zpomalene RC

Zpráva

FrantaC · #1 Příspěvek od **FrantaC** » 29 črc 2012 09:14

Zdravim, prosim o pomoc , pc je velmi zpomaleme , misty az zasekne.
prikladam vypis z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2012-07-29 10:00:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 59 GB (57%) free of 104 GB
Total RAM: 2302 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:09, on 29.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxx\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\xxx.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APQDMW - Sysinternals - www.sysinternals.com - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\APQDMW.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6506 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/#utm_source=icq&u ... um=generic"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.7&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.268 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}(2)

C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\searchplugins\
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-17 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-02-26 1564368]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-02-26 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-19 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.7\ICQ.exe"="C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-29 09:49:33 ----D---- C:\WINDOWS\LastGood
2012-07-29 08:34:03 ----D---- C:\WINDOWS\system32\XPSViewer
2012-07-29 08:32:39 ----D---- C:\Program Files\MSBuild
2012-07-29 08:31:25 ----D---- C:\Program Files\Reference Assemblies
2012-07-29 08:28:20 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-07-29 08:28:17 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-07-29 08:28:12 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-07-29 08:28:10 ----D---- C:\f7ad9a5540fc5405402278347fbe1e51
2012-07-29 07:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2012-07-29 07:45:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2012-07-29 07:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2012-07-29 07:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2012-07-29 07:17:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2012-07-28 23:29:02 ----D---- C:\WINDOWS\ie8updates
2012-07-28 23:18:59 ----HDC---- C:\WINDOWS\ie8
2012-07-28 22:50:47 ----D---- C:\de8b2323f1af8f76160cc9f63f0a7d
2012-07-28 22:49:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2012-07-28 22:48:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2012-07-28 22:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-07-28 22:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$
2012-07-28 22:44:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-07-28 22:43:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-07-28 22:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-07-28 22:42:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2012-07-28 22:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-07-28 22:41:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-07-28 22:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-07-28 22:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-07-28 22:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-07-28 22:38:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2012-07-28 22:36:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-28 22:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2012-07-28 22:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-28 22:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2012-07-28 22:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2012-07-28 22:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-07-28 21:58:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2012-07-28 21:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2012-07-28 21:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2012-07-28 21:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2012-07-28 21:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-28 21:55:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2012-07-28 21:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2012-07-28 21:53:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-07-28 21:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2012-07-28 21:25:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-07-28 21:24:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-07-28 21:23:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2012-07-28 21:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-07-28 21:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-07-28 20:53:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-07-28 20:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2012-07-28 20:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-07-28 20:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-07-28 20:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2012-07-28 20:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-07-28 20:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2012-07-28 20:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-07-28 20:48:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-07-28 20:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2012-07-28 20:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2012-07-28 20:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-07-28 20:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2012-07-28 20:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2012-07-28 20:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-07-28 20:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2012-07-28 20:38:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2012-07-28 20:37:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2012-07-28 20:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-28 20:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2012-07-28 20:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2012-07-28 20:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-07-28 20:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2012-07-28 20:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$
2012-07-28 20:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2012-07-28 20:20:58 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-28 20:19:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-07-28 20:18:48 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-07-28 20:17:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-07-28 20:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2012-07-28 20:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-07-28 20:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-07-28 20:15:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2685939$
2012-07-28 19:52:22 ----SHD---- C:\Config.Msi
