VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=123478

Stránka 1 z 1

prosím o preventivní kontrolu

Napsal: 06 srp 2012 16:42
od eklp
dobrý den,
prosím o kontrolu logu, zdá se mi, že můj netbook je nějak zbytečně pomalý, a i když nemám spuštěný žádný program žere docela dost ram, také startování jednotlivých aplikací je celkem na dlouho

Logfile of random's system information tool 1.09 (written by random/random)
Run by Eklp at 2012-08-06 17:39:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (21%) free of 130 GB
Total RAM: 1015 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:39:44, on 6.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\History Sweeper\sweeper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
c:\Documents and Settings\Eklp\Dokumenty\Downloads\RSIT (2).exe
C:\Program Files\trend micro\Eklp.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sweeper.exe] C:\Program Files\History Sweeper\sweeper.exe
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6430 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default

prefs.js - "browser.startup.homepage" - "http://my.daemon-search.com/|http://centrum.cz/firefox"
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.203.023.002, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"
prefs.js - "keyword.URL" - "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\searchplugins\
daemon-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-28 16861696]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-22 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-05 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-12-04 114688]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-12-17 622592]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Sweeper.exe"=C:\Program Files\History Sweeper\sweeper.exe [2012-04-29 208896]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2012-05-04 188640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\age\aoe2\age2_x1.exe"="E:\age\aoe2\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skypeiepluginbroker.exe]
"Debugger=""C:\Program Files\Zrychleni Pocitace\PCSUSD.exe" /debugexe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-31 16:00:12 ----A---- C:\WINDOWS\WORDPAD.INI
2012-07-23 10:08:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-07-23 10:08:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-13 15:16:30 ----D---- C:\Documents and Settings\Eklp\Data aplikací\.purple
2012-07-13 15:14:33 ----D---- C:\Program Files\Pidgin
2012-07-13 09:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-13 09:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-13 09:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-13 09:48:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-13 09:43:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-08 22:16:27 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2012-08-06 17:39:46 ----D---- C:\WINDOWS\Temp
2012-08-06 17:39:36 ----D---- C:\Program Files\trend micro
2012-08-06 17:38:24 ----D---- C:\WINDOWS\Prefetch
2012-08-06 17:38:21 ----D---- C:\WINDOWS\system32\drivers
2012-08-06 17:15:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-08-06 17:12:20 ----D---- C:\Program Files\Zrychleni Pocitace
2012-08-04 15:27:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-02 09:11:37 ----D---- C:\Documents and Settings\Eklp\Data aplikací\Skype
2012-07-31 16:00:12 ----D---- C:\WINDOWS
2012-07-26 09:40:33 ----HD---- C:\WINDOWS\inf
2012-07-26 09:40:31 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-25 20:49:22 ----D---- C:\Documents and Settings\Eklp\Data aplikací\gtk-2.0
2012-07-23 10:08:38 ----D---- C:\Program Files\Mozilla Firefox
2012-07-23 10:08:24 ----RD---- C:\Program Files
2012-07-13 15:12:28 ----D---- C:\WINDOWS\system32
2012-07-13 15:12:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-13 09:49:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-13 09:48:40 ----A---- C:\WINDOWS\imsins.BAK
2012-07-13 09:48:31 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-13 09:44:01 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-08 22:17:04 ----SHD---- C:\WINDOWS\Installer
2012-07-08 22:17:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-07-08 22:16:28 ----RD---- C:\Program Files\Skype
2012-07-08 22:16:27 ----D---- C:\Program Files\Common Files
2012-07-08 13:57:07 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-11-21 879624]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-10 218688]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-29 4733440]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2011-01-05 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-12 36864]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-09-24 704384]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-12-10 539640]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-06-29 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-11-28 74688]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-01-29 264800]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2012-05-04 289504]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-23 129976]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Re: prosím o preventivní kontrolu

Napsal: 06 srp 2012 23:00
od Márty84
Zdravim :)

Bezi vam tam dva antiviry. Avast a MBAM. Jestli jste delal uplnou kontrolu MBAM a nic nenasel, odinstalujte jej. Jestli jste kontrolu udelal, tak kdyz uz je v pc, udelejte ji. Nic ale nemazte, vysledky zkopirujte tady.

Kontrola logu bude chvili trvat.

