2294946-0D6D-E3D0-F663-EC57117651FB}" = CCC Help Norwegian
"{F2E9967F-7496-1E5E-4C23-4F81A25C3583}" = Catalyst Control Center Localization Chinese Traditional
"{F713FFD7-ED87-E6F4-98C2-646A265910C6}" = CCC Help Hungarian
"{F80F4E58-48F8-4814-4817-BC98377F7B03}" = CCC Help Italian
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ASTRA 92 - CommonLibs_is1" = ASTRA 92 - CommonLibs 1.2.0.6
"ASTRA 92 - Data_is1" = ASTRA 92 - Data 2009.1
"ASTRA 92 - DataObjects_is1" = ASTRA 92 - DataObjects 1.2.3.0.3-4.0sp8
"ASTRA 92 - Verox_is1" = ASTRA 92 - Verox 1.8.8.2
"ATI Display Driver" = ATI Display Driver
"Display Stix2.5" = Display Stix 2.5
"DVD Shrink_is1" = DVD Shrink 3.2
"DWG TrueView 2009" = DWG TrueView 2009
"Easy CD-DA Extractor 2010" = Easy CD-DA Extractor 2010
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall
"EPSON SX125 Series Manual" = EPSON SX125 Series Manuál
"ffdshow_is1" = ffdshow v1.1.3631 [2010-11-15]
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"InstallWIX_{8F023021-A7EB-45D3-9269-D65264C81729}" = Kaspersky Anti-Virus 6.0 pro pracovní stanice Windows
"Matroska Pack" = Matroska Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MKVtoolnix" = MKVtoolnix 4.5.0
"mp3parse" = MP3 Parser DirectShow Filter (remove only)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Opera 11.10.2092" = Opera 11.10
"Revo Uninstaller" = Revo Uninstaller 1.91
"Unlocker" = Unlocker 1.8.8
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18.1.2011 4:51:30 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace acrord32.exe, verze 5.0.5.0, chybující modul acrord32.exe,
verze 5.0.5.0, adresa chyby 0x0001baec.

Error - 20.1.2011 3:31:02 | Computer Name = ELEKTRO-917313D | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application excel.exe, version 10.0.2701.12, faulting module
excel.exe, version 10.0.2701.12, fault address 0x0014ddf1.

Error - 20.1.2011 3:31:22 | Computer Name = ELEKTRO-917313D | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application excel.exe, version 10.0.2701.12, faulting module
mso.dll, version 10.0.2625.0, fault address 0x004212e1.

Error - 26.1.2011 4:17:08 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace mouseelf.exe, verze 2.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00007373.

Error - 26.1.2011 5:47:32 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace mouseelf.exe, verze 2.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00007373.

Error - 26.1.2011 7:20:35 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace mouseelf.exe, verze 2.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00007373.

Error - 31.1.2011 8:42:43 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace easyrecovery.exe, verze 1.0.32.59, chybující modul
engine.dll, verze 1.0.18.51, adresa chyby 0x00012932.

Error - 31.1.2011 8:43:03 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace easyrecovery.exe, verze 1.0.32.59, chybující modul
engine.dll, verze 1.0.18.51, adresa chyby 0x00012932.

Error - 1.2.2011 9:09:14 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace mouseelf.exe, verze 2.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00007373.

Error - 8.2.2011 5:40:55 | Computer Name = ELEKTRO-917313D | Source = Application Error | ID = 1000
Description = Chybující aplikace verox.exe, verze 1.8.8.2, chybující modul verox.exe,
verze 1.8.8.2, adresa chyby 0x00010d9f.

[ System Events ]
Error - 12.5.2011 1:02:26 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 12.5.2011 1:02:38 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 12.5.2011 1:02:38 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 12.5.2011 1:06:01 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 12.5.2011 1:07:23 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 12.5.2011 1:07:34 | Computer Name = ELEKTRO-917313D | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12.5.2011 1:11:23 | Computer Name = ELEKTRO-917313D | Source = Service Control Manager | ID = 7000
Description = Služba UMAX Astra 4400 Scanner neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 12.5.2011 1:13:10 | Computer Name = ELEKTRO-917313D | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba modelu COM pro zápis na disk CD (IMAPI).