2012-07-28 19:44:15 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-07-28 19:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-07-28 19:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-07-28 19:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-07-28 19:13:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-07-28 19:11:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2012-07-28 19:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-07-28 19:07:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2012-07-28 19:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2012-07-28 19:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-07-28 19:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-07-28 19:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-07-28 19:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2012-07-28 18:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-07-28 18:58:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-07-28 18:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2012-07-28 18:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-07-28 18:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2012-07-28 18:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-28 18:54:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-07-28 18:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-07-28 18:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2012-07-28 18:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2012-07-28 18:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2012-07-28 18:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2012-07-28 18:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-07-28 18:49:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-07-28 18:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-07-28 18:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2012-07-28 18:21:45 ----D---- C:\WINDOWS\ie7updates
2012-07-28 18:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2012-07-28 18:20:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-07-28 18:18:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-07-28 18:16:54 ----D---- C:\Program Files\MSXML 4.0
2012-07-28 18:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2012-07-28 18:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-07-28 18:15:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2012-07-28 18:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2012-07-28 18:13:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2012-07-28 18:13:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-07-28 18:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2012-07-28 18:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-07-28 18:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-07-28 18:12:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2012-07-28 18:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2012-07-28 18:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-07-28 18:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2012-07-28 17:32:55 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2012-07-28 17:25:15 ----D---- C:\Program Files\trend micro
2012-07-28 17:25:13 ----D---- C:\rsit
2012-07-28 16:47:47 ----N---- C:\WINDOWS\system32\browserchoice.exe
2012-07-28 15:59:15 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-07-28 15:53:00 ----SHD---- C:\RECYCLER
2012-07-28 15:50:56 ----D---- C:\WINDOWS\system32\PreInstall
2012-07-28 15:01:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-07-28 11:36:33 ----RASHD---- C:\cmdcons
2012-07-28 11:32:15 ----A---- C:\WINDOWS\zip.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\SWSC.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\SWREG.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\sed.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\PEV.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\NIRCMD.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\MBR.exe
2012-07-28 11:32:15 ----A---- C:\WINDOWS\grep.exe
2012-07-28 11:31:46 ----D---- C:\Qoobox
2012-07-28 11:30:22 ----D---- C:\WINDOWS\erdnt
2012-07-11 22:35:16 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2012-07-29 10:00:04 ----RSD---- C:\WINDOWS\assembly
2012-07-29 09:57:16 ----D---- C:\WINDOWS\Temp
2012-07-29 09:50:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-07-29 09:49:55 ----D---- C:\WINDOWS\system32
2012-07-29 09:49:44 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-29 09:49:33 ----D---- C:\WINDOWS
2012-07-29 09:31:07 ----D---- C:\WINDOWS\Microsoft.NET
2012-07-29 09:21:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-29 09:15:11 ----SHD---- C:\WINDOWS\Installer
2012-07-29 09:06:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-29 09:04:42 ----D---- C:\WINDOWS\WinSxS
2012-07-29 08:32:55 ----D---- C:\WINDOWS\system32\en-US
2012-07-29 08:32:39 ----RD---- C:\Program Files
2012-07-29 08:32:06 ----RSD---- C:\WINDOWS\Fonts
2012-07-29 08:30:21 ----HD---- C:\WINDOWS\inf
2012-07-29 08:29:44 ----D---- C:\WINDOWS\system32\spool
2012-07-29 08:29:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-29 08:16:48 ----D---- C:\Program Files\Internet Explorer
2012-07-29 07:47:17 ----SD---- C:\WINDOWS\Tasks
2012-07-29 07:21:12 ----A---- C:\WINDOWS\imsins.BAK
2012-07-29 07:20:39 ----D---- C:\WINDOWS\system32\drivers
2012-07-29 07:20:04 ----D---- C:\Program Files\Mozilla Firefox
2012-07-29 07:20:02 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-29 07:05:13 ----D---- C:\WINDOWS\Prefetch
2012-07-29 07:03:37 ----D---- C:\WINDOWS\system32\cs-cz
2012-07-29 07:03:36 ----D---- C:\WINDOWS\Media
2012-07-29 07:03:35 ----D---- C:\WINDOWS\Help
2012-07-29 07:03:33 ----D---- C:\WINDOWS\AppPatch
2012-07-29 07:03:32 ----D---- C:\WINDOWS\system32\wbem
2012-07-28 22:50:06 ----D---- C:\Program Files\Messenger
2012-07-28 22:37:24 ----D---- C:\WINDOWS\system32\CatRoot
2012-07-28 20:21:59 ----D---- C:\WINDOWS\Debug
2012-07-28 18:53:37 ----D---- C:\Program Files\Outlook Express
2012-07-28 18:51:11 ----D---- C:\Program Files\Movie Maker
2012-07-28 15:02:46 ----D---- C:\WINDOWS\SoftwareDistribution
2012-07-28 12:02:33 ----A---- C:\WINDOWS\system.ini
2012-07-28 12:02:11 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-28 11:52:56 ----D---- C:\Program Files\Common Files
2012-07-28 11:36:58 ----RASH---- C:\boot.ini
2012-07-27 16:55:57 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-15 20:06:14 ----D---- C:\Documents and Settings\xxx\Data aplikací\Skype
2012-07-12 11:17:48 ----D---- C:\WINDOWS\Minidump
2012-07-11 22:48:14 ----A---- C:\WINDOWS\OEWABLog.txt
2012-07-11 22:46:15 ----D---- C:\Documents and Settings
2012-07-03 18:21:28 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-19 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-02-26 1540096]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\xxx\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-19 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-19 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-02-26 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-02-26 1564368]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-01-31 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
S3 APQDMW;APQDMW; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\APQDMW.exe [2012-07-28 445312]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 29 črc 2012 09:20

Zdravim, pekne nedelni dopoledne preji a vitam vas u nas na foru

Co jste tam prosim provadel s ComboFixem ?