Re: prosím o preventivní kontrolu

Napsal: 06 srp 2012 23:04
od Márty84
Mimochodem, doufam, ze leceni/cisteni tentokrat dokoncite :roll:

Re: prosím o preventivní kontrolu

Napsal: 06 srp 2012 23:17
od Márty84
:arrow: Odinstalujte C:\Program Files\Zrychleni Pocitace




:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a soustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\searchplugins\daemon-search.xml

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sweeper.exe"=-
"PCSpeedUp"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Re: prosím o preventivní kontrolu

Napsal: 20 srp 2012 16:36
od eklp
budu se snažit až do konce :)


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Eklp
->Temp folder emptied: 46259238 bytes
->Temporary Internet Files folder emptied: 237280 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 62172590 bytes
->Google Chrome cache emptied: 304868946 bytes
->Flash cache emptied: 4638 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25687187 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 419,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Eklp
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job not found.
C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\searchplugins\daemon-search.xml moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Sweeper.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 08202012_173100

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: prosím o preventivní kontrolu

Napsal: 20 srp 2012 19:15
od Márty84
A to bylo pc celou dobu vypnute? Protoze za tu dobu se tam mohlo udat spoustu veci a tohle uz nemuselo mit zadny smysl :?:


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: prosím o preventivní kontrolu

Napsal: 22 srp 2012 05:33
od eklp
OTL logfile created on: 21.8.2012 22:59:18 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Eklp\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,17 Mb Total Physical Memory | 129,96 Mb Available Physical Memory | 12,80% Memory free
2,39 Gb Paging File | 1,49 Gb Available in Paging File | 62,42% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 126,95 Gb Total Space | 25,83 Gb Free Space | 20,35% Space Free | Partition Type: NTFS
Drive E: | 22,09 Gb Total Space | 5,07 Gb Free Space | 22,96% Space Free | Partition Type: NTFS

Computer Name: EKLP-PC | User Name: Eklp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.21 22:06:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eklp\Dokumenty\Downloads\OTL.exe
PRC - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.05.07 06:36:06 | 000,049,340 | ---- | M] (The Pidgin developer community) -- C:\Program Files\Pidgin\pidgin.exe
PRC - [2012.04.28 04:07:02 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008.12.17 20:59:50 | 000,622,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.12.04 14:38:06 | 000,114,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.05.21 02:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 09:52:20 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2006.07.22 01:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe


========== Modules (No Company Name) ==========

MOD - [2012.08.21 09:21:38 | 001,802,240 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12082100\algo.dll
MOD - [2012.07.13 15:14:36 | 000,219,305 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll
MOD - [2012.07.13 15:14:36 | 000,090,496 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
MOD - [2012.07.13 15:14:36 | 000,055,808 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\zlib1.dll
MOD - [2012.07.13 15:14:35 | 000,482,872 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libgio-2.0-0.dll
MOD - [2012.07.13 15:14:35 | 000,279,059 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll
MOD - [2012.07.13 15:14:35 | 000,095,189 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll
MOD - [2012.07.13 15:14:34 | 000,904,525 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll
MOD - [2012.07.13 15:14:34 | 000,535,264 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\freetype6.dll
MOD - [2012.07.13 15:14:34 | 000,143,096 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll
MOD - [2012.05.07 06:36:08 | 000,036,068 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppdisco.dll
MOD - [2012.05.07 06:36:08 | 000,030,333 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppconsole.dll
MOD - [2012.05.07 06:36:08 | 000,024,487 | ---- | M] () -- C:\Program Files\Pidgin\plugins\themeedit.dll
MOD - [2012.05.07 06:36:08 | 000,024,106 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ticker.dll
MOD - [2012.05.07 06:36:08 | 000,023,455 | ---- | M] () -- C:\Program Files\Pidgin\plugins\winprefs.dll
MOD - [2012.05.07 06:36:08 | 000,022,901 | ---- | M] () -- C:\Program Files\Pidgin\plugins\win2ktrans.dll
MOD - [2012.05.07 06:36:08 | 000,017,951 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp_format.dll
MOD - [2012.05.07 06:36:08 | 000,013,589 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp.dll
MOD - [2012.05.07 06:36:06 | 000,338,072 | ---- | M] () -- C:\Program Files\Pidgin\libjabber.dll
MOD - [2012.05.07 06:36:06 | 000,303,303 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmsn.dll
MOD - [2012.05.07 06:36:06 | 000,256,529 | ---- | M] () -- C:\Program Files\Pidgin\liboscar.dll
MOD - [2012.05.07 06:36:06 | 000,194,434 | ---- | M] () -- C:\Program Files\Pidgin\libymsg.dll
MOD - [2012.05.07 06:36:06 | 000,184,224 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libgg.dll
MOD - [2012.05.07 06:36:06 | 000,149,384 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsilc.dll
MOD - [2012.05.07 06:36:06 | 000,121,476 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmxit.dll
MOD - [2012.05.07 06:36:06 | 000,096,443 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsametime.dll
MOD - [2012.05.07 06:36:06 | 000,092,138 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libnovell.dll
MOD - [2012.05.07 06:36:06 | 000,088,548 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmyspace.dll
MOD - [2012.05.07 06:36:06 | 000,079,775 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libirc.dll
MOD - [2012.05.07 06:36:06 | 000,073,584 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libbonjour.dll
MOD - [2012.05.07 06:36:06 | 000,063,229 | ---- | M] () -- C:\Program Files\Pidgin\plugins\spellchk.dll
MOD - [2012.05.07 06:36:06 | 000,045,348 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsimple.dll
MOD - [2012.05.07 06:36:06 | 000,039,509 | ---- | M] () -- C:\Program Files\Pidgin\plugins\log_reader.dll
MOD - [2012.05.07 06:36:06 | 000,023,390 | ---- | M] () -- C:\Program Files\Pidgin\plugins\pidginrc.dll
MOD - [2012.05.07 06:36:06 | 000,022,335 | ---- | M] () -- C:\Program Files\Pidgin\plugins\notify.dll
MOD - [2012.05.07 06:36:06 | 000,019,854 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl-nss.dll
MOD - [2012.05.07 06:36:06 | 000,019,058 | ---- | M] () -- C:\Program Files\Pidgin\plugins\convcolors.dll
MOD - [2012.05.07 06:36:06 | 000,018,502 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoo.dll
MOD - [2012.05.07 06:36:06 | 000,017,519 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libxmpp.dll
MOD - [2012.05.07 06:36:06 | 000,014,951 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoojp.dll
MOD - [2012.05.07 06:36:06 | 000,014,905 | ---- | M] () -- C:\Program Files\Pidgin\plugins\markerline.dll
MOD - [2012.05.07 06:36:06 | 000,014,619 | ---- | M] () -- C:\Program Files\Pidgin\plugins\autoaccept.dll
MOD - [2012.05.07 06:36:06 | 000,013,528 | ---- | M] () -- C:\Program Files\Pidgin\plugins\history.dll
MOD - [2012.05.07 06:36:06 | 000,012,665 | ---- | M] () -- C:\Program Files\Pidgin\plugins\idle.dll
MOD - [2012.05.07 06:36:06 | 000,012,177 | ---- | M] () -- C:\Program Files\Pidgin\plugins\joinpart.dll
MOD - [2012.05.07 06:36:06 | 000,011,669 | ---- | M] () -- C:\Program Files\Pidgin\plugins\offlinemsg.dll
MOD - [2012.05.07 06:36:06 | 000,011,163 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libicq.dll
MOD - [2012.05.07 06:36:06 | 000,010,860 | ---- | M] () -- C:\Program Files\Pidgin\plugins\extplacement.dll
MOD - [2012.05.07 06:36:06 | 000,010,624 | ---- | M] () -- C:\Program Files\Pidgin\plugins\statenotify.dll
MOD - [2012.05.07 06:36:06 | 000,010,232 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libaim.dll
MOD - [2012.05.07 06:36:06 | 000,010,203 | ---- | M] () -- C:\Program Files\Pidgin\plugins\sendbutton.dll
MOD - [2012.05.07 06:36:06 | 000,010,075 | ---- | M] () -- C:\Program Files\Pidgin\plugins\relnot.dll
MOD - [2012.05.07 06:36:06 | 000,010,026 | ---- | M] () -- C:\Program Files\Pidgin\plugins\psychic.dll
MOD - [2012.05.07 06:36:06 | 000,009,126 | ---- | M] () -- C:\Program Files\Pidgin\plugins\newline.dll
MOD - [2012.05.07 06:36:06 | 000,008,793 | ---- | M] () -- C:\Program Files\Pidgin\plugins\gtkbuddynote.dll
MOD - [2012.05.07 06:36:06 | 000,007,899 | ---- | M] () -- C:\Program Files\Pidgin\plugins\buddynote.dll
MOD - [2012.05.07 06:36:06 | 000,007,511 | ---- | M] () -- C:\Program Files\Pidgin\plugins\iconaway.dll
MOD - [2012.05.07 06:36:06 | 000,007,162 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl.dll
MOD - [2012.05.07 06:36:04 | 000,582,656 | ---- | M] () -- C:\Program Files\Pidgin\exchndl.dll
MOD - [2012.05.07 06:36:04 | 000,475,580 | ---- | M] () -- C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll
MOD - [2012.05.07 06:35:14 | 000,417,501 | ---- | M] () -- C:\Program Files\Pidgin\sqlite3.dll
MOD - [2012.05.07 06:35:12 | 002,719,062 | ---- | M] () -- C:\Program Files\Pidgin\libsilc-1-1-2.dll
MOD - [2012.05.07 06:35:12 | 001,206,642 | ---- | M] () -- C:\Program Files\Pidgin\libsilcclient-1-1-2.dll
MOD - [2012.05.07 06:35:12 | 000,173,805 | ---- | M] () -- C:\Program Files\Pidgin\libmeanwhile-1.dll
MOD - [2012.05.07 06:35:08 | 001,213,633 | ---- | M] () -- C:\Program Files\Pidgin\libxml2-2.dll
MOD - [2012.04.28 04:07:01 | 000,444,400 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012.04.28 04:06:59 | 003,915,248 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012.04.28 04:05:34 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012.04.28 04:05:33 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012.04.28 04:05:32 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012.04.28 03:09:18 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe


========== Win32 Services (SafeList) ==========

SRV - [2012.08.20 17:28:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.23 10:07:44 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.02.10 09:20:23 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008.10.21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.10.21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.10.21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.10.21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.10.21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.09.24 21:30:08 | 000,704,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.04.29 01:27:52 | 004,733,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.08 16:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008.03.12 04:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.12.10 21:21:26 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.28 00:40:38 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.11.21 19:51:30 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.06.29 20:38:30 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.31 21:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.23 18:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes,DefaultScope = {D5D47440-0750-463D-BAEF-A47D02414806}
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://my.daemon-search.com/|http://centrum.cz/firefox"
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.203.023.002
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.08 13:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.23 10:07:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.06 22:45:59 | 000,000,000 | ---D | M]

[2010.11.20 02:25:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Extensions
[2012.07.24 10:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\extensions
[2012.07.23 10:08:52 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Eklp\Data aplikací\Mozilla\Firefox\Profiles\xndlvzc2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.23 10:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.01 09:41:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.25 14:42:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 14:42:35 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.23 10:07:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.03.26 08:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.07.23 10:07:30 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.23 10:07:30 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.23 10:07:30 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.23 10:07:30 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.23 10:07:30 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Eklp\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Eklp\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Eklp\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Eklp\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - Extension: YouTube = C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Gmail = C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.08.20 17:31:40 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28208C71-8730-4DDC-9A3B-5D087DFBDDA5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4afbc010-34e6-11e0-adcd-0023548eeb55}\Shell - "" = AutoRun
O33 - MountPoints2\{4afbc010-34e6-11e0-adcd-0023548eeb55}\Shell\AutoRun\command - "" = D:\wubi.exe --cdmenu
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\AutoRun\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\explore\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\Install\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\open\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{9e26b21a-bf9f-11e0-ae03-0015afdc248a}\Shell - "" = AutoRun
O33 - MountPoints2\{9e26b21a-bf9f-11e0-ae03-0015afdc248a}\Shell\AutoRun\command - "" = D:\iStudio.exe
O33 - MountPoints2\{b97b4cf7-3dbd-11e0-add2-002243b8c6fe}\Shell - "" = AutoRun
O33 - MountPoints2\{b97b4cf7-3dbd-11e0-add2-002243b8c6fe}\Shell\AutoRun\command - "" = F:\wubi.exe --cdmenu
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.08.20 16:46:55 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.06 23:10:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Sun
[2012.08.06 23:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.08.06 22:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.08.06 22:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eklp\Data aplikací\Oracle
[2012.08.06 22:45:59 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.08.06 22:45:59 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.08.06 22:45:27 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.06 22:45:26 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.07.23 10:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.07.23 10:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2010.12.20 12:06:19 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe15A.dll

