Prosím o kontrolu logů z DDS, RSIT, Gmer
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Owner at 19:37:55 on 2012-10-19
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3519.2652 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\QIP 2012\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/registration-free-antivirus.php
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
mRun: [Alcmtr] ALCMTR.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdat ... 0449189187
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdat ... 0449176656
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{CE2A1F4E-98FA-4C71-BE62-88DD73F41E13} : DHCPNameServer = 10.0.0.138
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\data aplikací\mozilla\firefox\profiles\3if18if1.default\
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-23 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-2-23 355632]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2012-2-23 158552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2012-2-23 91992]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-2-23 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-2-23 44808]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-9-20 1258856]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2011-12-19 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2012-6-5 116056]
S2 gupdate;Služba Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-23 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-2-23 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 114144]
.
=============== Created Last 30 ================
.
2012-10-19 11:14:44 -------- d-----w- c:\documents and settings\owner\data aplikací\NVIDIA
2012-10-19 11:09:13 -------- d-----w- C:\NVIDIA
2012-10-18 21:38:37 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-01 21:11:30 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-10-01 21:11:30 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-10-01 21:11:26 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-10-01 21:11:26 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-10-01 15:10:50 -------- d-----w- C:\Tvorba videa
2012-10-01 15:07:17 -------- d-----w- c:\documents and settings\owner\data aplikací\DVD Flick
2012-10-01 15:05:57 609824 ----a-w- c:\windows\system32\comctl32.ocx
2012-10-01 15:05:57 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-10-01 15:05:57 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-10-01 15:05:57 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2012-10-01 15:05:57 164144 ----a-w- c:\windows\system32\comct232.ocx
2012-10-01 15:05:56 -------- d-----w- c:\program files\DVD Flick
2012-09-20 09:22:04 466944 ----a-w- c:\windows\system32\CapabilityTable.exe
2012-09-20 09:20:19 289792 ----a-w- c:\windows\system32\idecoiins.dll
2012-09-20 09:20:19 159232 ----a-w- c:\windows\system32\fdco_l1036.dll
2012-09-20 09:20:19 159232 ----a-w- c:\windows\system32\fdco_l1034.dll
2012-09-20 09:20:19 159232 ----a-w- c:\windows\system32\fdco_l1031.dll
2012-09-20 09:20:19 158720 ----a-w- c:\windows\system32\fdco_l1046.dll
2012-09-20 09:20:19 158720 ----a-w- c:\windows\system32\fdco_l1040.dll
2012-09-20 09:20:19 156672 ----a-w- c:\windows\system32\fdco_l1042.dll
2012-09-20 09:20:19 156672 ----a-w- c:\windows\system32\fdco_l1041.dll
2012-09-20 09:20:19 155648 ----a-w- c:\windows\system32\fdco_l1028.dll
2012-09-20 09:20:19 155136 ----a-w- c:\windows\system32\fdco_l2052.dll
2012-09-20 09:07:49 -------- d-----w- c:\program files\NVIDIA Corporation
2012-09-20 09:04:44 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-20 08:41:17 -------- d-----w- c:\program files\WhoCrashed
2012-09-20 08:31:20 -------- d-----w- c:\program files\Microsoft AntiSpyware
2012-09-20 08:31:14 -------- d-----w- c:\windows\Downloaded Installations
.
==================== Find3M ====================
.
2012-10-19 11:10:37 1101436 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-10-19 11:10:37 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-10-19 11:10:32 1101436 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-09-23 14:28:00 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-09-23 14:28:00 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-09-23 14:28:00 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-09-23 14:28:00 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 14:28:00 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-09-23 14:28:00 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28:00 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28:00 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-09-23 14:28:00 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-09-23 14:28:00 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 14:28:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-23 13:04:24 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04:12 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04:11 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04:11 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04:11 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-20 09:04:32 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 15:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 19:10:00 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-21 09:13:15 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:12:33 41224 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 19:38:21,68 ===============
Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2012-10-19 19:40:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 29 GB (49%) free of 60 GB
Total RAM: 3519 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:19, on 19.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\QIP 2012\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Programy\Antispyware\RSIT.exe
C:\Program Files\trend micro\Owner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/registration-free-antivirus.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1275210071-1060284298-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.mfcr.cz
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 0449189187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0449176656
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 8765 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job
C:\WINDOWS\tasks\Install_NSS.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... OSJ000&&q="
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\
toolbar@ask.com
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-20 192144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [2012-08-24 1002992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04 1519272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll [2012-05-25 1125256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll [2012-05-25 1125256]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-20 192144]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04 1519272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-05-04 1561768]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-09-23 15512424]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-09-23 1634112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-07-03 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2012-09-23 15512424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2012-09-23 108392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2005-11-10 15473664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TermService"=3
"LmHosts"=2
"mnmsrvc"=3
"Nero BackItUp Scheduler 3"=2
"upnphost"=3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP 2012\qip.exe"="C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-10-19 19:40:57 ----D---- C:\rsit
2012-10-19 19:40:57 ----D---- C:\Program Files\trend micro
2012-10-19 19:39:52 ----D---- C:\Logy
2012-10-19 13:14:44 ----D---- C:\Documents and Settings\Owner\Data aplikací\NVIDIA
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrszht.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrstr.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsth.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrssv.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrssl.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrssk.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsru.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrspt.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrspl.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsno.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsko.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsja.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsit.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrshu.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrshe.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrses.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrseng.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsel.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsde.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsda.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrscs.dll
2012-10-19 13:11:27 ----A---- C:\WINDOWS\system32\nvrsar.dll
2012-10-19 13:09:13 ----D---- C:\NVIDIA
2012-10-18 23:38:37 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-10-18 23:38:37 ----A---- C:\WINDOWS\system32\javaw.exe
2012-10-18 23:38:37 ----A---- C:\WINDOWS\system32\java.exe
2012-10-01 23:11:30 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2012-10-01 23:11:26 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-10-01 23:10:56 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2012-10-01 23:10:51 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2012-10-01 23:10:49 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2012-10-01 23:10:46 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2012-10-01 23:10:43 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2012-10-01 23:10:41 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2012-10-01 23:10:39 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2012-10-01 23:10:29 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-10-01 23:10:17 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2012-10-01 23:10:06 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-10-01 17:10:50 ----D---- C:\Tvorba videa
2012-10-01 17:07:17 ----D---- C:\Documents and Settings\Owner\Data aplikací\DVD Flick
2012-10-01 17:05:57 ----A---- C:\WINDOWS\system32\ssubtmr6.dll
2012-10-01 17:05:56 ----D---- C:\Program Files\DVD Flick
2012-09-20 11:22:04 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\idecoiins.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
2012-09-20 11:20:19 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
2012-09-20 11:09:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-09-20 11:09:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-09-20 11:08:55 ----D---- C:\temp
2012-09-20 11:08:54 ----A---- C:\WINDOWS\system32\OpenCL.dll
2012-09-20 11:08:43 ----D---- C:\Program Files\Ask.com
2012-09-20 11:08:04 ----A---- C:\WINDOWS\system32\nvopencl.dll
2012-09-20 11:08:04 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll
2012-09-20 11:08:03 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2012-09-20 11:08:03 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2012-09-20 11:08:03 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2012-09-20 11:08:03 ----A---- C:\WINDOWS\system32\nvcuda.dll
2012-09-20 11:08:03 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2012-09-20 11:07:49 ----D---- C:\Program Files\NVIDIA Corporation
2012-09-20 11:04:53 ----D---- C:\Program Files\Common Files\Java
2012-09-20 11:04:44 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-09-20 10:41:17 ----D---- C:\Program Files\WhoCrashed
2012-09-20 10:31:20 ----D---- C:\Program Files\Microsoft AntiSpyware
2012-09-20 10:31:14 ----D---- C:\WINDOWS\Downloaded Installations
======List of files/folders modified in the last 1 month======
2012-10-19 19:40:57 ----RD---- C:\Program Files
2012-10-19 19:40:24 ----D---- C:\WINDOWS\Temp
2012-10-19 19:39:28 ----D---- C:\Stahovani
2012-10-19 15:59:28 ----A---- C:\WINDOWS\WINCMD.INI
2012-10-19 15:47:58 ----A---- C:\WINDOWS\NeroDigital.ini
2012-10-19 15:02:54 ----D---- C:\Program Files\Mozilla Thunderbird
2012-10-19 13:14:23 ----D---- C:\WINDOWS
2012-10-19 13:13:08 ----D---- C:\WINDOWS\system32
2012-10-19 13:11:58 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-19 13:11:28 ----D---- C:\WINDOWS\Help
2012-10-19 13:10:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-19 13:10:14 ----D---- C:\WINDOWS\system32\drivers
2012-10-19 13:10:08 ----HD---- C:\WINDOWS\inf
2012-10-19 13:10:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-19 13:02:34 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-19 13:00:21 ----SHD---- C:\WINDOWS\Installer
2012-10-18 23:38:37 ----D---- C:\Program Files\Java
2012-10-18 23:38:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-01 23:15:46 ----D---- C:\Documents and Settings\Owner\Data aplikací\Skype
2012-10-01 15:05:31 ----D---- C:\Program Files\Mozilla Firefox
2012-10-01 14:15:14 ----D---- C:\WINDOWS\Minidump
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2012-09-23 16:28:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2012-09-23 15:04:24 ----A---- C:\WINDOWS\system32\nvwddi.dll
2012-09-23 15:04:12 ----A---- C:\WINDOWS\system32\nvcpl.dll
2012-09-23 15:04:11 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2012-09-23 15:04:11 ----A---- C:\WINDOWS\system32\nvmctray.dll
2012-09-23 15:04:11 ----A---- C:\WINDOWS\system32\nvcolor.exe
2012-09-20 22:34:21 ----D---- C:\WINDOWS\nview