Umite s nim pracovat ( = znate prubeh jeho skenu, interpetaci logu a nasledne docisteni pomoci skriptu)

Najdete jeho log, mel by byl c:\combofix.txt

FrantaC · #3 Příspěvek od **FrantaC** » 29 črc 2012 10:06

Zdravim a diky za promptni reakci.
Bohuzel , nemohu vyhovet predchozimu pozadavku.
PC je totiz ditka , a dostal jsem se k nemu az v
tomto stadiu. Log z ComboFixu jsem nikde nenalezl . . .
Taky si necinim narok na oznaceni expert a to ani pokud se tyka combofixu .

Nasel jsem pouze toto , s nazvem Add-Remove Programs:

Acer OrbiCam
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) - Czech
Ask Toolbar
Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
avast! Free Antivirus
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Tool
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon My Printer
Canon Solution Menu EX
Google Chrome
Guard.ICQ
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Windows XP (KB915865)
ICQ Toolbar
ICQ7.7
Microsoft .NET Framework 2.0
Microsoft .NET Framework 4 Client Profile
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 11.0 (x86 cs)
MSXML 6.0 Parser
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Nokia Connectivity Cable Driver
Nokia Flashing Cable Driver
OpenOffice.org 3.3
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864)
Oprava Hotfix systému Windows XP (KB942288-v3)
PL-2303 USB-to-Serial
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
Registrace uivatele zařízení Canon MP495 series
Skype 5.8
SMSC IrCC V5.1.3600.7
Softarová utilita ATI - Odinstalovat
Synaptics Pointing Device Driver
WebFldrs XP

#4 Příspěvek od **vyosek** » 29 črc 2012 10:33

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Odinstalujte ICQ Toolbar a Ask Toolbar

Stahnete si CF odsud http://download.bleepingcomputer.com/sUBs/ComboFix.exe ale nespoustejte

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Driver::
Guard.Mail.ru

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"Guard.Mail.ru.gui"=-

File::
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\searchplugins\icqplugin-1.xml
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\searchplugins\icqplugin.xml
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

ClearJavaCache::

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

FrantaC · #5 Příspěvek od **FrantaC** » 29 črc 2012 15:50

Takze jsem odinstaloval ICQ toolbar , ASK toolbar jsem v PC nenasel ?
pouzil jsem CF dle rady a nize vkladam log:
tak chyba , log je prilis velky !
Jak dal ?

#6 Příspěvek od **vyosek** » 29 črc 2012 15:55

Uploadnete mi log na LP http://leteckaposta.cz/

FrantaC · #7 Příspěvek od **FrantaC** » 29 črc 2012 16:14

ZDE je :
http://leteckaposta.cz/941662211

#8 Příspěvek od **vyosek** » 29 črc 2012 17:02

Jak se chova nas pacient

FrantaC · #9 Příspěvek od **FrantaC** » 29 črc 2012 17:38

Tak zatim se jevi stale jako pomaly flakac !

#10 Příspěvek od **vyosek** » 29 črc 2012 18:00

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

FrantaC · #11 Příspěvek od **FrantaC** » 29 črc 2012 23:22

tak hotovo , vkladam pozadovane logy ,
a taky jsem zapomel poznamenat , ze
prubezne stahuji aktualizace , mam pocit , ze
snad od instalace nebyla zadna stazena . . .

a mimochodem , zadna zmena .

OTL logfile created on: 29.7.2012 20:00:32 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,25 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 71,50% Memory free
4,09 Gb Paging File | 3,56 Gb Available in Paging File | 86,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,02 Gb Total Space | 57,65 Gb Free Space | 56,51% Space Free | Partition Type: NTFS

Computer Name: XXX-FA22318D9E6 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.29 19:53:46 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.10.21 06:45:48 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2011.01.17 17:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 17:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 01:14:29 | 021,005,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\NDP30SP2-KB982168-x86.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010.04.11 22:17:16 | 000,321,888 | ---- | M] (Microsoft Corporation) -- c:\3ef7f22ad237ab55ed536be8faf40a\HotFixInstaller.exe
PRC - [2009.03.10 22:18:18 | 000,969,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.29 20:01:04 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.07.29 17:33:11 | 001,789,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12072901\algo.dll
MOD - [2012.07.29 11:23:12 | 011,796,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
MOD - [2012.07.29 11:21:22 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
MOD - [2012.07.29 11:14:22 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
MOD - [2012.07.29 10:06:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
MOD - [2012.07.29 10:05:21 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
MOD - [2012.07.29 10:03:03 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
MOD - [2012.07.29 09:17:22 | 007,868,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
MOD - [2012.07.29 09:16:00 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
MOD - [2012.02.26 23:32:10 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.10.21 06:45:46 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\ppgooglenaclpluginchrome.dll
MOD - [2011.10.21 06:45:45 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\pdf.dll
MOD - [2011.10.21 06:44:24 | 000,518,712 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\libglesv2.dll
MOD - [2011.10.21 06:44:23 | 000,112,696 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\libegl.dll
MOD - [2011.10.21 06:44:09 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\avutil-51.dll
MOD - [2011.10.21 06:44:08 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\avformat-53.dll
MOD - [2011.10.21 06:44:07 | 001,745,992 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\Application\15.0.874.102\avcodec-53.dll
MOD - [2005.10.19 11:17:58 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\APQDMW.exe -- (APQDMW)
SRV - [2012.07.27 16:55:58 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.02.26 16:14:12 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.12.02 14:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 14:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 14:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 14:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.02 12:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008.04.17 17:33:00 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2007.07.26 14:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006.12.22 12:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 12:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006.12.22 12:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.06.16 20:56:38 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.05.25 11:19:48 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006.05.25 11:19:44 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006.05.25 11:19:40 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006.05.10 13:22:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/#utm_source=icq&u ... um=generic"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.7&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.28 11:00:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.18 21:25:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.02.26 15:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2012.07.28 17:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\extensions
[2012.04.11 20:36:01 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(2)
[2012.07.29 07:22:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\searchplugins\icqplugin-1.xml
[2012.04.04 14:48:09 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0ni0w92r.default\searchplugins\icqplugin.xml
[2012.02.26 15:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.28 11:00:29 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.04.18 21:25:02 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 14:28:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.16 14:28:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.16 14:28:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.16 14:28:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.16 14:28:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\xxx\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\15.0.874.102\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\xxx\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\15.0.874.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\xxx\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\15.0.874.102\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\xxx\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\

O1 HOSTS File: ([2012.07.29 16:01:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - Startup: C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FB14C30-6CFD-4BC2-A5E0-8CE1AD89FFBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1709275-9D13-49C0-AC34-09E4F102DD69}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xxx\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xxx\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.24 15:52:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.07.29 20:12:04 | 000,000,000 | ---D | C] -- C:\900fbd3c3121bfc292
[2012.07.29 19:53:46 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2012.07.29 18:43:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.07.29 16:41:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.07.29 16:24:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.07.29 09:16:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\xxx\PrivacIE
[2012.07.29 08:34:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012.07.29 08:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012.07.29 08:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012.07.29 08:28:20 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2012.07.29 08:28:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2012.07.29 08:28:18 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2012.07.29 08:28:17 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2012.07.29 08:28:12 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2012.07.29 08:28:12 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2012.07.29 08:28:10 | 000,000,000 | ---D | C] -- C:\f7ad9a5540fc5405402278347fbe1e51
[2012.07.29 07:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.07.29 07:07:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\xxx\IETldCache
[2012.07.28 23:29:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.07.28 23:27:28 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.07.28 23:18:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.07.28 22:50:47 | 000,000,000 | ---D | C] -- C:\de8b2323f1af8f76160cc9f63f0a7d
[2012.07.28 18:21:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2012.07.28 18:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.07.28 17:32:55 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.07.28 17:25:44 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.07.28 17:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.28 17:25:13 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.28 16:47:47 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.07.28 16:06:54 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.07.28 16:06:51 | 002,194,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.07.28 16:06:38 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.07.28 16:06:34 | 002,071,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012.07.28 15:50:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.07.28 15:04:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\RK_Quarantine
[2012.07.28 15:01:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.07.28 11:36:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.07.28 11:32:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.07.28 11:32:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.07.28 11:32:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.07.28 11:32:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.07.28 11:31:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.07.28 11:31:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Nástroje pro správu
[2012.07.28 11:30:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.07.28 10:53:22 | 004,721,417 | R--- | C] (Swearware) -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.07.29 21:39:09 | 000,457,748 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.29 21:39:09 | 000,453,670 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.07.29 21:39:09 | 000,069,712 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.29 21:39:08 | 000,080,046 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.07.29 20:21:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.29 20:12:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.29 19:53:46 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2012.07.29 18:30:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.29 18:28:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.29 16:01:25 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.07.29 15:03:52 | 004,721,417 | R--- | M] (Swearware) -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[2012.07.29 09:27:22 | 000,124,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.28 11:36:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.07.28 11:00:38 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.27 16:55:57 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.07.27 16:55:55 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.29 20:12:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.29 07:06:29 | 000,000,846 | ---- | C] () -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Internet Explorer.lnk
[2012.07.28 15:59:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.07.28 15:59:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.07.28 11:36:51 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.07.28 11:32:15 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.07.28 11:32:15 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.07.28 11:32:15 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.07.28 11:32:15 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.07.28 11:32:15 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.06.21 08:15:28 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.24 18:50:58 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2012.02.24 18:25:04 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2012.02.24 18:14:33 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.02.24 18:14:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2012.02.24 18:14:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2012.02.24 18:14:10 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2012.02.24 16:38:39 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.24 16:37:02 | 000,124,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.24 15:57:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.02.24 15:46:47 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2012.03.26 13:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.02.24 20:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canon IJ Network Tool
[2012.02.24 19:55:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.02.24 20:20:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2012.02.26 17:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2012.02.24 20:20:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2012.02.24 19:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2012.02.24 20:20:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2012.02.26 17:31:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2012.02.24 20:07:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2012.02.24 19:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2012.03.24 20:57:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.02.26 17:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.03.24 20:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.04.12 19:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2012.02.26 17:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Canon
[2012.02.24 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Canon Easy-WebPrint EX
[2012.06.17 15:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2012.02.26 23:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\OpenOffice.org

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >

OTL Extras logfile created on: 29.7.2012 20:00:33 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,25 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 71,50% Memory free
4,09 Gb Paging File | 3,56 Gb Available in Paging File | 86,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,02 Gb Total Space | 57,65 Gb Free Space | 56,51% Space Free | Partition Type: NTFS

Computer Name: XXX-FA22318D9E6 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{79B05AF4-8894-49A1-9FF4-53F0142D85E1}" = ATI Catalyst Control Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{9544BF15-E7AB-43EA-B8D4-159C7DA17FC9}" = Nokia Connectivity Cable Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer OrbiCam
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.7
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"6EDA9AD6C8C68418427383EF403AC547797F6A93" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Guard.Mail.ru" = Guard.ICQ
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Registrace uživatele zařízení Canon MP495 series" = Registrace uživatele zařízení Canon MP495 series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.7.2012 12:26:05 | Computer Name = XXX-FA22318D9E6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 15.0.874.102, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.7.2012 5:44:05 | Computer Name = XXX-FA22318D9E6 | Source = Application Error | ID = 1000
Description = Chybující aplikace pev.exe, verze 0.0.0.0, chybující modul pev.exe,
verze 0.0.0.0, adresa chyby 0x0008d1c0.

Error - 29.7.2012 3:30:59 | Computer Name = XXX-FA22318D9E6 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 29.7.2012 10:04:51 | Computer Name = XXX-FA22318D9E6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.7.2012 10:38:35 | Computer Name = XXX-FA22318D9E6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.7.2012 12:34:52 | Computer Name = XXX-FA22318D9E6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.7.2012 12:35:02 | Computer Name = XXX-FA22318D9E6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 29.7.2012 9:13:19 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 29.7.2012 9:13:19 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7034
Description = Služba @C:\Program Files\Nero\Update\NASvc.exe,-200 byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 29.7.2012 9:13:19 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 29.7.2012 9:13:20 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7034
Description = Služba Guard.Mail.ru byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 29.7.2012 9:13:20 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 29.7.2012 10:00:30 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7022
Description = Služba Prohledávání počítačů přestala během spouštění reagovat.

Error - 29.7.2012 10:00:30 | Computer Name = XXX-FA22318D9E6 | Source = Service Control Manager | ID = 7022
Description = Služba Brána Firewall / Sdílení připojení k Internetu (ICS) přestala
během spouštění reagovat.

< End of report >

musim bohuzel na tyden odcestovat
takze z moji strany mozne pokracovani v patek !

zatim diky a at se dari.

#12 Příspěvek od **vyosek** » 05 srp 2012 21:24

Omlouvam se, nejak jste mi zapadl - thx motji

Log OTL neni cely, vlozte jej prosim znovu

FrantaC · #13 Příspěvek od **FrantaC** » 18 srp 2012 07:37

Takze , problem vyresen REINSTALem . V PC byl navic nelegal XP midto Visty.
Uvedeno do správneho stavu.
Děkuji za pomoc.
Č.F.

#14 Příspěvek od **vyosek** » 18 srp 2012 12:11

OK, nemate tedy zac

VIRY.CZ

zpomalene RC

zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC

Re: zpomalene RC