========== Files - Modified Within 30 Days ==========

[2012.08.21 23:04:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.21 22:27:07 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.21 13:57:01 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.20 17:33:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.20 17:32:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.20 17:31:40 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.08.20 17:31:08 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.20 17:31:08 | 000,310,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.20 17:31:08 | 000,046,394 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.08.20 17:31:08 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.20 17:28:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.20 17:28:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.20 16:43:53 | 000,118,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 07:42:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.12 09:31:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.08.08 11:06:41 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.08.06 22:44:57 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.06 22:44:57 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.08.06 16:15:21 | 000,000,423 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\linky.rtf
[2012.08.02 10:41:22 | 000,000,253 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\innovation.rtf
[2012.07.31 16:00:12 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012.07.26 14:23:16 | 000,069,159 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\dobrovolnictví.rtf
[2012.07.25 12:13:11 | 000,077,864 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\7623677420_058901e23b_z.jpg
[2012.07.25 12:12:19 | 000,119,078 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\schovka.jpg
[2012.07.24 20:43:00 | 000,522,136 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\zmije_II.JPG
[2012.07.24 20:43:00 | 000,002,721 | ---- | M] () -- C:\Documents and Settings\Eklp\.recently-used.xbel
[2012.07.24 20:41:20 | 000,542,260 | ---- | M] () -- C:\Documents and Settings\Eklp\Plocha\zmije.JPG

========== Files Created - No Company Name ==========

[2012.08.21 22:14:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.20 16:46:58 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.06 16:15:21 | 000,000,423 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\linky.rtf
[2012.08.02 10:41:21 | 000,000,253 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\innovation.rtf
[2012.07.31 16:00:12 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012.07.25 12:13:14 | 000,077,864 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\7623677420_058901e23b_z.jpg
[2012.07.25 12:12:28 | 000,119,078 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\schovka.jpg
[2012.07.24 20:43:00 | 000,002,721 | ---- | C] () -- C:\Documents and Settings\Eklp\.recently-used.xbel
[2012.07.24 20:42:59 | 000,522,136 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\zmije_II.JPG
[2012.07.24 20:41:20 | 000,542,260 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\zmije.JPG
[2012.07.24 07:33:58 | 000,069,159 | ---- | C] () -- C:\Documents and Settings\Eklp\Plocha\dobrovolnictví.rtf
[2012.02.15 08:35:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.04.14 01:59:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.11 10:33:04 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2010.12.01 08:36:33 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Eklp\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.23 09:36:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.11.20 02:25:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.20 02:23:55 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.20 02:23:54 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.20 02:23:52 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.20 02:23:52 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.20 02:23:51 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.20 01:20:30 | 000,015,312 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010.11.20 01:17:37 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.20 01:16:29 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2010.11.20 01:13:23 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2010.11.19 22:46:29 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.19 22:45:00 | 000,118,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.19 22:07:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.19 21:57:33 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2011.04.06 10:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avanquest
[2011.04.06 10:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2010.12.20 12:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.11.20 02:47:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.02.24 08:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.12.28 21:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Family Farm
[2010.11.20 02:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.01.10 13:14:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}
[2012.08.21 23:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\.purple
[2010.11.20 02:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\AVG10
[2012.03.02 22:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\BSW
[2011.01.30 16:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\calibre
[2011.02.10 09:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\DAEMON Tools Lite
[2010.11.20 02:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Foxit
[2010.11.20 02:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Foxit Software
[2010.12.17 08:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\GHISLER
[2012.07.25 20:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\gtk-2.0
[2010.11.23 15:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\OpenOffice.org
[2012.08.06 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Oracle
[2010.11.29 16:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Sachy
[2010.12.14 11:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Scribus
[2012.08.21 13:57:01 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 12:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.21 23:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\.purple
[2011.03.06 04:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Adobe
[2010.11.20 02:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\AVG10
[2012.03.02 22:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\BSW
[2011.01.30 16:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\calibre
[2011.02.10 09:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\DAEMON Tools Lite
[2010.11.20 02:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Foxit
[2010.11.20 02:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Foxit Software
[2010.12.17 08:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\GHISLER
[2012.07.25 20:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\gtk-2.0
[2010.11.19 22:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Identities
[2010.11.20 01:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\InstallShield
[2011.08.05 22:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Intelli-studio
[2010.11.20 01:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Macromedia
[2011.04.06 10:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Malwarebytes
[2010.11.27 10:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Media Player Classic
[2011.01.28 09:41:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Eklp\Data aplikací\Microsoft
[2010.11.20 02:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Mozilla
[2010.11.23 15:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\OpenOffice.org
[2012.08.06 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Oracle
[2010.11.29 16:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Sachy
[2010.12.14 11:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Scribus
[2012.08.08 18:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Skype
[2011.06.20 08:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\skypePM
[2010.12.08 08:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\Sun