2012-09-20 11:09:26 ----D---- C:\Documents and Settings
2012-09-20 11:08:44 ----SD---- C:\WINDOWS\Tasks
2012-09-20 11:04:53 ----RD---- C:\Program Files\Common Files
2012-09-20 11:04:32 ----A---- C:\WINDOWS\system32\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2012-06-05 158552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 91992]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-10 4064256]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-09-23 12557728]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 116056]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mbr;mbr; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-08-22 73728]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-07-03 131072]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-09-23 164200]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-09-23 1258856]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-23 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-23 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
-----------------EOF-----------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-10-19 20:46:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000062 WDC_WD2500KS-00MJB0 rev.02.01C03
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pgtdypow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA7DA8932]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA7DA879D]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA7E29966]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Logy z DDS, RSIT, Gmer - prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Tady:
# AdwCleaner v2.005 - Logfile created 10/19/2012 at 21:08:56
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - MARTIN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\Owner\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Owner\Data aplikací\pdfforge
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\YouTube Downloader Toolbar
Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Search Settings
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\Software\Search Settings
Key Found : HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [6706 octets] - [19/10/2012 21:07:57]
AdwCleaner[R2].txt - [6637 octets] - [19/10/2012 21:08:56]
########## EOF - C:\AdwCleaner[R2].txt - [6697 octets] ##########
# AdwCleaner v2.005 - Logfile created 10/19/2012 at 21:08:56
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - MARTIN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\Owner\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Owner\Data aplikací\pdfforge
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\YouTube Downloader Toolbar
Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Search Settings
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\Software\Search Settings
Key Found : HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [6706 octets] - [19/10/2012 21:07:57]
AdwCleaner[R2].txt - [6637 octets] - [19/10/2012 21:08:56]
########## EOF - C:\AdwCleaner[R2].txt - [6697 octets] ##########
Naposledy upravil(a) vyosek dne 19 říj 2012 20:11, celkem upraveno 1 x.
Důvod: Odstranena citace odpovedi
Důvod: Odstranena citace odpovedi
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Necitujte prosim mou odpoved, jen kliknete na "Odpovedet" Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
# AdwCleaner v2.005 - Logfile created 10/19/2012 at 21:15:17
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - MARTIN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\pdfforge
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\YouTube Downloader Toolbar
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Search Settings
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [6706 octets] - [19/10/2012 21:07:57]
AdwCleaner[R2].txt - [6766 octets] - [19/10/2012 21:08:56]
AdwCleaner[S1].txt - [6523 octets] - [19/10/2012 21:15:17]
########## EOF - C:\AdwCleaner[S1].txt - [6583 octets] ##########
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - MARTIN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\pdfforge
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\YouTube Downloader Toolbar
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Search Settings
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [6706 octets] - [19/10/2012 21:07:57]
AdwCleaner[R2].txt - [6766 octets] - [19/10/2012 21:08:56]
AdwCleaner[S1].txt - [6523 octets] - [19/10/2012 21:15:17]
########## EOF - C:\AdwCleaner[S1].txt - [6583 octets] ##########
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
OTL logfile created on: 19.10.2012 21:29:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,44 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 82,46% Memory free
10,15 Gb Paging File | 9,73 Gb Available in Paging File | 95,88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 29,08 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 28,78 Gb Free Space | 16,51% Space Free | Partition Type: NTFS
Computer Name: MARTIN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.10.19 21:27:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.09.23 16:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.09.08 08:27:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.03 12:32:16 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.19 11:30:12 | 001,819,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12101900\algo.dll
MOD - [2012.09.08 08:27:06 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.23 16:59:42 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.19 19:59:41 | 000,588,672 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\ULAJDNFD.exe -- (ULAJDNFD)
SRV - [2012.10.19 19:43:55 | 000,424,832 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\CJBLDQIY.exe -- (CJBLDQIY)
SRV - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.09.23 16:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.08 08:27:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2007.07.03 12:32:16 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.06.05 16:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012.06.05 16:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012.06.05 16:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012.06.05 16:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011.11.01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.03 12:33:04 | 000,006,912 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006.04.24 11:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006.02.17 05:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.02.17 05:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.11.10 17:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005.08.30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005.08.30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005.08.30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2005.03.09 16:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.01.07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2002.07.17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{389F3C89-F302-4589-8014-B5E3CFAFEB61}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}: "URL" = http://websearch.ask.com/redirect?clien ... 44BC1E1263
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1005\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... OSJ000&&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.22 23:06:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.08 08:27:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.14 15:23:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012.02.25 10:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2012.10.19 21:18:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions
[2012.09.20 11:08:47 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com
[2012.09.20 11:08:47 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\askcom.xml
[2012.09.08 08:26:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.08 08:27:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 14:28:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.16 14:28:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.16 14:28:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.16 14:28:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.16 14:28:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.09.03 12:44:34 | 000,444,144 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15257 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1060284298-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 0449189187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0449176656 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE2A1F4E-98FA-4C71-BE62-88DD73F41E13}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.23 15:03:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.10.19 21:26:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2012.10.19 19:45:58 | 000,904,048 | ---- | C] (F-Secure Corporation) -- C:\Documents and Settings\Owner\Plocha\fsbl.exe
[2012.10.19 19:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.19 19:40:57 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.19 19:39:52 | 000,000,000 | ---D | C] -- C:\Logy
[2012.10.19 19:37:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Nabídka Start\Programy\Nástroje pro správu
[2012.10.19 13:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Data aplikací\NVIDIA
[2012.10.19 13:11:27 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2012.10.19 13:11:27 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2012.10.19 13:11:27 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2012.10.19 13:11:27 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2012.10.19 13:11:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2012.10.19 13:11:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2012.10.19 13:11:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2012.10.19 13:11:27 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2012.10.19 13:11:27 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2012.10.19 13:11:27 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2012.10.19 13:09:13 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.10.19 13:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\NVIDIA Corporation
[2012.10.19 13:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\NVIDIA Corporation
[2012.10.19 13:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\NVIDIA Corporation
[2012.10.19 12:59:55 | 155,576,680 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Owner\Plocha\306.81-desktop-winxp-32bit-international-whql.exe
[2012.10.19 12:57:56 | 043,104,080 | ---- | C] (NVIDIA Corporation ) -- C:\Documents and Settings\Owner\Plocha\5.05.47.00_ntune_winxp_international.exe
[2012.10.18 23:38:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.18 23:38:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.18 23:38:37 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.10.19 21:31:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.19 21:27:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2012.10.19 21:16:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.19 21:16:42 | 000,586,235 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2012.10.19 21:06:42 | 000,538,941 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
[2012.10.19 19:45:43 | 000,904,048 | ---- | M] (F-Secure Corporation) -- C:\Documents and Settings\Owner\Plocha\fsbl.exe
[2012.10.19 15:59:28 | 000,003,906 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2012.10.19 15:47:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.10.19 13:10:37 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.10.19 13:10:37 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.10.19 13:10:32 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.10.19 13:02:34 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\NVIDIA Monitor.lnk
[2012.10.19 13:02:34 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\nTune.lnk
[2012.10.19 12:59:58 | 155,576,680 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Owner\Plocha\306.81-desktop-winxp-32bit-international-whql.exe
[2012.10.19 12:59:12 | 043,104,080 | ---- | M] (NVIDIA Corporation ) -- C:\Documents and Settings\Owner\Plocha\5.05.47.00_ntune_winxp_international.exe
[2012.10.19 12:04:37 | 007,350,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-T3A_3.40_ed1.pdf
[2012.10.19 12:02:21 | 000,816,447 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-TxA_quick_CZ(1).pdf
[2012.10.19 11:40:32 | 000,043,465 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.10.18 23:38:21 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.10.18 23:38:21 | 000,309,990 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.10.18 23:38:21 | 000,046,196 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.10.18 23:38:21 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.10.18 23:26:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.19 21:31:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.19 21:06:40 | 000,538,941 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
[2012.10.19 19:47:09 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\gmer.exe
[2012.10.19 13:10:01 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012.10.19 13:02:34 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\NVIDIA Monitor.lnk
[2012.10.19 13:02:34 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\nTune.lnk
[2012.10.19 12:02:21 | 000,816,447 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-TxA_quick_CZ(1).pdf
[2012.10.19 11:59:43 | 007,350,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-T3A_3.40_ed1.pdf