Error - 12.5.2011 1:13:10 | Computer Name = ELEKTRO-917313D | Source = Service Control Manager | ID = 7000
Description = Služba Služba modelu COM pro zápis na disk CD (IMAPI) neuspěla při
spuštění v důsledku následující chyby: %%1053

Error - 12.5.2011 1:27:14 | Computer Name = ELEKTRO-917313D | Source = Service Control Manager | ID = 7000
Description = Služba UMAX Astra 4400 Scanner neuspěla při spuštění v důsledku následující
chyby: %%1058

< End of report >

#7 Příspěvek od **vyosek** » 12 kvě 2011 10:11

Nedavejte prosim logy do code, spatne se to lusti a boli z toho oci - ja jsem Vam to s dovolenim editnul

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
IE - HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-287218729-682003330-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2011.05.11 13:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011.05.06 10:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Data aplikací\IObit
[2011.05.06 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011.05.06 08:01:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.05.11 13:26:20 | 018,160,713 | ---- | M] () -- C:\Trojan_Killer_2.0.9.4_0.rar
[2011.05.11 13:27:39 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk
[2011.05.11 13:27:39 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk
[2011.05.06 10:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Data aplikací\IObit
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DB7FB6BE
@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DE406C3E
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4769CB2A
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:026CBA8C
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"iTunesHelper"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"ICQ"=-
"MSMSGS"=-
 
:files
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Saman321 · #8 Příspěvek od **Saman321** » 12 kvě 2011 10:31

Omlouvám se, já to odkoukal od Vás

log z OTL:

All processes killed
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-515967899-287218729-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-515967899-287218729-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\cnm497C.tmp deleted successfully.
C:\Program Files\GridinSoft Trojan Killer\updates folder moved successfully.
C:\Program Files\GridinSoft Trojan Killer\storage folder moved successfully.
C:\Program Files\GridinSoft Trojan Killer\logs folder moved successfully.
C:\Program Files\GridinSoft Trojan Killer folder moved successfully.
Folder C:\Documents and Settings\Tom\Data aplikací\IObit\ not found.
C:\Program Files\IObit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avira folder moved successfully.
C:\Trojan_Killer_2.0.9.4_0.rar moved successfully.
C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk moved successfully.
File C:\Documents and Settings\All Users\Plocha\Trojan Killer.lnk not found.
Folder C:\Documents and Settings\Tom\Data aplikací\IObit\ not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DB7FB6BE deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DE406C3E deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4769CB2A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:026CBA8C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-287218729-682003330-1003UA.job moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FBA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FCC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22ED.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23EB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2865.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A7E.tmp folder moved successfully.
C:\WINDOWS\Temp\cch4FAA.tmp moved successfully.
C:\WINDOWS\Temp\cch4FAB.tmp moved successfully.
C:\WINDOWS\Temp\cch57D.tmp moved successfully.
C:\WINDOWS\Temp\cch57E.tmp moved successfully.
C:\WINDOWS\Temp\cch7312.tmp moved successfully.
C:\WINDOWS\Temp\cch7313.tmp moved successfully.
C:\WINDOWS\Temp\cch7354.tmp moved successfully.
C:\WINDOWS\Temp\cch7355.tmp moved successfully.
C:\WINDOWS\Temp\cch735A.tmp moved successfully.
C:\WINDOWS\Temp\cch735B.tmp moved successfully.
C:\WINDOWS\Temp\cch7360.tmp moved successfully.
C:\WINDOWS\Temp\cch7361.tmp moved successfully.
C:\WINDOWS\Temp\cch7366.tmp moved successfully.
C:\WINDOWS\Temp\cch7367.tmp moved successfully.
C:\WINDOWS\Temp\cch736C.tmp moved successfully.
C:\WINDOWS\Temp\cch736D.tmp moved successfully.
C:\WINDOWS\Temp\cch7372.tmp moved successfully.
C:\WINDOWS\Temp\cch7373.tmp moved successfully.
C:\WINDOWS\Temp\cch7378.tmp moved successfully.
C:\WINDOWS\Temp\cch7379.tmp moved successfully.
C:\WINDOWS\Temp\cch737E.tmp moved successfully.
C:\WINDOWS\Temp\cch737F.tmp moved successfully.
C:\WINDOWS\Temp\cch7384.tmp moved successfully.
C:\WINDOWS\Temp\cch7385.tmp moved successfully.
C:\WINDOWS\Temp\cch738A.tmp moved successfully.
C:\WINDOWS\Temp\cch738B.tmp moved successfully.
C:\WINDOWS\Temp\cch7390.tmp moved successfully.
C:\WINDOWS\Temp\cch7391.tmp moved successfully.
C:\WINDOWS\Temp\cch7396.tmp moved successfully.
C:\WINDOWS\Temp\cch7397.tmp moved successfully.
C:\WINDOWS\Temp\cch739C.tmp moved successfully.
C:\WINDOWS\Temp\cch739D.tmp moved successfully.
C:\WINDOWS\Temp\cch73A2.tmp moved successfully.
C:\WINDOWS\Temp\cch73A3.tmp moved successfully.
C:\WINDOWS\Temp\cch73A8.tmp moved successfully.
C:\WINDOWS\Temp\cch73A9.tmp moved successfully.
C:\WINDOWS\Temp\cch73AE.tmp moved successfully.
C:\WINDOWS\Temp\cch73AF.tmp moved successfully.
C:\WINDOWS\Temp\cch73B4.tmp moved successfully.
C:\WINDOWS\Temp\cch73B5.tmp moved successfully.
C:\WINDOWS\Temp\cch73BA.tmp moved successfully.
C:\WINDOWS\Temp\cch73BB.tmp moved successfully.
C:\WINDOWS\Temp\cch73C0.tmp moved successfully.
C:\WINDOWS\Temp\cch73C1.tmp moved successfully.
C:\WINDOWS\Temp\cch73C6.tmp moved successfully.
C:\WINDOWS\Temp\cch73C7.tmp moved successfully.
C:\WINDOWS\Temp\cch73CC.tmp moved successfully.
C:\WINDOWS\Temp\cch73CD.tmp moved successfully.
C:\WINDOWS\Temp\cch73D2.tmp moved successfully.
C:\WINDOWS\Temp\cch73D3.tmp moved successfully.
C:\WINDOWS\Temp\cch7495.tmp moved successfully.
C:\WINDOWS\Temp\cch7496.tmp moved successfully.
C:\WINDOWS\Temp\cch749B.tmp moved successfully.
C:\WINDOWS\Temp\cch749C.tmp moved successfully.
C:\WINDOWS\Temp\cch74A1.tmp moved successfully.
C:\WINDOWS\Temp\cch74A2.tmp moved successfully.
C:\WINDOWS\Temp\cch74A7.tmp moved successfully.
C:\WINDOWS\Temp\cch74A8.tmp moved successfully.
C:\WINDOWS\Temp\cch74AD.tmp moved successfully.
C:\WINDOWS\Temp\cch74AE.tmp moved successfully.
C:\WINDOWS\Temp\cch74B3.tmp moved successfully.
C:\WINDOWS\Temp\cch74B4.tmp moved successfully.
C:\WINDOWS\Temp\cch74B9.tmp moved successfully.
C:\WINDOWS\Temp\cch74BA.tmp moved successfully.
C:\WINDOWS\Temp\cch74BF.tmp moved successfully.
C:\WINDOWS\Temp\cch74C0.tmp moved successfully.
C:\WINDOWS\Temp\cch74C5.tmp moved successfully.
C:\WINDOWS\Temp\cch74C6.tmp moved successfully.