< %APPDATA%\*.exe /s >
[2010.11.20 01:18:15 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Eklp\Data aplikací\Microsoft\Installer\{19F5658D-92E8-4A08-8657-D38ABB1574B2}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.11.19 22:44:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.19 22:44:00 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.19 22:44:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.08.20 17:28:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2012.08.20 17:28:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2012.08.20 16:43:53 | 000,118,952 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.08.20 17:31:08 | 000,046,394 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.08.20 17:31:08 | 000,040,326 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.08.20 17:31:08 | 000,310,228 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.08.20 17:31:08 | 000,311,938 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.08.20 17:31:08 | 000,714,754 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.08.20 17:33:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 09:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\wubildr.mbr = "Ubuntu Netbook"

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.21 23:04:01 | 000,000,512 | ---- | M] () MD5=0567C5774700DF289B4EB0B058D28822 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2000.01.01 01:00:00 | 000,021,316 | ---- | M] () -- \ZALOHA\lenka\MOBIL\500 vyzvanecich melodii\Fireworks - Cracker - [MaxT.dk].mp3
[2000.01.01 01:00:00 | 000,021,316 | ---- | M] () -- \ZALOHA\lenka\MOBIL\Tóny\00\sounds\Fireworks - Cracker - [MaxT.dk].mp3

< *keygen* /s >

< *loader* /s >
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2009.04.13 10:06:14 | 000,002,274 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader$1.class
[2012.03.02 22:06:38 | 000,001,342 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader$ChangeBoardWorker.class
[2012.03.02 22:06:41 | 000,001,360 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader$ComponentChange.class
[2012.03.02 22:06:38 | 000,006,471 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader$PanelChangeWorker.class
[2012.03.02 22:06:41 | 000,001,178 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader$Worker.class
[2012.03.02 22:06:38 | 000,010,152 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\AppLoader.class
[2012.03.02 22:06:38 | 000,010,340 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\ClientLoader.class
[2012.03.02 22:06:13 | 000,007,271 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\PropFileLoader.class
[2010.01.15 12:54:20 | 000,002,542 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\StarterClassLoader.class
[2009.04.13 10:06:14 | 000,000,739 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\mod\ClientModLoader.class
[2012.03.02 22:06:40 | 000,002,657 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\tools\ToolLoader.class
[2009.04.27 23:10:16 | 000,001,174 | ---- | M] () -- \Documents and Settings\Eklp\Data aplikací\BSW\de\brettspielwelt\client\vampire\VampireLoader.class
[2009.07.05 05:53:42 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2011.01.15 08:49:48 | 000,002,724 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\IPython\ConfigLoader.pyo
[2011.01.15 08:49:50 | 000,000,678 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\isapi\test\build\bdist.win32\winexe\temp\_win32sysloader.pyo
[2011.01.15 08:49:50 | 000,001,499 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\PyQt4\uic\Loader\loader.pyo
[2009.07.05 05:48:58 | 000,009,216 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\win32\_win32sysloader.pyd
[2011.01.15 08:49:52 | 000,008,723 | R--- | M] () -- \Program Files\Calibre2\Lib\unittest\loader.pyo
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2007.12.05 19:43:28 | 000,011,837 | ---- | M] () -- \Program Files\GTK2-Runtime\bin\gdk-pixbuf-query-loaders.exe
[2007.12.05 19:43:28 | 000,000,042 | ---- | M] () -- \Program Files\GTK2-Runtime\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.11.20 02:33:57 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.11.20 02:34:06 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.07.13 15:14:34 | 000,025,294 | ---- | M] () -- \Program Files\Pidgin\Gtk\bin\gdk-pixbuf-query-loaders.exe
[2012.07.13 15:14:36 | 000,000,543 | ---- | M] () -- \Program Files\Pidgin\Gtk\etc\gtk-2.0\gdk-pixbuf.loaders
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 01:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 01:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2009.10.05 22:28:36 | 000,000,370 | ---- | M] () -- \Program Files\Scribus 1.3.9\share\icons\ResetNode.png