[2012.10.01 15:00:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\.cnzp_signer_applet.config
[2012.09.20 11:08:28 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.09.20 11:08:27 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.09.20 11:08:27 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.09.20 11:08:03 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.07.21 10:07:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2012.07.21 10:05:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012.07.14 16:26:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Horns
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Horn Section
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Hip Hop
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Helper Scripts
[2012.07.14 15:40:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2012.07.14 15:40:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2012.07.14 15:40:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Internet Services
[2012.07.14 15:40:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Instrument Library
[2012.07.14 15:40:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\HomePageService
[2012.07.14 15:40:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Help
[2012.07.14 15:40:54 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2012.07.14 15:40:54 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\InkjetPrinter
[2012.05.31 09:35:28 | 000,001,375 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.05.15 23:47:50 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.31 10:38:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2012.03.07 22:24:59 | 000,000,579 | ---- | C] () -- C:\WINDOWS\videotoaudio.ini
[2012.03.07 22:24:18 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySatm.dat
[2012.03.04 13:50:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bench32.INI
[2012.03.04 13:28:10 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.03.03 16:44:00 | 000,074,752 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2012.02.26 19:40:49 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2012.02.26 19:40:08 | 000,003,906 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2012.02.23 22:30:49 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Owner\default.pls
[2012.02.23 22:28:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.23 20:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.23 15:49:27 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.02.23 15:25:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.23 15:24:23 | 000,261,432 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.23 15:23:32 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012.02.23 15:23:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.02.23 15:05:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.02.23 15:01:25 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 10:53:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.02.23 15:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.06.22 20:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EAGLE Software
[2012.07.14 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2012.06.10 10:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.23 20:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2012.06.10 10:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.07.14 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2012.03.09 20:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ostatni\Data aplikací\Thunderbird
[2012.03.09 20:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ostatni\Data aplikací\Zoner
[2012.07.15 15:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer
[2012.02.23 16:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer Pro
[2012.09.03 23:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2012.02.26 17:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\InfraRecorder
[2012.07.14 16:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nikon
[2012.06.10 10:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2012.06.10 10:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2012.02.29 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\QIP
[2012.07.21 10:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2012.02.25 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Thunderbird
[2012.02.24 22:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\VitySoft
[2012.03.31 17:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\YouTube Downloader
[2012.02.23 17:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.02.23 15:01:54 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.02.23 15:09:22 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.02.23 15:36:50 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.02.23 21:56:26 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job
[2012.02.23 21:56:26 | 000,001,026 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job
[2012.07.05 09:14:15 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.09.16 14:42:50 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job
[2012.09.20 10:36:19 | 000,000,400 | ---- | C] () -- C:\WINDOWS\Tasks\Install_NSS.job
< >
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.28 20:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Adobe
[2012.07.04 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Ahead
[2012.07.14 16:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ArcSoft
[2012.07.15 15:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer
[2012.02.23 16:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer Pro
[2012.09.03 23:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2012.02.23 22:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\CyberLink
[2012.08.01 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Download Manager
[2012.10.01 17:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DVD Flick
[2012.02.23 16:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ESTSoft
[2012.06.30 08:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Google
[2012.02.23 15:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Identities
[2012.02.26 17:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\InfraRecorder
[2012.02.23 16:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Macromedia
[2012.09.15 19:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Malwarebytes
[2012.07.14 15:59:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Data aplikací\Microsoft
[2012.02.25 10:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla
[2012.02.23 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nero
[2012.07.14 16:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nikon
[2012.06.10 10:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2012.10.19 13:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NVIDIA
[2012.06.10 10:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2012.02.29 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\QIP
[2012.07.21 10:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2012.10.01 23:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Skype
[2012.02.24 22:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Sun
[2012.02.25 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Thunderbird
[2012.02.24 22:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\VitySoft
[2012.03.31 17:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\YouTube Downloader
[2012.02.23 17:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.07.14 15:59:40 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Owner\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.08.22 23:06:12 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.09.16 14:42:50 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job
[2012.04.01 10:45:11 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.01 10:45:11 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job
[2012.04.01 10:45:11 | 000,001,026 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job
[2012.09.20 10:37:42 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.02.23 15:23:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.02.23 15:23:34 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.02.23 15:23:34 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.10.18 23:38:37 | 000,004,078 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.7.0_09-b05.log
[2012.10.19 11:40:32 | 000,043,465 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2012.10.19 13:10:37 | 001,101,436 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb0.bin
[2012.10.19 13:10:32 | 001,101,436 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb1.bin
[2012.10.19 13:10:37 | 000,000,001 | ---- | M] () -- C:\WINDOWS\system32\nvdrssel.bin
[2012.10.19 21:16:42 | 000,586,235 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2012.10.18 23:38:21 | 000,046,196 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.10.18 23:38:21 | 000,040,128 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.10.18 23:38:21 | 000,309,990 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.10.18 23:38:21 | 000,311,740 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.10.18 23:38:21 | 000,714,754 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.10.18 23:26:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007.07.03 12:32:10 | 000,081,920 | ---- | M] (NVIDIA)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.08 08:27:06 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.19 21:31:43 | 000,000,512 | ---- | M] () MD5=DF798B644AE104560693F552165CD4DB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.03.31 16:51:47 | 000,000,001 | ---- | M] () -- \Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.03.31 16:58:17 | 005,633,552 | R--- | M] () -- \Documents and Settings\Owner\Local Settings\Temp\youtubedownloader.rar
[47 \Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> \Documents and Settings\Owner\Local Settings\Temp\*.tmp -> ]
[2012.09.29 09:52:49 | 000,040,101 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\06AYVMJY\loader.cxp[1].js
[2012.09.08 18:55:52 | 000,000,753 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\AdLoader[1].htm
[2012.09.01 14:24:06 | 000,018,349 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\fileuploader.min[1].js
[2012.09.19 09:51:36 | 000,002,971 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\loader[1].gif
[2012.09.29 09:52:50 | 000,111,362 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\Microsoft.Live.Messenger.Services.Loader[1].js
[2012.09.10 16:51:46 | 000,002,883 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\QuickLoader[1].js
[2012.09.08 18:55:52 | 000,105,903 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2FLXX97G\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.09.29 09:52:50 | 000,053,706 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2FLXX97G\Microsoft.Live.SkyDrive.SkyDriveUploaderV2[1].xap
[2012.09.01 14:25:51 | 000,001,652 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\ESRNR266\ajax_loader[1].gif
[2006.07.14 11:39:46 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2006.03.31 16:52:56 | 000,010,752 | ---- | M] () -- \Program Files\ESTsoft\ALSong\asLoader.dll
[2011.07.06 11:55:18 | 000,064,352 | ---- | M] () -- \Program Files\Geeks3D\Benchmarks\FluidMark_1.4.0\PhysXLoader.dll
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2007.04.03 11:05:20 | 000,018,944 | ---- | M] () -- \Program Files\Samsung\Samsung PC Studio 3\CMLoader.dll
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,44 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 82,46% Memory free
10,15 Gb Paging File | 9,73 Gb Available in Paging File | 95,88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 29,08 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 28,78 Gb Free Space | 16,51% Space Free | Partition Type: NTFS
Computer Name: MARTIN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.10.19 21:27:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.09.23 16:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.09.08 08:27:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.03 12:32:16 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.19 11:30:12 | 001,819,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12101900\algo.dll
MOD - [2012.09.08 08:27:06 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.23 16:59:42 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.19 19:59:41 | 000,588,672 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\ULAJDNFD.exe -- (ULAJDNFD)
SRV - [2012.10.19 19:43:55 | 000,424,832 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\CJBLDQIY.exe -- (CJBLDQIY)
SRV - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.09.23 16:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.08 08:27:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2007.07.03 12:32:16 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.06.05 16:33:00 | 000,158,552 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012.06.05 16:33:00 | 000,116,056 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012.06.05 16:33:00 | 000,104,792 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012.06.05 16:33:00 | 000,091,992 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011.11.01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.03 12:33:04 | 000,006,912 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006.04.24 11:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006.02.17 05:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.02.17 05:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.11.10 17:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005.08.30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005.08.30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005.08.30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2005.03.09 16:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.01.07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2002.07.17 09:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{389F3C89-F302-4589-8014-B5E3CFAFEB61}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}: "URL" = http://websearch.ask.com/redirect?clien ... 44BC1E1263
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1005\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... OSJ000&&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.22 23:06:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.08 08:27:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.14 15:23:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012.02.25 10:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2012.10.19 21:18:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions
[2012.09.20 11:08:47 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com
[2012.09.20 11:08:47 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\askcom.xml
[2012.09.08 08:26:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.08 08:27:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 14:28:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.16 14:28:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.16 14:28:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.16 14:28:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.16 14:28:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Owner\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.09.03 12:44:34 | 000,444,144 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15257 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-1060284298-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 0449189187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0449176656 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE2A1F4E-98FA-4C71-BE62-88DD73F41E13}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.23 15:03:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.10.19 21:26:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2012.10.19 19:45:58 | 000,904,048 | ---- | C] (F-Secure Corporation) -- C:\Documents and Settings\Owner\Plocha\fsbl.exe
[2012.10.19 19:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.19 19:40:57 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.19 19:39:52 | 000,000,000 | ---D | C] -- C:\Logy
[2012.10.19 19:37:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Nabídka Start\Programy\Nástroje pro správu
[2012.10.19 13:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Data aplikací\NVIDIA
[2012.10.19 13:11:27 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2012.10.19 13:11:27 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2012.10.19 13:11:27 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2012.10.19 13:11:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2012.10.19 13:11:27 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2012.10.19 13:11:27 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2012.10.19 13:11:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2012.10.19 13:11:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2012.10.19 13:11:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2012.10.19 13:11:27 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2012.10.19 13:11:27 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2012.10.19 13:11:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2012.10.19 13:11:27 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2012.10.19 13:11:27 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2012.10.19 13:11:27 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2012.10.19 13:09:13 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.10.19 13:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\NVIDIA Corporation
[2012.10.19 13:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\NVIDIA Corporation
[2012.10.19 13:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\NVIDIA Corporation
[2012.10.19 12:59:55 | 155,576,680 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Owner\Plocha\306.81-desktop-winxp-32bit-international-whql.exe
[2012.10.19 12:57:56 | 043,104,080 | ---- | C] (NVIDIA Corporation ) -- C:\Documents and Settings\Owner\Plocha\5.05.47.00_ntune_winxp_international.exe
[2012.10.18 23:38:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.18 23:38:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.18 23:38:37 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.10.19 21:31:43 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.19 21:27:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2012.10.19 21:16:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.19 21:16:42 | 000,586,235 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2012.10.19 21:06:42 | 000,538,941 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
[2012.10.19 19:45:43 | 000,904,048 | ---- | M] (F-Secure Corporation) -- C:\Documents and Settings\Owner\Plocha\fsbl.exe
[2012.10.19 15:59:28 | 000,003,906 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2012.10.19 15:47:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.10.19 13:10:37 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.10.19 13:10:37 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.10.19 13:10:32 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.10.19 13:02:34 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\NVIDIA Monitor.lnk
[2012.10.19 13:02:34 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\nTune.lnk
[2012.10.19 12:59:58 | 155,576,680 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Owner\Plocha\306.81-desktop-winxp-32bit-international-whql.exe
[2012.10.19 12:59:12 | 043,104,080 | ---- | M] (NVIDIA Corporation ) -- C:\Documents and Settings\Owner\Plocha\5.05.47.00_ntune_winxp_international.exe
[2012.10.19 12:04:37 | 007,350,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-T3A_3.40_ed1.pdf
[2012.10.19 12:02:21 | 000,816,447 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-TxA_quick_CZ(1).pdf
[2012.10.19 11:40:32 | 000,043,465 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.10.18 23:38:21 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.10.18 23:38:21 | 000,309,990 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.10.18 23:38:21 | 000,046,196 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.10.18 23:38:21 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.10.18 23:26:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.19 21:31:43 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.19 21:06:40 | 000,538,941 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
[2012.10.19 19:47:09 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\gmer.exe
[2012.10.19 13:10:01 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012.10.19 13:02:34 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\NVIDIA Monitor.lnk
[2012.10.19 13:02:34 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\nTune.lnk
[2012.10.19 12:02:21 | 000,816,447 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-TxA_quick_CZ(1).pdf
[2012.10.19 11:59:43 | 007,350,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\P-660HN-T3A_3.40_ed1.pdf
[2012.10.01 15:00:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\.cnzp_signer_applet.config
[2012.09.20 11:08:28 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.09.20 11:08:27 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.09.20 11:08:27 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.09.20 11:08:03 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.07.21 10:07:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2012.07.21 10:05:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012.07.14 16:26:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Horns
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Horn Section
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Hip Hop
[2012.07.14 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Helper Scripts
[2012.07.14 15:40:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2012.07.14 15:40:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2012.07.14 15:40:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Internet Services
[2012.07.14 15:40:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Instrument Library
[2012.07.14 15:40:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\HomePageService
[2012.07.14 15:40:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Help
[2012.07.14 15:40:54 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2012.07.14 15:40:54 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\InkjetPrinter
[2012.05.31 09:35:28 | 000,001,375 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.05.15 23:47:50 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.31 10:38:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2012.03.07 22:24:59 | 000,000,579 | ---- | C] () -- C:\WINDOWS\videotoaudio.ini
[2012.03.07 22:24:18 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySatm.dat
[2012.03.04 13:50:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bench32.INI
[2012.03.04 13:28:10 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.03.03 16:44:00 | 000,074,752 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2012.02.26 19:40:49 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2012.02.26 19:40:08 | 000,003,906 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2012.02.23 22:30:49 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Owner\default.pls
[2012.02.23 22:28:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.23 20:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.23 15:49:27 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.02.23 15:25:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.23 15:24:23 | 000,261,432 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.23 15:23:32 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012.02.23 15:23:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.02.23 15:05:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.02.23 15:01:25 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 10:53:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.02.23 15:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.06.22 20:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EAGLE Software
[2012.07.14 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2012.06.10 10:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.23 20:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2012.06.10 10:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.07.14 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2012.03.09 20:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ostatni\Data aplikací\Thunderbird
[2012.03.09 20:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ostatni\Data aplikací\Zoner
[2012.07.15 15:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer
[2012.02.23 16:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer Pro
[2012.09.03 23:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2012.02.26 17:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\InfraRecorder
[2012.07.14 16:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nikon
[2012.06.10 10:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2012.06.10 10:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2012.02.29 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\QIP
[2012.07.21 10:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2012.02.25 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Thunderbird
[2012.02.24 22:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\VitySoft
[2012.03.31 17:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\YouTube Downloader
[2012.02.23 17:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.02.23 15:01:54 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.02.23 15:09:22 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.02.23 15:36:50 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.02.23 21:56:26 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job
[2012.02.23 21:56:26 | 000,001,026 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job
[2012.07.05 09:14:15 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.09.16 14:42:50 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job
[2012.09.20 10:36:19 | 000,000,400 | ---- | C] () -- C:\WINDOWS\Tasks\Install_NSS.job
< >
< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.02.23 17:24:35 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.02.28 20:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Adobe
[2012.07.04 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Ahead
[2012.07.14 16:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ArcSoft
[2012.07.15 15:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer
[2012.02.23 16:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\BSplayer Pro
[2012.09.03 23:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2012.02.23 22:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\CyberLink
[2012.08.01 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Download Manager
[2012.10.01 17:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DVD Flick
[2012.02.23 16:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ESTSoft
[2012.06.30 08:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Google
[2012.02.23 15:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Identities
[2012.02.26 17:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\InfraRecorder
[2012.02.23 16:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Macromedia
[2012.09.15 19:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Malwarebytes
[2012.07.14 15:59:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Data aplikací\Microsoft
[2012.02.25 10:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla
[2012.02.23 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nero
[2012.07.14 16:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nikon
[2012.06.10 10:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2012.10.19 13:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NVIDIA
[2012.06.10 10:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2012.02.29 16:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\QIP
[2012.07.21 10:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Samsung
[2012.10.01 23:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Skype
[2012.02.24 22:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Sun
[2012.02.25 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Thunderbird
[2012.02.24 22:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\VitySoft
[2012.03.31 17:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\YouTube Downloader
[2012.02.23 17:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.07.14 15:59:40 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Owner\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.08.22 23:06:12 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.09.16 14:42:50 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job
[2012.04.01 10:45:11 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.01 10:45:11 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job
[2012.04.01 10:45:11 | 000,001,026 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job
[2012.09.20 10:37:42 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.02.23 15:23:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.02.23 15:23:34 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.02.23 15:23:34 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.10.18 23:38:37 | 000,004,078 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.7.0_09-b05.log
[2012.10.19 11:40:32 | 000,043,465 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2012.10.19 13:10:37 | 001,101,436 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb0.bin
[2012.10.19 13:10:32 | 001,101,436 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb1.bin
[2012.10.19 13:10:37 | 000,000,001 | ---- | M] () -- C:\WINDOWS\system32\nvdrssel.bin
[2012.10.19 21:16:42 | 000,586,235 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2012.10.18 23:38:21 | 000,046,196 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.10.18 23:38:21 | 000,040,128 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.10.18 23:38:21 | 000,309,990 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.10.18 23:38:21 | 000,311,740 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.10.18 23:38:21 | 000,714,754 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.10.18 23:26:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007.07.03 12:32:10 | 000,081,920 | ---- | M] (NVIDIA)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.08 08:27:06 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.19 21:31:43 | 000,000,512 | ---- | M] () MD5=DF798B644AE104560693F552165CD4DB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.03.31 16:51:47 | 000,000,001 | ---- | M] () -- \Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.03.31 16:58:17 | 005,633,552 | R--- | M] () -- \Documents and Settings\Owner\Local Settings\Temp\youtubedownloader.rar
[47 \Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> \Documents and Settings\Owner\Local Settings\Temp\*.tmp -> ]
[2012.09.29 09:52:49 | 000,040,101 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\06AYVMJY\loader.cxp[1].js
[2012.09.08 18:55:52 | 000,000,753 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\AdLoader[1].htm
[2012.09.01 14:24:06 | 000,018,349 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\fileuploader.min[1].js
[2012.09.19 09:51:36 | 000,002,971 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\loader[1].gif
[2012.09.29 09:52:50 | 000,111,362 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\Microsoft.Live.Messenger.Services.Loader[1].js
[2012.09.10 16:51:46 | 000,002,883 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2BPEQAA2\QuickLoader[1].js
[2012.09.08 18:55:52 | 000,105,903 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2FLXX97G\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.09.29 09:52:50 | 000,053,706 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2FLXX97G\Microsoft.Live.SkyDrive.SkyDriveUploaderV2[1].xap
[2012.09.01 14:25:51 | 000,001,652 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\ESRNR266\ajax_loader[1].gif
[2006.07.14 11:39:46 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 07:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 05:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2006.03.31 16:52:56 | 000,010,752 | ---- | M] () -- \Program Files\ESTsoft\ALSong\asLoader.dll
[2011.07.06 11:55:18 | 000,064,352 | ---- | M] () -- \Program Files\Geeks3D\Benchmarks\FluidMark_1.4.0\PhysXLoader.dll
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2007.04.03 11:05:20 | 000,018,944 | ---- | M] () -- \Program Files\Samsung\Samsung PC Studio 3\CMLoader.dll
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
OTL Extras logfile created on: 19.10.2012 21:29:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,44 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 82,46% Memory free
10,15 Gb Paging File | 9,73 Gb Available in Paging File | 95,88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 29,08 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 28,78 Gb Free Space | 16,51% Space Free | Partition Type: NTFS
Computer Name: MARTIN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\QIP 2012\qip.exe" = C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012 -- (QIP)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe" = C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos. -- (DsNET)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = Geeks3D PhysX FluidMark v1.4.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2AEC19D2-037B-4099-9AE0-267CAD0B522C}" = YouTube Downloader Toolbar v5.8
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{40261D0A-A385-4C1A-A7DE-5F270D9B1029}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91E30405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{D3F9003B-7D17-4317-B61B-0694FF5333F8}" = Oracle VM VirtualBox 4.1.18
"{D642ACC5-F7E9-48F3-A7EE-B49C5447A10E}" = Samsung PC Studio 3
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALSong_is1" = ALSong
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"AVI To MP3 Converter_is1" = AVI To MP3 Converter 1.00
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Cyklotrasy 2.28 bez map" = Cyklotrasy 2.28 bez map
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink_is1" = DVD Shrink 3.2
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v4.60
"Free Create-Burn ISO Image_is1" = Free Create-Burn ISO Image v2.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)
"Mozilla Thunderbird 15.0.1 (x86 cs)" = Mozilla Thunderbird 15.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Editor 2" = PDF Editor 2
"rajče.net_is1" = rajče průvodce verze 1.59.38.253
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WhoCrashed_is1" = WhoCrashed 3.06
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2012" = QIP 2012 4.0.7058
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.5.2012 0:32:21 | Computer Name = MARTIN | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 17.5.2012 0:32:21 | Computer Name = MARTIN | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 3.6.2012 9:15:03 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11406
Description = Product: Microsoft Silverlight -- Error 1406. Could not write value
Version to key \SOFTWARE\Microsoft\Silverlight. System error . Verify that you
have sufficient access to that key, or contact your support personnel.
Error - 8.6.2012 9:04:23 | Computer Name = MARTIN | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 12.6.2012 4:52:35 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace TOTALCMD.EXE, verze 7.0.1.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.6.2012 4:53:26 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.6.2012 4:57:13 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 22.6.2012 9:35:31 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 7.7.2012 6:48:02 | Computer Name = MARTIN | Source = Application Error | ID = 1000
Description = Chybující aplikace powerdvd.exe, verze 6.0.0.2023, chybující modul
ffdshow.ax, verze 1.1.3996.0, adresa chyby 0x0023c8b8.
Error - 7.7.2012 6:49:52 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 18.10.2012 17:27:20 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 5:24:05 | Computer Name = MARTIN | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna PDFCreator název sdílení
PDFCreator.
Error - 19.10.2012 5:24:39 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 5:36:18 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 5:40:27 | Computer Name = MARTIN | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna PDFCreator název sdílení
PDFCreator.
Error - 19.10.2012 5:47:49 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 5:52:40 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 13:31:31 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 14:30:05 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Služba ULAJDNFD byla neočekávaně ukončena. Tento stav nastal již 1krát.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,44 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 82,46% Memory free
10,15 Gb Paging File | 9,73 Gb Available in Paging File | 95,88% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 29,08 Gb Free Space | 49,62% Space Free | Partition Type: NTFS
Drive D: | 174,29 Gb Total Space | 28,78 Gb Free Space | 16,51% Space Free | Partition Type: NTFS
Computer Name: MARTIN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\QIP 2012\qip.exe" = C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012 -- (QIP)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe" = C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos. -- (DsNET)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = Geeks3D PhysX FluidMark v1.4.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2AEC19D2-037B-4099-9AE0-267CAD0B522C}" = YouTube Downloader Toolbar v5.8
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{40261D0A-A385-4C1A-A7DE-5F270D9B1029}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91E30405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{D3F9003B-7D17-4317-B61B-0694FF5333F8}" = Oracle VM VirtualBox 4.1.18
"{D642ACC5-F7E9-48F3-A7EE-B49C5447A10E}" = Samsung PC Studio 3
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALSong_is1" = ALSong
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"AVI To MP3 Converter_is1" = AVI To MP3 Converter 1.00
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Cyklotrasy 2.28 bez map" = Cyklotrasy 2.28 bez map
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink_is1" = DVD Shrink 3.2
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v4.60
"Free Create-Burn ISO Image_is1" = Free Create-Burn ISO Image v2.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)
"Mozilla Thunderbird 15.0.1 (x86 cs)" = Mozilla Thunderbird 15.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Editor 2" = PDF Editor 2
"rajče.net_is1" = rajče průvodce verze 1.59.38.253
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WhoCrashed_is1" = WhoCrashed 3.06
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2012" = QIP 2012 4.0.7058
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.5.2012 0:32:21 | Computer Name = MARTIN | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 17.5.2012 0:32:21 | Computer Name = MARTIN | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 3.6.2012 9:15:03 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11406
Description = Product: Microsoft Silverlight -- Error 1406. Could not write value
Version to key \SOFTWARE\Microsoft\Silverlight. System error . Verify that you
have sufficient access to that key, or contact your support personnel.
Error - 8.6.2012 9:04:23 | Computer Name = MARTIN | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 12.6.2012 4:52:35 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace TOTALCMD.EXE, verze 7.0.1.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.6.2012 4:53:26 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.6.2012 4:57:13 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 22.6.2012 9:35:31 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 7.7.2012 6:48:02 | Computer Name = MARTIN | Source = Application Error | ID = 1000
Description = Chybující aplikace powerdvd.exe, verze 6.0.0.2023, chybující modul
ffdshow.ax, verze 1.1.3996.0, adresa chyby 0x0023c8b8.
Error - 7.7.2012 6:49:52 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 18.10.2012 17:27:20 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 5:24:05 | Computer Name = MARTIN | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna PDFCreator název sdílení
PDFCreator.
Error - 19.10.2012 5:24:39 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 5:36:18 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 5:40:27 | Computer Name = MARTIN | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna PDFCreator název sdílení
PDFCreator.
Error - 19.10.2012 5:47:49 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 5:52:40 | Computer Name = MARTIN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0016E6462B47
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 19.10.2012 13:31:31 | Computer Name = MARTIN | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 19.10.2012 14:30:05 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Služba ULAJDNFD byla neočekávaně ukončena. Tento stav nastal již 1krát.
< End of report >
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2012.10.19 19:59:41 | 000,588,672 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\ULAJDNFD.exe -- (ULAJDNFD) SRV - [2012.10.19 19:43:55 | 000,424,832 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\Owner\Local Settings\Temp\CJBLDQIY.exe -- (CJBLDQIY) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) IE - HKLM\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{389F3C89-F302-4589-8014-B5E3CFAFEB61}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms} IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=4AC27E27-7655-4E63-83C1-2AC6910090C5&apn_sauid=5830EE33-CFBD-4192-9F7C-9044BC1E1263 IE - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=4AC27E27-7655-4E63-83C1-2AC6910090C5&apn_ptnrs=&apn_sauid=5830EE33-CFBD-4192-9F7C-9044BC1E1263&apn_dtid=OSJ000&&q=" [2012.09.20 11:08:47 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com [2012.09.20 11:08:47 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\askcom.xml CHR - default_search_provider: Yahoo! (Enabled) CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms} CHR - default_search_provider: suggest_url = O4 - HKLM..\Run: [] File not found O15 - HKU\S-1-5-21-1275210071-1060284298-839522115-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery) [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2012.08.22 23:06:12 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job [2012.09.16 14:42:50 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job [2012.04.01 10:45:11 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2012.04.01 10:45:11 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job [2012.04.01 10:45:11 | 000,001,026 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job [2012.09.20 10:37:42 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job @Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
All processes killed
========== OTL ==========
Service ULAJDNFD stopped successfully!
Service ULAJDNFD deleted successfully!
C:\Documents and Settings\Owner\Local Settings\Temp\ULAJDNFD.exe moved successfully.
Service CJBLDQIY stopped successfully!
Service CJBLDQIY deleted successfully!
C:\Documents and Settings\Owner\Local Settings\Temp\CJBLDQIY.exe moved successfully.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{389F3C89-F302-4589-8014-B5E3CFAFEB61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{389F3C89-F302-4589-8014-B5E3CFAFEB61}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&ilc=12&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: "http://websearch.ask.com/redirect?clien ... OSJ000&&q=" removed from keyword.URL
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\askcom.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mfcr.cz\ deleted successfully.
C:\WINDOWS\002613_.tmp deleted successfully.
C:\WINDOWS\NV12161236.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV12161236.TMP folder deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI327.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\BIT31.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\BIT34.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\BIT33.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job moved successfully.
C:\WINDOWS\Tasks\Install_NSS.job moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Guest
->Temp folder emptied: 1279 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 8121613 bytes
->Flash cache emptied: 456 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Ostatni
->Temp folder emptied: 532444042 bytes
->Temporary Internet Files folder emptied: 7727937 bytes
->FireFox cache emptied: 217946970 bytes
->Flash cache emptied: 3781 bytes
User: Owner
->Temp folder emptied: 248776191 bytes
->Temporary Internet Files folder emptied: 62122291 bytes
->Java cache emptied: 982084 bytes
->FireFox cache emptied: 84504789 bytes
->Google Chrome cache emptied: 239173255 bytes
->Flash cache emptied: 42313 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 262234 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 157466 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 338,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Ostatni
->Flash cache emptied: 0 bytes
User: Owner
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Guest
User: LocalService
User: NetworkService
User: Ostatni
User: Owner
->Java cache emptied: 0 bytes
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 10192012_215511
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
Service ULAJDNFD stopped successfully!
Service ULAJDNFD deleted successfully!
C:\Documents and Settings\Owner\Local Settings\Temp\ULAJDNFD.exe moved successfully.
Service CJBLDQIY stopped successfully!
Service CJBLDQIY deleted successfully!
C:\Documents and Settings\Owner\Local Settings\Temp\CJBLDQIY.exe moved successfully.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{389F3C89-F302-4589-8014-B5E3CFAFEB61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{389F3C89-F302-4589-8014-B5E3CFAFEB61}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D09F0CD-43FD-4015-84E6-E48441F6B8DD}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A597DB-5D59-41A4-9AC3-2CAA8F650275}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&ilc=12&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: "http://websearch.ask.com/redirect?clien ... OSJ000&&q=" removed from keyword.URL
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\searchplugins\askcom.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1275210071-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mfcr.cz\ deleted successfully.
C:\WINDOWS\002613_.tmp deleted successfully.
C:\WINDOWS\NV12161236.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV12161236.TMP folder deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI327.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\4b9a452ad1f9a97fc5e95c43cd5e6201\BIT31.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9ca91275a29dfbdfec282dbd5a4f80cf\BIT34.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\f1015d3534b5904b81ddc43104f1c60a\BIT33.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cd9408c863df10.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1060284298-839522115-1003UA.job moved successfully.
C:\WINDOWS\Tasks\Install_NSS.job moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Guest
->Temp folder emptied: 1279 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 8121613 bytes
->Flash cache emptied: 456 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Ostatni
->Temp folder emptied: 532444042 bytes
->Temporary Internet Files folder emptied: 7727937 bytes
->FireFox cache emptied: 217946970 bytes
->Flash cache emptied: 3781 bytes
User: Owner
->Temp folder emptied: 248776191 bytes
->Temporary Internet Files folder emptied: 62122291 bytes
->Java cache emptied: 982084 bytes
->FireFox cache emptied: 84504789 bytes
->Google Chrome cache emptied: 239173255 bytes
->Flash cache emptied: 42313 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 262234 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 157466 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 338,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Ostatni
->Flash cache emptied: 0 bytes
User: Owner
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Guest
User: LocalService
User: NetworkService
User: Ostatni
User: Owner
->Java cache emptied: 0 bytes
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 10192012_215511
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe
Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe
Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Na plose vznikne log Rkill.txt ten mi sem vlozte
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 10/19/2012 10:05:20 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t
: : 1 l o c a l h o s t
Program finished at: 10/19/2012 10:05:55 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 10/19/2012 10:05:20 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t
: : 1 l o c a l h o s t
Program finished at: 10/19/2012 10:05:55 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
ComboFix 12-10-19.01 - Owner 19.10.2012 22:10:31.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3519.2912 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NVSVC
-------\Service_NVSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-19 do 2012-10-19 )))))))))))))))))))))))))))))))
.
.
2012-10-19 19:55 . 2012-10-19 19:55 -------- d-----w- C:\_OTL
2012-10-19 19:31 . 2012-10-19 19:31 512 ----a-w- C:\PhysicalMBR.bin
2012-10-19 17:40 . 2012-10-19 18:57 -------- d-----w- C:\rsit
2012-10-19 17:40 . 2012-10-19 17:41 -------- d-----w- c:\program files\trend micro
2012-10-19 17:39 . 2012-10-19 18:30 -------- d-----w- C:\Logy
2012-10-19 11:14 . 2012-10-19 11:14 -------- d-----w- c:\documents and settings\Owner\Data aplikací\NVIDIA
2012-10-19 11:09 . 2012-10-19 11:09 -------- d-----w- C:\NVIDIA
2012-10-19 11:00 . 2012-10-19 11:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\NVIDIA Corporation
2012-10-19 11:00 . 2012-10-19 11:00 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\NVIDIA Corporation
2012-10-18 21:38 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-07 11:46 . 2012-10-07 11:46 -------- d-----w- c:\documents and settings\Ostatni\Local Settings\Data aplikací\AskToolbar
2012-10-01 21:11 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-10-01 21:11 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-10-01 21:11 . 2008-04-13 17:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-10-01 21:11 . 2008-04-13 17:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-10-01 15:10 . 2012-10-01 21:23 -------- d-----w- C:\Tvorba videa
2012-10-01 15:07 . 2012-10-01 15:10 -------- d-----w- c:\documents and settings\Owner\Data aplikací\DVD Flick
2012-10-01 15:05 . 2008-08-31 11:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2012-10-01 15:05 . 2007-08-31 16:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-10-01 15:05 . 2004-03-08 22:00 609824 ----a-w- c:\windows\system32\comctl32.ocx
2012-10-01 15:05 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-10-01 15:05 . 1998-06-23 22:00 164144 ----a-w- c:\windows\system32\comct232.ocx
2012-10-01 15:05 . 2012-10-01 15:06 -------- d-----w- c:\program files\DVD Flick
2012-09-20 09:22 . 2005-09-28 09:10 466944 ----a-w- c:\windows\system32\CapabilityTable.exe
2012-09-20 09:20 . 2006-04-24 09:52 289792 ----a-w- c:\windows\system32\idecoiins.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1034.dll
2012-09-20 09:20 . 2006-02-17 03:27 158720 ----a-w- c:\windows\system32\fdco_l1046.dll
2012-09-20 09:20 . 2006-02-17 03:27 156672 ----a-w- c:\windows\system32\fdco_l1042.dll
2012-09-20 09:20 . 2006-02-17 03:27 156672 ----a-w- c:\windows\system32\fdco_l1041.dll
2012-09-20 09:20 . 2006-02-17 03:27 158720 ----a-w- c:\windows\system32\fdco_l1040.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1031.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1036.dll
2012-09-20 09:20 . 2006-02-17 03:27 155136 ----a-w- c:\windows\system32\fdco_l2052.dll
2012-09-20 09:20 . 2006-02-17 03:27 155648 ----a-w- c:\windows\system32\fdco_l1028.dll
2012-09-20 09:09 . 2012-10-19 10:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2012-09-20 09:09 . 2012-09-20 09:09 -------- d-----w- c:\documents and settings\UpdatusUser
2012-09-20 09:09 . 2012-09-20 09:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-09-20 09:07 . 2012-10-19 11:10 -------- d-----w- c:\program files\NVIDIA Corporation
2012-09-20 09:05 . 2012-09-20 09:05 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\Sun
2012-09-20 09:04 . 2012-09-20 09:04 -------- d-----w- c:\program files\Common Files\Java
2012-09-20 09:04 . 2012-09-20 09:04 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-20 08:41 . 2012-09-21 09:57 -------- d-----w- c:\program files\WhoCrashed
2012-09-20 08:31 . 2012-09-20 08:32 -------- d-----w- c:\program files\Microsoft AntiSpyware
2012-09-20 08:31 . 2012-09-20 08:31 -------- d-----w- c:\windows\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-23 14:28 . 2005-10-17 02:31 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 14:28 . 2005-10-17 02:31 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28 . 2005-10-17 02:31 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28 . 2005-10-17 02:31 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 13:04 . 2005-10-17 02:31 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04 . 2005-10-17 02:31 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04 . 2005-10-17 02:31 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04 . 2005-10-17 02:31 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04 . 2005-10-17 02:31 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-20 09:04 . 2012-02-24 20:03 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 15:04 . 2012-09-15 17:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 09:13 . 2012-02-23 13:36 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-02-23 13:36 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-23 13:36 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-02-23 13:36 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-02-23 13:36 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-02-23 13:36 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-02-23 13:36 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:13 . 2012-02-23 13:36 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-02-23 13:36 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-02-23 13:36 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-08 06:27 . 2012-09-08 06:26 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-09-23 15512424]
"NvMediaCenter"="NvMCTray.dll" [2012-09-23 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-09-23 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2005-01-07 16:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-09-23 13:04 15512424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-09-23 13:04 108392 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2005-12-10 01:06 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2005-11-10 10:14 15473664 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TermService"=3 (0x3)
"LmHosts"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"upnphost"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre7\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\Programy\\Souborove manazery\\Total Commander\\TOTALCMD.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23.2.2012 15:36 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.2.2012 15:36 355632]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [23.2.2012 22:02 158552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [23.2.2012 22:02 91992]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.2.2012 15:36 21256]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [20.9.2012 11:09 1258856]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 13:19 160944]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [19.12.2011 15:12 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [5.6.2012 16:33 116056]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.2.2012 15:36 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [23.2.2012 15:36 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3.5.2012 23:54 114144]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 13:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/registration-free-antivirus.php
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cyklotrasy 2.28 bez map - 0:\program files\Cyklotrasy\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-19 22:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="FB10C1EE3A5DAB05B031D3B45BE31BF16A69C4C20B58FC1BC68E7BA8C348BF044565E002B52D51C194B724281C6EAD516F358B40252D744D8B2C5612E85B9AE91C0B30AE6DB11D4C5B35B56B3FE1CF26A7AB012999ACB9A5BA79D46D9635F8B75F01C7CA7DB6451A440A081814F7F339D5A7317B859E95E13771ACBF5CCAA0C0B17F230185FD2934D247029F67DD30EAFEBB098D0B40F8D7A3BFF3E44C0377EDFA70A4CFA9BCC8B651B66C441137BC2C6BAA5C07CE3FF56C6E472588FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14078EDD5E5BE2F6E6678EDD5E5BE2F6E6679892AC711CD549E8CA0B5D1E198DEAA6363F3DF19B214F6E235F97670F1767CD351A1379C1708E2B53654DCA4BD66A221E9B07AC8BA95BA5F3695A6D3ECB7EFC8A8A87F795C8C78D14535146E74D1AED740F64A1F16982528AAD52AF22A27346853E9D58F7DB9DB0C8BC547172894DAFE7ADB8C41134E140270CFB585D4F4BB695828A988D5A9E0935FBE4C030593C612B008C9E6F17798D8B597825D839ED353199284ABFA83E5F1DE137B72CBD00CF73808BCAD8CEAD2D81DE8C67407DAA76CEB8F395BBDED151CAAFA0F4346C191F7D2285FA5CCEC765535A228305E9B208EC8B90B2F3C9944F0C9C1CA6D9D06CC20846EDF14DBD7251D07CC4F259839A488B2FC3711B6A249D33D44A8F74053F85D3C55D88C275BF60CDE926433701DBECAEB67633ACF483559476EB879CDCBE85A8EC8F2B9784A254223C1A95594D547C5FA539EE645298E20B1569F9B05E7834D07BE459EAAEF4C42A809B9FC008C4D2AAF83A2D449E2E08F2B6CCE5D4C061D59B26E0A820E8F09BC3B6C4AA32065320A19CD10F11A97259AF57C5DD6D73D087DB932B40DE5EB9185355599234CD0AE7D7F3F9C4D378F8BEA465A60B241780B3E6E0105D90EDD24EC1C4BCC9941C5401E6D34F1559C4B575BDC46527E802911E971E7ECF66A8A3227861F7D5E15D841AEA86155A33F9840FE7CB1F81EC3D075CCE4F0CFB52D7F8D0697DB65071B851AF844A3082B73825EE1445917D26064856EB6BEED80C7304E807DB4C65DA84D117D7D12A11FDD4374EB8719F934ECEA04D58DF84740F2BD7CB4839AC577ACA85788EC3B29A6458C3BA4E0150CEE53B3FCF7D0CCBEE9961EDB02A3F70F9F0CCCBCD55371A4A8C7EB293541E4E4CABA6B74549C369FBAFACA2A32C9054B7A1FD6C69DBBC57DE5A39548F4AE0E8C1A81F0267AFCF24E317D6B502D0C1BA0E34840F6D575503A8762CDAB5B75A13F4A5647842266AE883DC5FCC00205B260E173DC1D180F75C11CF2FDBE3250DE2C1B0ECDABAA9C6C64A4EF86E2228DBC0DB77377562140E4410174F524A21EE14189C61CD04B58572BC"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3832)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RunDLL32.exe
.
**************************************************************************
.
Celkový čas: 2012-10-19 22:18:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-19 20:18
.
Před spuštěním: Volných bajtů: 32 551 837 696
Po spuštění: Volných bajtů: 32 414 556 160
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D20D0ED907E421791027AA25AFB72D0D
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3519.2912 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NVSVC
-------\Service_NVSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-19 do 2012-10-19 )))))))))))))))))))))))))))))))
.
.
2012-10-19 19:55 . 2012-10-19 19:55 -------- d-----w- C:\_OTL
2012-10-19 19:31 . 2012-10-19 19:31 512 ----a-w- C:\PhysicalMBR.bin
2012-10-19 17:40 . 2012-10-19 18:57 -------- d-----w- C:\rsit
2012-10-19 17:40 . 2012-10-19 17:41 -------- d-----w- c:\program files\trend micro
2012-10-19 17:39 . 2012-10-19 18:30 -------- d-----w- C:\Logy
2012-10-19 11:14 . 2012-10-19 11:14 -------- d-----w- c:\documents and settings\Owner\Data aplikací\NVIDIA
2012-10-19 11:09 . 2012-10-19 11:09 -------- d-----w- C:\NVIDIA
2012-10-19 11:00 . 2012-10-19 11:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\NVIDIA Corporation
2012-10-19 11:00 . 2012-10-19 11:00 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\NVIDIA Corporation
2012-10-18 21:38 . 2012-09-24 21:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-07 11:46 . 2012-10-07 11:46 -------- d-----w- c:\documents and settings\Ostatni\Local Settings\Data aplikací\AskToolbar
2012-10-01 21:11 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-10-01 21:11 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-10-01 21:11 . 2008-04-13 17:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-10-01 21:11 . 2008-04-13 17:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-10-01 15:10 . 2012-10-01 21:23 -------- d-----w- C:\Tvorba videa
2012-10-01 15:07 . 2012-10-01 15:10 -------- d-----w- c:\documents and settings\Owner\Data aplikací\DVD Flick
2012-10-01 15:05 . 2008-08-31 11:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2012-10-01 15:05 . 2007-08-31 16:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-10-01 15:05 . 2004-03-08 22:00 609824 ----a-w- c:\windows\system32\comctl32.ocx
2012-10-01 15:05 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-10-01 15:05 . 1998-06-23 22:00 164144 ----a-w- c:\windows\system32\comct232.ocx
2012-10-01 15:05 . 2012-10-01 15:06 -------- d-----w- c:\program files\DVD Flick
2012-09-20 09:22 . 2005-09-28 09:10 466944 ----a-w- c:\windows\system32\CapabilityTable.exe
2012-09-20 09:20 . 2006-04-24 09:52 289792 ----a-w- c:\windows\system32\idecoiins.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1034.dll
2012-09-20 09:20 . 2006-02-17 03:27 158720 ----a-w- c:\windows\system32\fdco_l1046.dll
2012-09-20 09:20 . 2006-02-17 03:27 156672 ----a-w- c:\windows\system32\fdco_l1042.dll
2012-09-20 09:20 . 2006-02-17 03:27 156672 ----a-w- c:\windows\system32\fdco_l1041.dll
2012-09-20 09:20 . 2006-02-17 03:27 158720 ----a-w- c:\windows\system32\fdco_l1040.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1031.dll
2012-09-20 09:20 . 2006-02-17 03:27 159232 ----a-w- c:\windows\system32\fdco_l1036.dll
2012-09-20 09:20 . 2006-02-17 03:27 155136 ----a-w- c:\windows\system32\fdco_l2052.dll
2012-09-20 09:20 . 2006-02-17 03:27 155648 ----a-w- c:\windows\system32\fdco_l1028.dll
2012-09-20 09:09 . 2012-10-19 10:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2012-09-20 09:09 . 2012-09-20 09:09 -------- d-----w- c:\documents and settings\UpdatusUser
2012-09-20 09:09 . 2012-09-20 09:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-09-20 09:07 . 2012-10-19 11:10 -------- d-----w- c:\program files\NVIDIA Corporation
2012-09-20 09:05 . 2012-09-20 09:05 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\Sun
2012-09-20 09:04 . 2012-09-20 09:04 -------- d-----w- c:\program files\Common Files\Java
2012-09-20 09:04 . 2012-09-20 09:04 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-20 08:41 . 2012-09-21 09:57 -------- d-----w- c:\program files\WhoCrashed
2012-09-20 08:31 . 2012-09-20 08:32 -------- d-----w- c:\program files\Microsoft AntiSpyware
2012-09-20 08:31 . 2012-09-20 08:31 -------- d-----w- c:\windows\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-23 14:28 . 2005-10-17 02:31 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-09-23 14:28 . 2005-10-17 02:31 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-09-23 14:28 . 2005-10-17 02:31 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-09-23 14:28 . 2005-10-17 02:31 12557728 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-09-23 13:04 . 2005-10-17 02:31 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-09-23 13:04 . 2005-10-17 02:31 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-23 13:04 . 2005-10-17 02:31 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-09-23 13:04 . 2005-10-17 02:31 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-09-23 13:04 . 2005-10-17 02:31 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-09-20 09:04 . 2012-02-24 20:03 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 15:04 . 2012-09-15 17:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 09:13 . 2012-02-23 13:36 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-02-23 13:36 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-23 13:36 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-02-23 13:36 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-02-23 13:36 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-02-23 13:36 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-02-23 13:36 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:13 . 2012-02-23 13:36 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-02-23 13:36 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-02-23 13:36 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-08 06:27 . 2012-09-08 06:26 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-09-23 15512424]
"NvMediaCenter"="NvMCTray.dll" [2012-09-23 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-09-23 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2005-01-07 16:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-09-23 13:04 15512424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-09-23 13:04 108392 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2005-12-10 01:06 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2005-11-10 10:14 15473664 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TermService"=3 (0x3)
"LmHosts"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"upnphost"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre7\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\Programy\\Souborove manazery\\Total Commander\\TOTALCMD.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23.2.2012 15:36 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.2.2012 15:36 355632]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [23.2.2012 22:02 158552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [23.2.2012 22:02 91992]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.2.2012 15:36 21256]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [20.9.2012 11:09 1258856]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 13:19 160944]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [19.12.2011 15:12 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [5.6.2012 16:33 116056]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.2.2012 15:36 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [23.2.2012 15:36 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3.5.2012 23:54 114144]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 13:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/registration-free-antivirus.php
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\3if18if1.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cyklotrasy 2.28 bez map - 0:\program files\Cyklotrasy\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-19 22:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="FB10C1EE3A5DAB05B031D3B45BE31BF16A69C4C20B58FC1BC68E7BA8C348BF044565E002B52D51C194B724281C6EAD516F358B40252D744D8B2C5612E85B9AE91C0B30AE6DB11D4C5B35B56B3FE1CF26A7AB012999ACB9A5BA79D46D9635F8B75F01C7CA7DB6451A440A081814F7F339D5A7317B859E95E13771ACBF5CCAA0C0B17F230185FD2934D247029F67DD30EAFEBB098D0B40F8D7A3BFF3E44C0377EDFA70A4CFA9BCC8B651B66C441137BC2C6BAA5C07CE3FF56C6E472588FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14078EDD5E5BE2F6E6678EDD5E5BE2F6E6679892AC711CD549E8CA0B5D1E198DEAA6363F3DF19B214F6E235F97670F1767CD351A1379C1708E2B53654DCA4BD66A221E9B07AC8BA95BA5F3695A6D3ECB7EFC8A8A87F795C8C78D14535146E74D1AED740F64A1F16982528AAD52AF22A27346853E9D58F7DB9DB0C8BC547172894DAFE7ADB8C41134E140270CFB585D4F4BB695828A988D5A9E0935FBE4C030593C612B008C9E6F17798D8B597825D839ED353199284ABFA83E5F1DE137B72CBD00CF73808BCAD8CEAD2D81DE8C67407DAA76CEB8F395BBDED151CAAFA0F4346C191F7D2285FA5CCEC765535A228305E9B208EC8B90B2F3C9944F0C9C1CA6D9D06CC20846EDF14DBD7251D07CC4F259839A488B2FC3711B6A249D33D44A8F74053F85D3C55D88C275BF60CDE926433701DBECAEB67633ACF483559476EB879CDCBE85A8EC8F2B9784A254223C1A95594D547C5FA539EE645298E20B1569F9B05E7834D07BE459EAAEF4C42A809B9FC008C4D2AAF83A2D449E2E08F2B6CCE5D4C061D59B26E0A820E8F09BC3B6C4AA32065320A19CD10F11A97259AF57C5DD6D73D087DB932B40DE5EB9185355599234CD0AE7D7F3F9C4D378F8BEA465A60B241780B3E6E0105D90EDD24EC1C4BCC9941C5401E6D34F1559C4B575BDC46527E802911E971E7ECF66A8A3227861F7D5E15D841AEA86155A33F9840FE7CB1F81EC3D075CCE4F0CFB52D7F8D0697DB65071B851AF844A3082B73825EE1445917D26064856EB6BEED80C7304E807DB4C65DA84D117D7D12A11FDD4374EB8719F934ECEA04D58DF84740F2BD7CB4839AC577ACA85788EC3B29A6458C3BA4E0150CEE53B3FCF7D0CCBEE9961EDB02A3F70F9F0CCCBCD55371A4A8C7EB293541E4E4CABA6B74549C369FBAFACA2A32C9054B7A1FD6C69DBBC57DE5A39548F4AE0E8C1A81F0267AFCF24E317D6B502D0C1BA0E34840F6D575503A8762CDAB5B75A13F4A5647842266AE883DC5FCC00205B260E173DC1D180F75C11CF2FDBE3250DE2C1B0ECDABAA9C6C64A4EF86E2228DBC0DB77377562140E4410174F524A21EE14189C61CD04B58572BC"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3832)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RunDLL32.exe
.
**************************************************************************
.
Celkový čas: 2012-10-19 22:18:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-19 20:18
.
Před spuštěním: Volných bajtů: 32 551 837 696
Po spuštění: Volných bajtů: 32 414 556 160
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D20D0ED907E421791027AA25AFB72D0D
Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Log vypada OK, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Logy z DDS, RSIT, Gmer - prosím o kontrolu
Dobře, ale mívám i probléme s Modrou Obrazovkou smrti. Dal jsem dotaz do fora, viz: http://forum.viry.cz/viewtopic.php?f=66 ... 6#p1155986.
Ale nikdo se tím nezabývá? Proč?
Jinak MOC DĚKUJI!.
Ale nikdo se tím nezabývá? Proč?
Jinak MOC DĚKUJI!.
Přispějete na provoz fóra?