C:\WINDOWS\Temp\cch74CB.tmp moved successfully.
C:\WINDOWS\Temp\cch74CC.tmp moved successfully.
C:\WINDOWS\Temp\cch74D1.tmp moved successfully.
C:\WINDOWS\Temp\cch74D2.tmp moved successfully.
C:\WINDOWS\Temp\cch74D7.tmp moved successfully.
C:\WINDOWS\Temp\cch74D8.tmp moved successfully.
C:\WINDOWS\Temp\cch74DD.tmp moved successfully.
C:\WINDOWS\Temp\cch74DE.tmp moved successfully.
C:\WINDOWS\Temp\cch7594.tmp moved successfully.
C:\WINDOWS\Temp\cch7595.tmp moved successfully.
C:\WINDOWS\Temp\cch759A.tmp moved successfully.
C:\WINDOWS\Temp\cch759B.tmp moved successfully.
C:\WINDOWS\Temp\cch75A0.tmp moved successfully.
C:\WINDOWS\Temp\cch75A1.tmp moved successfully.
C:\WINDOWS\Temp\cch75A6.tmp moved successfully.
C:\WINDOWS\Temp\cch75A7.tmp moved successfully.
C:\WINDOWS\Temp\cch76E4.tmp moved successfully.
C:\WINDOWS\Temp\cch76E5.tmp moved successfully.
C:\WINDOWS\Temp\cch76EA.tmp moved successfully.
C:\WINDOWS\Temp\cch76EB.tmp moved successfully.
C:\WINDOWS\Temp\cch783A.tmp moved successfully.
C:\WINDOWS\Temp\cch783B.tmp moved successfully.
C:\WINDOWS\Temp\cch7840.tmp moved successfully.
C:\WINDOWS\Temp\cch7841.tmp moved successfully.
C:\WINDOWS\Temp\cch7846.tmp moved successfully.
C:\WINDOWS\Temp\cch7847.tmp moved successfully.
C:\WINDOWS\Temp\cch7999.tmp moved successfully.
C:\WINDOWS\Temp\cch799A.tmp moved successfully.
C:\WINDOWS\Temp\cch799F.tmp moved successfully.
C:\WINDOWS\Temp\cch79A0.tmp moved successfully.
C:\WINDOWS\Temp\cch79A5.tmp moved successfully.
C:\WINDOWS\Temp\cch79A6.tmp moved successfully.
C:\WINDOWS\Temp\cch79AB.tmp moved successfully.
C:\WINDOWS\Temp\cch79AC.tmp moved successfully.
C:\WINDOWS\Temp\cch79B1.tmp moved successfully.
C:\WINDOWS\Temp\cch79B2.tmp moved successfully.
C:\WINDOWS\Temp\cch79B7.tmp moved successfully.
C:\WINDOWS\Temp\cch79B8.tmp moved successfully.
C:\WINDOWS\Temp\cch79BD.tmp moved successfully.
C:\WINDOWS\Temp\cch79BE.tmp moved successfully.
C:\WINDOWS\Temp\cch7AFE.tmp moved successfully.
C:\WINDOWS\Temp\cch7AFF.tmp moved successfully.
C:\WINDOWS\Temp\cch7B04.tmp moved successfully.
C:\WINDOWS\Temp\cch7B05.tmp moved successfully.
C:\WINDOWS\Temp\cch7B0A.tmp moved successfully.
C:\WINDOWS\Temp\cch7B0B.tmp moved successfully.
C:\WINDOWS\Temp\cch7B10.tmp moved successfully.
C:\WINDOWS\Temp\cch7B11.tmp moved successfully.
C:\WINDOWS\Temp\cch7B16.tmp moved successfully.
C:\WINDOWS\Temp\cch7B17.tmp moved successfully.
C:\WINDOWS\Temp\cch7B1C.tmp moved successfully.
C:\WINDOWS\Temp\cch7B1D.tmp moved successfully.
C:\WINDOWS\Temp\cch7B22.tmp moved successfully.
C:\WINDOWS\Temp\cch7B23.tmp moved successfully.
C:\WINDOWS\Temp\cch7B28.tmp moved successfully.
C:\WINDOWS\Temp\cch7B29.tmp moved successfully.
C:\WINDOWS\Temp\cch7B2E.tmp moved successfully.
C:\WINDOWS\Temp\cch7B2F.tmp moved successfully.
C:\WINDOWS\Temp\cch7B34.tmp moved successfully.
C:\WINDOWS\Temp\cch7B35.tmp moved successfully.
C:\WINDOWS\Temp\cch7B3A.tmp moved successfully.
C:\WINDOWS\Temp\cch7B3B.tmp moved successfully.
C:\WINDOWS\Temp\cch85A3.tmp moved successfully.
C:\WINDOWS\Temp\cch85A4.tmp moved successfully.
C:\WINDOWS\Temp\cch85A6.tmp moved successfully.
C:\WINDOWS\Temp\cch85A7.tmp moved successfully.
C:\WINDOWS\Temp\cch85A9.tmp moved successfully.
C:\WINDOWS\Temp\cch85AA.tmp moved successfully.
C:\WINDOWS\Temp\cch85AC.tmp moved successfully.
C:\WINDOWS\Temp\cch85AD.tmp moved successfully.
C:\WINDOWS\Temp\cch85AF.tmp moved successfully.
C:\WINDOWS\Temp\cch85B0.tmp moved successfully.
C:\WINDOWS\Temp\cch85B2.tmp moved successfully.
C:\WINDOWS\Temp\cch85B3.tmp moved successfully.
C:\WINDOWS\Temp\cch85B5.tmp moved successfully.
C:\WINDOWS\Temp\cch85B6.tmp moved successfully.
C:\WINDOWS\Temp\cch85B8.tmp moved successfully.
C:\WINDOWS\Temp\cch85B9.tmp moved successfully.
C:\WINDOWS\Temp\cch85BB.tmp moved successfully.
C:\WINDOWS\Temp\cch85BC.tmp moved successfully.
C:\WINDOWS\Temp\cch85DF.tmp moved successfully.
C:\WINDOWS\Temp\cch85E0.tmp moved successfully.
C:\WINDOWS\Temp\cch89A2.tmp moved successfully.
C:\WINDOWS\Temp\cch89A3.tmp moved successfully.
C:\WINDOWS\Temp\cch89AE.tmp moved successfully.
C:\WINDOWS\Temp\cch89AF.tmp moved successfully.
C:\WINDOWS\Temp\cch89B4.tmp moved successfully.
C:\WINDOWS\Temp\cch89B5.tmp moved successfully.
C:\WINDOWS\Temp\cch89BA.tmp moved successfully.
C:\WINDOWS\Temp\cch89BB.tmp moved successfully.
C:\WINDOWS\Temp\cch8A56.tmp moved successfully.
C:\WINDOWS\Temp\cch8A57.tmp moved successfully.
C:\WINDOWS\Temp\cch8A62.tmp moved successfully.
C:\WINDOWS\Temp\cch8A63.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Tom
->Temp folder emptied: 592947249 bytes
->Temporary Internet Files folder emptied: 451345631 bytes
->Java cache emptied: 52967 bytes
->Google Chrome cache emptied: 21441107 bytes
->Opera cache emptied: 61303835 bytes
->Flash cache emptied: 59604 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Opera cache emptied: 24165 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1140661 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3949877963 bytes

Total Files Cleaned = 4 843,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Tom
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 05122011_111737

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 12 kvě 2011 10:41

Do code se davaji skripty

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Napiste jak se chova PC

Saman321 · #10 Příspěvek od **Saman321** » 12 kvě 2011 12:09

Vše jsem provedl dle Vašich rad krom defragmentace, pustím ji přes noc. Závada, bohužel, trvá i nadále, toho jsem se bál. Ještě jsem asi měl na začátku zmínit, že závada se projevuje hned při startu. Systém se znatelně zpomalí hned při začátku bootování a najetí systému trvá neskutečně dlouho.
Pomohlo by, kdyby se mi nějakým způsobem podařilo dostat k bodům obnovení. V průběhu dubna a začátkem května jsem jich tam několik měl. Teď se mi zobrazí pouze včerejší bod obnovy, žádný jiný a do dubna se vůbec nedostanu.
Velmi moc Vám děkuji za ochotu věnovat se mému problému a za poskytnuté rady, i když problém nevyřešily. Díky.

#11 Příspěvek od **vyosek** » 12 kvě 2011 12:20

Jeste na to zkusime mrknout ci tam neni nejaka dalsi havet

Stahnete SPTD http://www.duplexsecure.com/en/downloads

Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
Ulozte na plochu a spustte
Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe

Ulozte na plochu a spustte
Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t -s
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

Dejte logy z Gmeru - viz muj podpis

Saman321 · #12 Příspěvek od **Saman321** » 12 kvě 2011 14:52

Omlouvám se, musel jsem služebně odjet. Zachovejte mi, prosím, přízeň, ozvu se zítra ráno.

#13 Příspěvek od **vyosek** » 12 kvě 2011 14:56

Nic se nedeje, budu i zitra

Saman321 · #14 Příspěvek od **Saman321** » 13 kvě 2011 06:52

Dobrý den, tak jsem zase zde. Druhý log z GMERu se mi, bohužel, nedaří získat. GMER se pokaždé v nějaké chvíli restartuje při kontrole souborů. Že by se přece jenom nějaká havěť tímto způsobem bránila?

log z MBR :

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD5000AAKS-00A7B2 rev.01.03B01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5

device: opened successfully
user: MBR read successfully

Disk trace:
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user & kernel MBR OK

první log z GMERu :

GMER 1.0.15.15627 - http://www.gmer.net
Rootkit quick scan 2011-05-13 06:51:38
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5 WDC_WD5000AAKS-00A7B2 rev.01.03B01
Running: gmer.exe; Driver: C:\DOCUME~1\Tom\LOCALS~1\Temp\kwldypod.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xA70BE392]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xA70BE3B4]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- EOF - GMER 1.0.15 ----

#15 Příspěvek od **vyosek** » 13 kvě 2011 08:26

Zkuste jej udelat v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

VIRY.CZ

Výrazné zpomalení PC s WinXP.

Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.

Re: Výrazné zpomalení PC s WinXP.