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.01.15 08:49:48 | 000,023,506 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\cssutils-0.9.7b4-py2.7.egg\cssutils\serialize.pyo
[2011.01.15 08:49:48 | 000,006,395 | R--- | M] () -- \Program Files\Calibre2\Lib\site-packages\IPython\kernel\newserialized.pyo
[2011.03.10 00:43:26 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2012.07.06 07:42:34 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2004.08.17 15:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2008.04.14 08:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 19:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2009.01.21 10:12:49 | 000,000,024 | ---- | M] () -- \ZALOHA\users\plocha\bordel\slozky\starehry\worms-plus\Worms +\SERIAL.BAT

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Eklp\Local Settings\Data aplikací\desktop.ini:07a19238af92db80fe9045ca73c7a84e

< End of report >

Re: prosím o preventivní kontrolu

Napsal: 22 srp 2012 05:34
od eklp
OTL Extras logfile created on: 21.8.2012 22:59:18 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Eklp\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,17 Mb Total Physical Memory | 129,96 Mb Available Physical Memory | 12,80% Memory free
2,39 Gb Paging File | 1,49 Gb Available in Paging File | 62,42% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 126,95 Gb Total Space | 25,83 Gb Free Space | 20,35% Space Free | Partition Type: NTFS
Drive E: | 22,09 Gb Total Space | 5,07 Gb Free Space | 22,96% Space Free | Partition Type: NTFS

Computer Name: EKLP-PC | User Name: Eklp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"E:\age\aoe2\age2_x1.exe" = E:\age\aoe2\age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\Pidgin\pidgin.exe" = C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin -- (The Pidgin developer community)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.012.00
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3651C800-6E7A-47E1-AEAD-ACF68509BF8D}" = AMR Converter Pro
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{66FCA9AD-FBF2-428C-83EB-39F6491362D5}" = calibre
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AMR Converter Pro" = AMR Converter Pro
"avast" = avast! Free Antivirus
"Blue Moon_is1" = Blue Moon 1.3.2
"BSW" = BrettspielWelt
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Elantech" = ETD Ware PS/2-x86 7.0.2.5
"Foxit Reader" = Foxit Reader
"GTK2-Runtime" = GTK2-Runtime
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"History Sweeper_is1" = History Sweeper 3.32
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.5.0
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Pepovy šachy_is1" = Pepovy šachy verze 1.2
"Pidgin" = Pidgin
"rajče.net_is1" = rajče verze 58 sestavení 204
"Sankt Petersburg - Das PC-Spiel" = Sankt Petersburg - Das PC-Spiel
"Scribus 1.3.9" = Scribus 1.3.9
"SendToKindle" = Amazon Send to Kindle
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yspahan" = Yspahan
"ZAV1_is1" = ZAV 4.48 (32bit)
"ZAV2_is1" = ZAV 4.48 (32bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1.8.2012 0:55:32 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wordpad.exe, verze 5.1.2600.6010, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 1.8.2012 0:56:04 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1001
Description = Chybný blok 2059054137

Error - 4.8.2012 10:28:54 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 18.0.1025.168, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.8.2012 10:29:54 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1001
Description = Chybný blok -1340182985

Error - 6.8.2012 11:17:09 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.62.0.87, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.8.2012 11:17:49 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1001
Description = Chybný blok -1252729398

Error - 9.8.2012 4:23:06 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 18.0.1025.168, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.8.2012 4:24:55 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1001
Description = Chybný blok -1340182985

Error - 12.8.2012 10:27:57 | Computer Name = EKLP-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace pidgin.exe, verze 2.10.4.0, chybující modul libglib-2.0-0.dll,
verze 2.20.5.0, adresa chyby 0x0001c68a.

Error - 21.8.2012 16:57:04 | Computer Name = EKLP-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.58.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 20.8.2012 11:31:03 | Computer Name = EKLP-PC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 20.8.2012 11:31:03 | Computer Name = EKLP-PC | Source = Service Control Manager | ID = 7034
Description = Služba Sony Ericsson OMSI download service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 20.8.2012 11:32:49 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 20.8.2012 11:32:52 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 0015AFDC248A. Došlo k následující chybě: %%1223. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 20.8.2012 22:27:08 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 20.8.2012 22:28:05 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 21.8.2012 6:31:10 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 21.8.2012 6:32:45 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 21.8.2012 6:33:10 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.

Error - 21.8.2012 11:42:18 | Computer Name = EKLP-PC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.100 pro síťovou kartu se síťovou
adresou 0015AFDC248A byla ukončena.


< End of report >

Re: prosím o preventivní kontrolu

Napsal: 22 srp 2012 08:28
od Márty84
:???: Tohle znate?
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\AutoRun\command - "" = kolemasakar\\\vikikurva.exe





:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:services
AdobeFlashPlayerUpdateSvc
JavaQuickStarterService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://my.daemon-search.com/|http://centrum.cz/firefox"
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
O3 - HKU\S-1-5-21-789336058-1085031214-682003330-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
[2012.08.20 17:31:08 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.20 17:31:08 | 000,310,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.20 17:31:08 | 000,046,394 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.08.20 17:31:08 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.20 02:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eklp\Data aplikací\AVG10
@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Eklp\Local Settings\Data aplikací\desktop.ini:07a19238af92db80fe9045ca73c7a84e
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: prosím o preventivní kontrolu

Napsal: 22 srp 2012 13:30
od eklp
neznám


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Eklp
->Temp folder emptied: 647136 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 291345467 bytes
->Flash cache emptied: 900 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 279,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Eklp
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-789336058-1085031214-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-789336058-1085031214-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1085031214-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Prefs.js: "http://my.daemon-search.com/|http://centrum.cz/firefox" removed from browser.startup.homepage
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Documents and Settings\Eklp\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry value HKEY_USERS\S-1-5-21-789336058-1085031214-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\Documents and Settings\Eklp\Data aplikací\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\Eklp\Data aplikací\AVG10 folder moved successfully.
ADS C:\Documents and Settings\Eklp\Local Settings\Data aplikací\desktop.ini:07a19238af92db80fe9045ca73c7a84e deleted successfully.

OTL by OldTimer - Version 3.2.58.1 log created on 08222012_142552

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: prosím o preventivní kontrolu

Napsal: 23 srp 2012 08:38
od Márty84
Tak si dame jeste jedenou OTL

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\AutoRun\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\explore\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\Install\command - "" = kolemasakar\\\vikikurva.exe
O33 - MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\Shell\open\command - "" = kolemasakar\\\vikikurva.exe
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: prosím o preventivní kontrolu

Napsal: 23 srp 2012 09:00
od eklp
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Eklp
->Temp folder emptied: 588333 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 7688078 bytes
->Flash cache emptied: 343 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1606 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Eklp
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
File kolemasakar\\\vikikurva.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
File kolemasakar\\\vikikurva.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
File kolemasakar\\\vikikurva.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92510ada-f425-11df-adab-c3a8167fb96e}\ not found.
File kolemasakar\\\vikikurva.exe not found.

OTL by OldTimer - Version 3.2.58.1 log created on 08232012_095431

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: prosím o preventivní kontrolu

Napsal: 23 srp 2012 09:03
od Márty84
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete :)
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci :)



:arrow: Az vse provedete, dejte vedet, jak to s pc vypada

Re: prosím o preventivní kontrolu

Napsal: 26 srp 2012 20:09
od eklp
tak to fachá docela dobře moc děkuji ještě bych poprosil o kontrolu stolního pc mám založit nové vlákno nebo stačí tady do toho?

Re: prosím o preventivní kontrolu

Napsal: 27 srp 2012 01:43
od Márty84
Na dalsi pc zalozte nove tema, at se to neplete.

Nemate zac, mejte se :bye:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz