VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Policia SR

https://forum.viry.cz:443/viewtopic.php?t=131144

Stránka 1 z 2

Policia SR

Napsal: 28 čer 2013 13:35
od H1Tm4N
Dobrý deň, dnes sa na mojom PC prejavil vírus, známy aj ako "vírus Polície." Jediná možná voľba bola spustiť Windows XP v režime MS-DOS. Prikladám log z FRST. Prosím o pomoc a rady pri riešení problému.



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-06-2013
Ran by Administrator (administrator) on 28-06-2013 14:26:04
Running from J:\
Microsoft Windows XP Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Safe Mode (minimal)

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [5074384 2012-10-23] (ESET)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [CTFMON.EXE] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\hfo7je.dat,FG00 [155648 2013-06-28] (Microsoft Corporation)
HKCU\...\Runonce: [_nltide_2] regsvr32 /s /n /i:U shell32 [x]
HKCU\...\Runonce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\Default User\...\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 [x]
HKU\Default User\...\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\Pc\...\Run: [ctfmon.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\hfo7je.dat,FG00 [ 2013-06-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
HKLM SearchScopes: DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKLM - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - DefaultScope value is missing.
BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 172.17.110.6

========================== Services (Whitelisted) =================

S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1329304 2012-10-23] (ESET)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP)
S4 LGScsiCommandService; C:\WINDOWS\system32\LGScsiCommandService.exe [47616 2010-04-12] (Mobile Leader Co.,Ltd.)
S4 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] ()
S4 UserAccess7; C:\WINDOWS\system32\UAService7.exe [126976 2010-02-17] ()
S2 winmgmt; C:\DOCUME~1\ALLUSE~1\DATAAP~1\hfo7je.dat [155648 2013-06-28] (Microsoft Corporation)
S4 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4027840 2007-03-08] (Realtek Semiconductor Corp.)
S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [3266560 2008-08-08] (ATI Technologies Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
S1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [159832 2012-10-08] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [121216 2012-10-08] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [149568 2012-10-08] (ESET)
S3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [40376 2012-10-08] (ESET)
S1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [62512 2012-10-08] (ESET)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.)
S3 mdf16; C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mdf16.sys [18288 2011-12-16] ()
S3 mvd23; C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mvd23.sys [90944 2011-12-16] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [83968 2004-07-09] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
S2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation)
S2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-10-25] (Microsoft Corporation)
S2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-10-25] (Microsoft Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\pfc027.sys [162176 2005-04-08] ()
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [86696 2008-11-04] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [15016 2008-11-04] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [114472 2008-11-04] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [108200 2008-11-04] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [26024 2008-11-04] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104616 2008-11-04] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [109736 2008-11-04] (MCCI Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [10880 2004-07-09] (Microsoft Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [697328 2010-05-02] (Duplex Secure Ltd.)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [14976 2004-07-09] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [18688 2004-07-09] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Pc\LOCALS~1\Temp\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\ACPI.sys 4FE34F1F3126B61FCC6B2043AA8112C9
C:\Windows\System32\Drivers\ACPIEC.sys AFDFF022A01F0B11C776F0860C3B282F
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\Windows\System32\drivers\ALCXWDM.SYS F3E15607BA53249C765E36388B332C2F
C:\Windows\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\Windows\System32\DRIVERS\ati2mtag.sys 365E08750277C7319FBC721EDD377929
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\DRIVERS\CCDECODE.sys FDC06E2ADA8C468EBB161624E03976CF
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys DB5FD2BF5B07DC54BFCB3664FF05BD7C
C:\Windows\System32\drivers\dmio.sys FFF1720AF51171F32F1EAD5CF71F2810
C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\DRIVERS\eamon.sys 63A53BB2A85DD22A5E8D6C5CB6273043
C:\Windows\System32\DRIVERS\ehdrv.sys 4F72DD48A2ED63A57C1210228A472020
C:\Windows\System32\DRIVERS\epfw.sys 0C0C50813FC59C145B604B1DCCFFB377
C:\Windows\System32\DRIVERS\Epfwndis.sys C1A8B6E44DCF250DB6BCCA7B460B9B6B
C:\Windows\System32\DRIVERS\epfwtdi.sys 7859F3E4AA8B9708D05F0DFBB3080721
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\Drivers\Fips.sys AC366695A0796560AA37215AD5762AAF
C:\Windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys 4E664D8541DB4A66B73A24257E322E1F
C:\Windows\System32\DRIVERS\ggflt.sys 007AEA2E06E7CEF7372E40C277163959
C:\Windows\System32\DRIVERS\ggsemc.sys C73DE35960CA75C5AB4AE636B127C64E
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\Windows\System32\DRIVERS\i8042prt.sys C528E27945367191E7BAE364930B6932
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys CC9F8A2D60AED1A51A3AC34C59B987AE
C:\Windows\System32\DRIVERS\kbdclass.sys 1B6162FE7F66B1A71A4B70F941C4AA9B
C:\Windows\System32\DRIVERS\kbdhid.sys 86C8F23616C6C6E5B2776901C17B945B
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mdf16.sys B066B4B2910C670530B63D5E924E8A2B
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 44032B0C6D9954D3FD26438330B99EE7
C:\Windows\System32\DRIVERS\mouclass.sys 4CB582831DBDE63CE43B45D771218374
C:\Windows\System32\DRIVERS\mouhid.sys BB269EBA740737AB749B214D568B6812
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\drivers\MSTEE.sys D5059366B361F0E1124753447AF08AA2
C:\Windows\System32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mvd23.sys 624197EC77BFBDF65CB21DD775E982DA
C:\Windows\System32\Drivers\mvusbews.sys F0CF56D0DD02D33A34998F87541B2A50
C:\Windows\System32\DRIVERS\NABTSFEC.sys AC31B352CE5E92704056D409834BEB74
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\NdisIP.sys ABD7629CF2796250F315C1DD0B6CF7A0
C:\Windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\Windows\System32\DRIVERS\NMnt.sys 1E421A6BCF2203CC61B821ADA9DE878B
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\nwlnkipx.sys 8B8B1BE2DBA4025DA6786C645F77F123
C:\Windows\System32\DRIVERS\nwlnknb.sys 56D34A67C05E94E16377C60609741FF8
C:\Windows\System32\DRIVERS\nwlnkspx.sys C0BB7D1615E1ACBDC99757F6CEAF8CF0
C:\Windows\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\Windows\System32\DRIVERS\pfc027.sys 5489B567CDD6AE216519CACA7CC700E9
C:\Windows\System32\DRIVERS\parport.sys 46F8DB73B4A53E543F8E371DC7C75BAE
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 1FAE19D0457176318BBA4A8795656EBC
C:\Windows\System32\DRIVERS\pci.sys 6CE351D149CB4BEFC702951E471E1730
C:\Windows\System32\DRIVERS\pciide.sys 2DA4EC85E0EA7A45C6B2A05820492D5A
C:\Windows\System32\Drivers\Pcmcia.sys 4FC31E6C19A5CE5198B1ABFF94CAE758
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\processr.sys 7EB15DCE4EC3A0220BD796A15C18186E
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\Drivers\PxHelp20.sys E42E3433DBB4CFFE8FDD91EAB29AEA8E
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\Windows\System32\DRIVERS\redbook.sys 611BFD220305BE3A85AE876EA47D4AA5
C:\Windows\System32\DRIVERS\RTL8139.SYS D507C1400284176573224903819FFDA3
C:\Windows\System32\DRIVERS\s0016bus.sys 59509AD6CBC28F2C73056268985B3E48
C:\Windows\System32\DRIVERS\s0016mdfl.sys B98C3A6F91F4FBA285AF9606A240C6B4
C:\Windows\System32\DRIVERS\s0016mdm.sys 8A83426F4FB7B5212825D9DE76368B1A
C:\Windows\System32\DRIVERS\s0016mgmt.sys 7A78BBA97FEB5E6D24C49E93A3BF7287
C:\Windows\System32\DRIVERS\s0016nd5.sys 34EF7B5F611957B73E7219DD5A222AD1
C:\Windows\System32\DRIVERS\s0016obex.sys 36792935847143E4A3CDA0DC87248487
C:\Windows\System32\DRIVERS\s0016unic.sys 927208754FB27FC3E7A659E77500C5D1
C:\Windows\System32\DRIVERS\s1018bus.sys A4925151F1372A45DD491DA2A43C27B8
C:\Windows\System32\DRIVERS\s1018mdfl.sys DD17284BEB4301AABC6181FD2C78907F
C:\Windows\System32\DRIVERS\s1018mdm.sys AEE74BFE0903C672C2968DFE22DF09B8
C:\Windows\System32\DRIVERS\s1018mgmt.sys FE8F006BB157F1F1B6627C39B640F62D
C:\Windows\System32\DRIVERS\s1018nd5.sys BC12A5DA59D947FC564A72EF6021AAEC
C:\Windows\System32\DRIVERS\s1018obex.sys 80F0597A1CEB93AAF5DB779068DD702C
C:\Windows\System32\DRIVERS\s1018unic.sys 2BA5F7A26FCB975574B0142B5052685E
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys E5B56569A9F79B70314FEDE6C953641E
C:\Windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\Windows\System32\DRIVERS\serial.sys B842729337C9B921615C40D3C1A1AF96
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\DRIVERS\SLIP.sys 1FFC44D6787EC1EA9A2B1440A90FA5C1
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\Drivers\sptd.sys C4BB8A12843D9CBB65F5FF617F389BBD
C:\Windows\System32\DRIVERS\sr.sys 94610C8653635E4459316A0050D55CE7
C:\Windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\Windows\System32\DRIVERS\StreamIP.sys A9F9FD0212E572B84EDB9EB661F6BC04
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\Windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\Windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\Windows\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4
C:\Windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\Drivers\VolSnap.sys 28A4B296B47782173C346E376CB374D1
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\Windows\System32\Drivers\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\Windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\Windows\System32\DRIVERS\WSTCODEC.SYS 233CDD1C06942115802EB7CE6669E099
C:\Windows\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\Windows\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-28 14:25 - 2013-06-28 14:25 - 00000000 ____D C:\FRST
2013-06-28 14:02 - 2013-06-28 14:23 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2013-06-28 14:02 - 2013-06-28 14:02 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-06-28 14:02 - 2011-09-12 09:06 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2013-06-28 14:02 - 2009-12-19 10:53 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2013-06-28 14:02 - 2009-12-19 10:00 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2013-06-28 13:43 - 2013-06-28 13:43 - 00001331 ____A C:\Windows\wmsetup.log
2013-06-21 10:18 - 2013-06-21 10:56 - 00000180 ____A C:\Windows\setupact.log
2013-06-21 10:18 - 2013-06-21 10:18 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 21:45 - 2013-06-25 22:19 - 00009381 ____A C:\Windows\setupapi.log
2013-05-30 20:18 - 2013-05-30 20:22 - 00000000 ____D C:\Program Files\Valve

==================== One Month Modified Files and Folders ========

2013-06-28 14:25 - 2013-06-28 14:25 - 00000000 ____D C:\FRST
2013-06-28 14:23 - 2013-06-28 14:02 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2013-06-28 14:23 - 2009-12-19 10:09 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-06-28 14:19 - 2010-03-02 22:08 - 00000000 __SHD C:\Windows\CSC
2013-06-28 14:19 - 2010-03-01 22:41 - 01537101 ____A C:\Windows\WindowsUpdate.log
2013-06-28 14:19 - 2009-12-19 10:16 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-06-28 14:12 - 2009-12-19 10:16 - 00000062 __ASH C:\Documents and Settings\Pc\Local Settings\desktop.ini
2013-06-28 14:02 - 2013-06-28 14:02 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-06-28 14:02 - 2009-12-19 10:52 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-06-28 13:59 - 2010-06-18 13:43 - 00000051 ____A C:\Windows\wiaservc.log
2013-06-28 13:59 - 2010-04-16 14:03 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-28 13:59 - 2009-12-19 10:16 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-28 13:59 - 2008-07-30 19:17 - 00047604 ___AC C:\Windows\System32\ativvaxx.cap
2013-06-28 13:53 - 2012-10-25 19:56 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:52 - 2010-06-18 13:43 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-28 13:48 - 2011-01-20 19:57 - 00304160 ____A C:\StiImg.dat
2013-06-28 13:43 - 2013-06-28 13:43 - 00001331 ____A C:\Windows\wmsetup.log
2013-06-28 13:17 - 2001-10-25 15:00 - 00002206 ____A C:\Windows\System32\wpa.dbl
2013-06-27 22:53 - 2009-12-19 10:16 - 00032366 ____A C:\Windows\SchedLgU.Txt
2013-06-27 22:53 - 2009-12-19 10:16 - 00000178 ___SH C:\Documents and Settings\Pc\ntuser.ini
2013-06-27 22:53 - 2009-12-19 10:16 - 00000000 ____D C:\Documents and Settings\Pc\Plocha
2013-06-27 22:09 - 2010-04-16 14:03 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-25 22:19 - 2013-06-12 21:45 - 00009381 ____A C:\Windows\setupapi.log
2013-06-21 10:56 - 2013-06-21 10:18 - 00000180 ____A C:\Windows\setupact.log
2013-06-21 10:18 - 2013-06-21 10:18 - 00000000 ____A C:\Windows\setuperr.log
2013-06-12 17:54 - 2012-10-25 19:56 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-12 17:54 - 2011-06-19 12:22 - 00071048 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 11:29 - 2011-08-13 11:48 - 00000000 ____A C:\Windows\MEMORY.DMP
2013-06-05 20:01 - 2009-12-19 10:16 - 00000000 ___RD C:\Documents and Settings\Pc\Dokumenty
2013-05-30 20:23 - 2009-12-19 10:53 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-05-30 20:22 - 2013-05-30 20:18 - 00000000 ____D C:\Program Files\Valve

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 08:52] - [2008-04-14 08:52] - 1034240 ____N (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 08:52] - [2008-04-14 08:52] - 0507904 ____N (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 08:52] - [2008-04-14 08:52] - 0014336 ____N (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 08:52] - [2009-02-09 13:25] - 0111104 ____N (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 08:52] - [2008-04-14 08:52] - 0578560 ____N (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 08:52] - [2008-04-14 08:52] - 0026112 ____N (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 07:42] - [2008-04-14 07:42] - 0052480 ___AC (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Re: Policia SR

Napsal: 28 čer 2013 17:41
od vyosek
Zdravim a pekny vecer preji
Vas log se studuje Obrázek a pracuje se na nem Obrázek.
Prosim o strpeni!Obrázek

Re: Policia SR

Napsal: 28 čer 2013 17:44
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [CTFMON.EXE] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\hfo7je.dat,FG00 [155648 2013-06-28] (Microsoft Corporation)
HKCU\...\Runonce: [_nltide_2] regsvr32 /s /n /i:U shell32 [x]
HKCU\...\Runonce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\Default User\...\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 [x]
HKU\Default User\...\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\Pc\...\Run: [ctfmon.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\hfo7je.dat,FG00 [ 2013-06-28] (Microsoft Corporation)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
HKLM SearchScopes: DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - DefaultScope value is missing.
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value - 
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
S2 winmgmt; C:\DOCUME~1\ALLUSE~1\DATAAP~1\hfo7je.dat [155648 2013-06-28] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Pc\LOCALS~1\Temp\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
C:\DOCUME~1\ALLUSE~1\DATAAP~1\hfo7je.dat
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny log na flashku k FRST
:arrow: Spustte znovu FRST.exe na tom poskozenem PC
  • Kliknete na Fix
  • Probehne oprava a na flash disku se vytvori log Fixlog.txt
:arrow: Pokuste se nastartovat do bezneho rezimu

Re: Policia SR

Napsal: 28 čer 2013 18:10
od H1Tm4N
Pocitac uz bezi v normalnom mode.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-06-2013
Ran by Administrator at 2013-06-28 19:06:53 Run:1
Running from J:\
Boot Mode: Safe Mode (minimal)

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => Value deleted successfully.
HKU\Pc\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe => Value deleted successfully.
Default URLSearchHook was restored successfully .
HKU\Pc\Software\Microsoft\Windows\CurrentVersion\Run\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key deleted successfully.
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCR\PROTOCOLS\Handler\Handler: ipp - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\Handler: msdaipp - No CLSID Value - => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
winmgmt => Service restored successfully.
Abiosdsk => Service deleted successfully.
abp480n5 => Service deleted successfully.
adpu160m => Service deleted successfully.
Aha154x => Service deleted successfully.
aic78u2 => Service deleted successfully.
aic78xx => Service deleted successfully.
AliIde => Service deleted successfully.
amsint => Service deleted successfully.
asc => Service deleted successfully.
asc3350p => Service deleted successfully.
asc3550 => Service deleted successfully.
Atdisk => Service deleted successfully.
catchme => Service deleted successfully.
cd20xrnt => Service deleted successfully.
Changer => Service deleted successfully.
CmdIde => Service deleted successfully.
Cpqarray => Service deleted successfully.
dac2w2k => Service deleted successfully.
dac960nt => Service deleted successfully.
dpti2o => Service deleted successfully.
hpn => Service deleted successfully.
i2omgmt => Service deleted successfully.
i2omp => Service deleted successfully.
ini910u => Service deleted successfully.
IntelIde => Service deleted successfully.
lbrtfdc => Service deleted successfully.
mraid35x => Service deleted successfully.
PCIDump => Service deleted successfully.
PDCOMP => Service deleted successfully.
PDFRAME => Service deleted successfully.
PDRELI => Service deleted successfully.
PDRFRAME => Service deleted successfully.
perc2 => Service deleted successfully.
perc2hib => Service deleted successfully.
ql1080 => Service deleted successfully.
Ql10wnt => Service deleted successfully.
ql12160 => Service deleted successfully.
ql1240 => Service deleted successfully.
ql1280 => Service deleted successfully.
Simbad => Service deleted successfully.
Sparrow => Service deleted successfully.
symc810 => Service deleted successfully.
symc8xx => Service deleted successfully.
sym_hi => Service deleted successfully.
sym_u3 => Service deleted successfully.
TosIde => Service deleted successfully.
ultra => Service deleted successfully.
ViaIde => Service deleted successfully.
WDICA => Service deleted successfully.
C:\DOCUME~1\ALLUSE~1\DATAAP~1\hfo7je.dat => Moved successfully.

==== End of Fixlog ====

Re: Policia SR

Napsal: 28 čer 2013 19:27
od vyosek
:arrow: Poprosim tedy o log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Re: Policia SR

Napsal: 29 čer 2013 18:13
od H1Tm4N
Logfile of random's system information tool 1.09 (written by random/random)
Run by Pc at 2013-06-29 19:03:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (14%) free of 38 GB
Total RAM: 2303 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:05, on 29. 6. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17115)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
J:\RSIT.exe
C:\Program Files\trend micro\Pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fesicomp.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: msconfig.lnk
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6179 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default

prefs.js - "browser.startup.homepage" - "http://google.sk/"
prefs.js - "extensions.enabledItems" - "{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {2f17f610-5e97-4fed-828f-9940b7b577a4}:5.0.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.22"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?src=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{2f17f610-5e97-4fed-828f-9940b7b577a4}

C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\
conduit.xml
qipsearch.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-05-10 68680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-23 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-10-23 5074384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTrackingLEDM]
C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UserAccess7"=2
"STI Simulator"=2
"ose"=3
"OMSI download service"=2
"odserv"=3
"Microsoft Office Groove Audit Service"=3
"LGScsiCommandService"=2
"JavaQuickStarterService"=2
"idsvc"=3
"IDriverT"=3
"HPSIService"=2
"gupdatem"=3
"gupdate"=2
"Ati HotKey Poller"=2
"Adobe LM Service"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-08 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Documents and Settings\Pc\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\Pc\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\Program Files\Sierra\Empire Earth II\EE2.exe"="C:\Program Files\Sierra\Empire Earth II\EE2.exe:*:Enabled:Empire Earth II"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"I:\Stronghold Crusader\Stronghold Crusader.exe"="I:\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Westwood\RA2\GAME.EXE"="C:\Westwood\RA2\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.tscc"=tsccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.X264"=x264vfw.dll
"VIDC.VP70"=vp7vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2013-06-29 19:03:28 ----D---- C:\rsit
2013-06-28 14:25:51 ----D---- C:\FRST
2013-06-28 13:57:05 ----A---- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.js
2013-06-28 13:56:18 ----A---- C:\WINDOWS\ntbtlog.txt
2013-06-28 13:41:43 ----A---- C:\Documents and Settings\All Users\Data aplikací\as98213.txt
2013-06-28 13:41:22 ----A---- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
2013-05-30 20:18:59 ----D---- C:\Program Files\Valve

======List of files/folders modified in the last 1 month======

2013-06-29 19:03:45 ----D---- C:\Program Files\trend micro
2013-06-29 19:03:31 ----D---- C:\WINDOWS\Prefetch
2013-06-29 19:02:04 ----D---- C:\WINDOWS\temp
2013-06-28 19:11:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-28 14:27:13 ----D---- C:\WINDOWS
2013-06-28 14:19:41 ----SHD---- C:\WINDOWS\CSC
2013-06-28 14:02:09 ----D---- C:\Documents and Settings
2013-06-22 11:01:14 ----D---- C:\Documents and Settings\Pc\Data aplikací\Skype
2013-06-21 10:26:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-06-21 10:26:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-06-18 22:03:48 ----D---- C:\Documents and Settings\Pc\Data aplikací\vlc
2013-06-12 17:54:29 ----D---- C:\WINDOWS\system32
2013-06-12 17:54:21 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-10 13:54:08 ----SHD---- C:\WINDOWS\Installer
2013-06-09 09:04:30 ----D---- C:\Documents and Settings\Pc\Data aplikací\Winamp
2013-05-30 21:55:30 ----D---- C:\Documents and Settings\Pc\Data aplikací\Media Player Classic
2013-05-30 20:18:59 ----D---- C:\Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-02 697328]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-10-08 159832]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-10-08 62512]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-08 3266560]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-10-08 40376]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 as75w55h;as75w55h; C:\WINDOWS\system32\drivers\as75w55h.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-07-08 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-07-08 25512]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 mdf16;mdf16; \??\C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mdf16.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 mvd23;mvd23; \??\C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mvd23.sys []
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2009-12-04 17408]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108200]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-10-23 1329304]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2009-12-04 99896]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-24 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-08 573440]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-23 153376]
S4 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S4 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-02-17 126976]

-----------------EOF-----------------






# AdwCleaner v2.303 - Log vytvooen 29/06/2013 v 19:09:05
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Pc - KOMUNITA
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Pc\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Pc\Data aplikací\dvdvideosoftiehelpers
Složka Nalezeno : C:\Program Files\Common Files\ParetoLogic
Soubor Nalezeno : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\Conduit.xml
Soubor Nalezeno : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\SweetIm.xml

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klíe Nalezeno : HKU\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKU\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.6000.17115

[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\prefs.js

Nalezeno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");

-\\ Google Chrome v13.0.782.220

Soubor : C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\Pc\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [2812 octets] - [29/06/2013 19:09:05]

########## EOF - C:\AdwCleaner[R1].txt - [2872 octets] ##########

Re: Policia SR

Napsal: 29 čer 2013 18:42
od vyosek
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Smazat
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Re: Policia SR

Napsal: 29 čer 2013 18:54
od H1Tm4N
# AdwCleaner v2.303 - Log vytvooen 29/06/2013 v 19:43:55
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Pc - KOMUNITA
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Pc\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Pc\Data aplikací\dvdvideosoftiehelpers
Složka Vymazáno : C:\Program Files\Common Files\ParetoLogic
Soubor Vymazáno : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\Conduit.xml
Soubor Vymazáno : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\SweetIm.xml

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.6000.17115

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\prefs.js

Vymazáno : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");

-\\ Google Chrome v13.0.782.220

Soubor : C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\Pc\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [2941 octets] - [29/06/2013 19:09:05]
AdwCleaner[S1].txt - [2632 octets] - [29/06/2013 19:43:55]

########## EOF - C:\AdwCleaner[S1].txt - [2692 octets] ##########

Re: Policia SR

Napsal: 29 čer 2013 18:58
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: Policia SR

Napsal: 29 čer 2013 19:35
od H1Tm4N
OTL logfile created on: 29. 6. 2013 20:05:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,25 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 75,16% Memory free
3,22 Gb Paging File | 2,83 Gb Available in Paging File | 87,67% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 5,55 Gb Free Space | 14,91% Space Free | Partition Type: NTFS
Drive D: | 14,32 Gb Total Space | 1,21 Gb Free Space | 8,42% Space Free | Partition Type: FAT32
Drive J: | 3,73 Gb Total Space | 1,15 Gb Free Space | 30,94% Space Free | Partition Type: FAT32

Computer Name: KOMUNITA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.06.29 20:03:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pc\Plocha\OTL.exe
PRC - [2012.10.23 18:38:32 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe
PRC - [2012.10.23 18:38:22 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe
PRC - [2009.12.04 08:49:40 | 000,099,896 | R--- | M] (HP) -- C:\WINDOWS\system32\HPSIsvc.exe
PRC - [2009.10.15 11:13:50 | 000,136,192 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.17 06:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


========== Modules (No Company Name) ==========

MOD - [2013.01.09 22:16:03 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll
MOD - [2013.01.09 22:15:41 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll
MOD - [2013.01.09 22:15:27 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013.01.09 22:13:27 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
MOD - [2013.01.09 21:20:14 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.09 21:17:04 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.09 21:16:20 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013.01.09 21:14:51 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.12.17 21:51:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009.12.04 01:05:29 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\mvusbews.dll
MOD - [2009.11.20 14:42:08 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPM1210PP.dll
MOD - [2009.11.20 13:42:08 | 000,163,840 | ---- | M] () -- C:\WINDOWS\system32\HPM1210LM.DLL
MOD - [2009.10.15 11:13:48 | 000,964,096 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
MOD - [2009.10.15 11:13:46 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\HPTools.dll


========== Services (SafeList) ==========

SRV - [2013.06.12 17:54:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.07 16:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.23 18:38:32 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2010.02.17 16:33:31 | 000,126,976 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7)
SRV - [2009.12.04 08:49:40 | 000,099,896 | R--- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService)
SRV - [2009.10.15 11:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2005.01.14 10:32:38 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ashvpex4)
DRV - [2012.10.08 09:21:08 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2012.10.08 09:21:08 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.10.08 09:21:08 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2012.10.08 09:21:08 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2012.10.08 09:21:06 | 000,159,832 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011.12.16 20:51:49 | 000,090,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mvd23.sys -- (mvd23)
DRV - [2011.12.16 20:51:49 | 000,018,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\Temp\mdf16.sys -- (mdf16)
DRV - [2010.07.08 11:52:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.07.08 11:52:17 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.05.02 19:35:17 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.04 01:05:26 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mvusbews.sys -- (mvusbews)
DRV - [2008.11.04 03:45:46 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2008.11.04 03:45:46 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2008.11.04 03:45:46 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008.11.04 03:45:44 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008.11.04 03:45:44 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2008.11.04 03:45:44 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2008.11.04 03:45:44 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.08.08 18:30:42 | 003,266,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.05.16 05:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008.05.16 05:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008.05.16 05:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 05:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 05:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 05:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 05:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.04.14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2008.01.09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.03.08 15:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.04.08 11:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2001.10.25 15:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.25 15:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.fesicomp.sk/
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://google.sk/"
FF - prefs.js..extensions.enabledAddons: %7B2f17f610-5e97-4fed-828f-9940b7b577a4%7D:18.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {2f17f610-5e97-4fed-828f-9940b7b577a4}:5.0.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Pc\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Pc\Data aplikací\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.18 23:06:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.06.10 13:53:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.11.05 15:21:16 | 000,000,000 | ---D | M]

[2009.12.19 14:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions
[2013.03.18 23:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\extensions
[2011.03.24 22:00:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.03.18 23:06:36 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
[2009.12.21 19:33:09 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\qipsearch.xml
[2013.03.18 23:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PC\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\3JQHH5GS.DEFAULT\EXTENSIONS\{2F17F610-5E97-4FED-828F-9940B7B577A4}
[2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.05.23 16:50:24 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013.03.07 20:59:09 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.07 20:59:09 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.07 20:59:09 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.07 20:59:09 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.07 20:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Pc\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.220\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Pc\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.220\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Pc\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.220\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Pc\Data aplikac\u00ED\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Pc\Data aplikac\u00ED\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Yulia Brodskaya = C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko\2_0\
CHR - Extension: Yulia Brodskaya = C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko\2_0\

O1 HOSTS File: ([2010.03.03 16:59:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 172.17.110.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{762B8C82-B2A3-4239-ABFA-4531490669D2}: DhcpNameServer = 192.168.1.1 172.17.110.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE7A31C0-AB44-4F45-AAB0-6E4CDB55F0C8}: DhcpNameServer = 172.17.110.7 172.17.110.6
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.06.29 20:03:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pc\Plocha\OTL.exe
[2013.06.29 19:03:28 | 000,000,000 | ---D | C] -- C:\rsit
[2013.06.28 14:25:51 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.28 13:41:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe

========== Files - Modified Within 7 Days ==========

[2013.06.29 20:10:27 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.29 20:10:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.29 20:03:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pc\Plocha\OTL.exe
[2013.06.29 19:53:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.29 19:47:09 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.29 19:47:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.29 19:47:01 | 000,047,604 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013.06.29 19:01:38 | 000,648,201 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\adwcleaner.exe
[2013.06.28 14:02:35 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad
[2013.06.28 13:48:40 | 000,304,160 | ---- | M] () -- C:\StiImg.dat
[2013.06.28 13:41:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.06.28 13:17:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.06.26 20:11:22 | 000,001,408 | ---- | M] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.06.26 20:10:01 | 000,115,200 | ---- | M] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2013.06.29 20:10:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.29 19:01:47 | 000,648,201 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\adwcleaner.exe
[2013.06.28 13:57:05 | 000,003,075 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.js
[2013.06.28 13:41:30 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad
[2013.05.12 15:39:17 | 000,159,256 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.02.21 15:26:17 | 004,078,592 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2013.02.21 15:26:17 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013.02.21 15:26:17 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013.02.21 15:26:04 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012.02.15 11:54:02 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.12 18:41:59 | 000,028,190 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\SRDownloader.err
[2011.10.22 10:30:21 | 000,001,408 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\SRDownloader.nast
[2011.08.13 12:11:49 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.08.13 12:11:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.08.13 12:11:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.08.13 12:11:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.08.13 12:11:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.08.13 11:59:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.07.03 13:01:17 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\HPM1210LM.DLL
[2011.07.03 13:01:12 | 000,167,936 | R--- | C] () -- C:\WINDOWS\System32\m1130wia.dll
[2009.12.23 13:13:36 | 000,115,200 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.12.19 15:01:45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.01.09 18:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.08.31 22:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.07.19 12:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.21 19:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
[2012.11.05 15:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.07.02 17:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NCH Swift Sound
[2011.10.11 21:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\nD01300FiOkO01300
[2010.04.09 16:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{E434619C-846F-4697-8739-15F436DE9B2F}
[2012.03.17 09:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\.minecraft
[2010.01.09 18:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Ashampoo
[2013.03.23 22:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Audacity
[2012.05.28 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Azureus
[2013.04.04 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\BSplayer
[2009.12.21 19:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\BSplayer Pro
[2011.07.03 13:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Command and Conquer 3 Kanes Wrath
[2011.01.15 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\COWON
[2012.12.23 14:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DAEMON Tools Lite
[2012.05.28 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DAEMON Tools Pro
[2012.03.17 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DC++
[2011.08.18 17:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DVDVideoSoft
[2012.09.20 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\ESET
[2010.04.09 16:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Fighters
[2011.06.30 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\GameRanger
[2012.07.25 21:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\HLSW
[2010.02.02 20:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\ICQ
[2012.11.05 15:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\InterTrust
[2010.12.06 16:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\NCH Swift Sound
[2009.12.21 19:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Opera
[2013.02.17 23:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Sierra
[2013.03.21 22:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Sony
[2010.06.03 13:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\UDC Profiles
[2013.04.29 20:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\uTorrent
[2012.07.25 22:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.12.19 10:03:28 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.19 10:16:02 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.04.16 14:03:48 | 000,000,912 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.04.16 14:03:49 | 000,000,916 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.07.02 17:45:11 | 000,000,292 | ---- | C] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2012.10.25 19:56:45 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.03.17 09:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\.minecraft
[2013.03.15 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Adobe
[2010.01.09 18:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Ashampoo
[2009.12.21 19:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\ATI
[2013.03.23 22:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Audacity
[2012.05.28 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Azureus
[2013.04.04 16:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\BSplayer
[2009.12.21 19:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\BSplayer Pro
[2011.07.03 13:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Command and Conquer 3 Kanes Wrath
[2011.01.15 16:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\COWON
[2012.12.23 14:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DAEMON Tools Lite
[2012.05.28 10:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DAEMON Tools Pro
[2012.03.17 09:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DC++
[2012.02.04 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DivX
[2012.10.23 20:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\dvdcss
[2011.08.18 17:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\DVDVideoSoft
[2012.09.20 14:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\ESET
[2010.04.09 16:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Fighters
[2011.06.30 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\GameRanger
[2010.04.16 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Google
[2010.07.19 15:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Hamachi
[2012.07.25 21:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\HLSW
[2010.02.02 20:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\ICQ
[2009.12.19 10:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Identities
[2012.11.05 15:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\InterTrust
[2012.01.07 15:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Macromedia
[2013.05.30 21:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Media Player Classic
[2013.03.15 17:24:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pc\Data aplikací\Microsoft
[2011.08.11 11:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla
[2010.12.06 16:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\NCH Swift Sound
[2009.12.21 19:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Opera
[2010.02.07 15:09:23 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Pc\Data aplikací\SecuROM
[2013.02.17 23:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Sierra
[2013.06.22 11:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Skype
[2013.03.21 22:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Sony
[2010.05.23 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Sun
[2010.06.03 13:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\UDC Profiles
[2013.04.29 20:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\uTorrent
[2013.06.18 22:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\vlc
[2013.06.09 09:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Winamp
[2009.12.21 19:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\WinRAR
[2012.07.25 22:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2011.01.24 13:32:20 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\Pc\Data aplikací\Azureus\plugins\mlab\ShaperProbeC.exe
[2007.08.18 10:54:02 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 10:53:50 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 18:26:54 | 000,036,396 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 12:51:06 | 000,691,717 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\FFDShow\unins000.exe
[2008.03.29 18:42:00 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 18:42:02 | 000,335,872 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 18:41:54 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 10:11:02 | 000,041,412 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2012.07.28 16:52:54 | 001,421,024 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Pc\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2010.05.07 17:54:28 | 006,984,280 | ---- | M] (ZONER software ) -- C:\Documents and Settings\Pc\Data aplikací\Zoner\NLMDB\product.0032\autoupdate.us\ZPS12_Update_Build08.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.06.29 19:53:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2011.07.09 17:51:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2013.06.29 19:47:09 | 000,000,912 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.29 20:10:27 | 000,000,916 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.02 19:35:17 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.12.19 10:51:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.19 10:51:04 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.19 10:51:04 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.06.29 19:47:01 | 000,047,604 | ---- | M] () -- C:\WINDOWS\system32\ativvaxx.cap
[2013.06.28 13:17:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.03.07 16:29:07 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=BF2F2717C13A4BD4FD73F2788534E86B -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.11.01 01:07:10 | 000,643,104 | ---- | M] (Microsoft Corporation) MD5=F77E696991FED3B92E09AC0CE91E9BCA -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.02.15 20:09:58 | 000,879,456 | ---- | M] (Opera Software) MD5=2ABD166EC31BE154D8CBEEC5D7F5714C -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.29 20:10:03 | 000,000,512 | ---- | M] () MD5=87CD0A5FB1EDCC60551C1931C02F830F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.12.07 21:31:03 | 009,108,706 | ---- | M] () -- \Documents and Settings\Pc\Plocha\Juraj\Hudba\La4 - Gyzmo (2010)\04-LA4 - Něco jako klid_Crack (feat. James Cole).mp3

< *keygen* /s >
[2012.11.10 14:14:49 | 000,000,101 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fkeygenjukebox.com%2Ffavicon.png

< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2013.05.20 19:50:22 | 000,028,190 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Data aplikací\SRDownloader.err
[2013.06.26 20:11:22 | 000,001,408 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Data aplikací\SRDownloader.nast
[2012.11.07 22:48:07 | 000,000,484 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fmeta.filesmelt.com%2Fdownloader.php%3Ffile=disneyfuck.png
[2013.06.22 10:04:04 | 000,109,448 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\X0PE08IU\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.06.22 10:04:00 | 000,001,511 | ---- | M] () -- \Documents and Settings\Pc\Local Settings\Temporary Internet Files\Content.IE5\X0PE08IU\AdLoader[1].htm
[2012.12.20 22:58:28 | 000,905,728 | ---- | M] () -- \Documents and Settings\Pc\Plocha\SRDownloader.exe
[2005.03.24 13:51:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2005.03.16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2003.09.26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2013.06.26 19:06:58 | 000,025,208 | ---- | M] () -- \WINDOWS\Prefetch\SRDOWNLOADER.EXE-12215557.pf
[2002.12.12 01:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2007.04.30 16:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< End of report >

Re: Policia SR

Napsal: 29 čer 2013 19:36
od H1Tm4N
OTL Extras logfile created on: 29. 6. 2013 20:05:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,25 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 75,16% Memory free
3,22 Gb Paging File | 2,83 Gb Available in Paging File | 87,67% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 5,55 Gb Free Space | 14,91% Space Free | Partition Type: NTFS
Drive D: | 14,32 Gb Total Space | 1,21 Gb Free Space | 8,42% Space Free | Partition Type: FAT32
Drive J: | 3,73 Gb Total Space | 1,15 Gb Free Space | 30,94% Space Free | Partition Type: FAT32

Computer Name: KOMUNITA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5909:TCP" = 5909:TCP:*:Enabled:rmalxtap
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager
"C:\Documents and Settings\Pc\Data aplikací\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\Pc\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies)
"C:\Program Files\Sierra\Empire Earth II\EE2.exe" = C:\Program Files\Sierra\Empire Earth II\EE2.exe:*:Enabled:Empire Earth II -- (Mad Doc Software)
"C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"C:\Program Files\Warcraft III\War3.exe" = C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III
"C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Pc\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\DC++\DCPlusPlus.exe" = C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- ()
"I:\Stronghold Crusader\Stronghold Crusader.exe" = I:\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader
"C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application
"C:\Westwood\RA2\GAME.EXE" = C:\Westwood\RA2\GAME.EXE:*:Enabled:Main executable for Red Alert 2
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{063D85D6-748B-8D65-C871-10D62248B605}" = ccc-utility
"{08223707-D0AD-4128-99FE-A52B3B82A155}" = D.Signer/XAdES Xml plugin v1.1.0.0
"{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GF112
"{08A778CE-64DE-A6DE-E4AE-B96D953A681D}" = Catalyst Control Center Localization Hungarian
"{0E016201-150D-4360-4BB6-1A16BB02202C}" = ccc-core-preinstall
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{125DA5F3-53A4-4A06-2675-8EE2699A1069}" = Catalyst Control Center Localization Danish
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{199ECBFB-F130-820C-AFAA-13CCB2A79913}" = CCC Help Dutch
"{19DE8E36-8717-1F10-C42D-03754422D213}" = CCC Help Hungarian
"{1FE1B619-EEC8-2426-5E2E-EA3CB16F21CC}" = Catalyst Control Center Localization Polish
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{236F055F-408B-C066-F2B1-E67A4BBFDD5E}" = Catalyst Control Center Localization French
"{23A71503-870B-AC94-B3B5-1A908698AFB2}" = CCC Help Portuguese
"{2487FBE2-3A7F-4E48-98D5-57A0AD824BF7}" = D.Signer/XAdES v1.1.0.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{279F0A9F-680F-1BC3-9C35-8D896225D07D}" = CCC Help Chinese Standard
"{32D95336-A5EC-4136-43AC-701A9AD93C5B}" = CCC Help Polish
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351DF03A-897D-483A-8A2E-1320CD62DF75}" = CCC Help Norwegian
"{368969BA-5454-2DB0-D1D9-EE6C3CB6CCE7}" = CCC Help Turkish
"{38B4E17E-2B60-44C0-CBC2-A8175242020C}" = Catalyst Control Center Localization Swedish
"{39FEE16F-1061-A6FF-6A5E-3A7B62763B8B}" = CCC Help Spanish
"{3BA1D803-6A6E-D1F4-2494-3FDCAE6152D9}" = CCC Help Russian
"{41D01008-74B9-F8AC-35F6-957DE7EC8317}" = Catalyst Control Center Localization Chinese Standard
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{44588B17-50EE-280B-E29C-A230133D1DA6}" = Catalyst Control Center Localization Thai
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4893A35F-0A23-48EC-8E74-24969244D6F2}" = Catalyst Control Center - Branding
"{4CB9992E-1D43-25D6-59FE-B9E0BBDB94F1}" = CCC Help Chinese Traditional
"{4D530E4F-4AB1-C4C1-9238-2FE5CDC303D8}" = Skins
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{57FB1C7C-4B7B-7E0F-CE2A-956C0AD62D82}" = CCC Help English
"{5AEDDCB4-FEFB-B16A-AE49-62828162E79E}" = Catalyst Control Center Localization Finnish
"{65301B54-9907-5938-1A17-DFDDFF329C40}" = CCC Help Thai
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76692AD1-8DB5-446F-966C-D0B761EF7A6F}" = ESET Smart Security
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{81FDECA1-ECD0-91FA-5294-E06CA64B09AD}" = CCC Help Danish
"{8512F95E-EA10-382E-A469-7E43515D16BD}" = CCC Help Czech
"{861933B4-4F4C-C41C-8200-2DA18DEFD45F}" = CCC Help French
"{878B7F6C-497F-EF0E-63FC-88D4C475C555}" = Catalyst Control Center Localization Italian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B617724-3E01-A435-0CF7-85E221B7A60F}" = Catalyst Control Center Localization Korean
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISE_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_ENTERPRISE_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A00214AB-FB9A-96F1-FFB1-EE0D0CB746FC}" = CCC Help Finnish
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4B3E302-3341-50C8-1F32-8DE8B0477CEC}" = Catalyst Control Center Localization Chinese Traditional
"{A561E5B7-33AD-ED26-EDF4-52CD4206A18D}" = Catalyst Control Center Graphics Full Existing
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{AFF0F439-11A0-320F-9C5C-2E66CB511CD3}" = CCC Help Swedish
"{B17B8396-51F1-CD2D-5271-03A2CF20C83B}" = ccc-core-static
"{B689905E-EC31-7F51-3144-F65D385E4152}" = CCC Help Japanese
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BF339E29-98F8-99AA-251D-4F169F6E56DF}" = CCC Help Korean
"{C05CCFB8-1380-AFC1-2471-7418B6B0424E}" = Catalyst Control Center Core Implementation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C61842C5-C56C-DBE6-C95B-D09F089B831F}" = Catalyst Control Center Graphics Light
"{C8DC2553-9204-6982-9477-6EEE33CABACB}" = Catalyst Control Center Localization Russian
"{CA6F57A0-4342-C9D3-B3DE-B9CD0302D397}" = CCC Help German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0364322-3DE2-055A-C9EE-8D2BE3A73283}" = CCC Help Italian
"{D128EFF3-196C-68DE-00DA-0F0BF05E89A3}" = Catalyst Control Center Graphics Full New
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D501519F-ECAD-C2EB-C52C-65F6E3563A9F}" = CCC Help Greek
"{D6EB7A5D-0B7C-9A82-A889-47288A250535}" = Catalyst Control Center Localization Greek
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DD456291-3D65-7FD4-7560-1DDF4A515061}" = Catalyst Control Center Localization Turkish
"{DE9001C2-1A92-FF1B-2F4F-382B78AAB4AD}" = Catalyst Control Center Localization Japanese
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Plus VX
"{E0C81260-6F6A-EB31-55C9-BB693A177895}" = Catalyst Control Center Localization Portuguese
"{E1FE06CF-269B-C7EF-B1B3-128FA05033BD}" = Catalyst Control Center Localization Dutch
"{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1" = Texas Hold'em Poker 3D - Deluxe Edition 1.0
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB604EAD-F57C-0128-68D1-7CBC0DD9B375}" = Catalyst Control Center Localization Norwegian
"{F321C553-E5E1-0A37-4EE9-F78EA9107257}" = Catalyst Control Center Localization Czech
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE0A1DF3-B487-9E9B-3B1E-4061E680A5AC}" = Catalyst Control Center Localization German
"{FEF21047-4413-FE40-9A09-C8C7143894FD}" = Catalyst Control Center Localization Spanish
"Adam pre Windows" = Adam pre Windows
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.12
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DC++" = DC++ 0.761
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpressBurn" = Express Burn Disc Burning Software
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"InstallShield_{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GF112
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.6.0
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.14.1738" = Opera 12.14
"ShockwaveFlash" = Macromedia Flash Player 8
"Switch" = Switch Sound File Converter
"Totalcmd" = Total Commander (Remove or Repair)
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.10 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13. 6. 2013 9:11:41 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17. 6. 2013 12:49:01 | Computer Name = KOMUNITA | Source = Application Error | ID = 1000
Description = Chybující aplikace ekrn.exe, verze 6.0.302.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x08c7d06a.

Error - 18. 6. 2013 7:11:06 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 6. 2013 7:11:06 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 6. 2013 7:11:08 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 6. 2013 7:13:28 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace googleearth.exe, verze 7.0.3.8542, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 6. 2013 12:29:02 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18. 6. 2013 16:05:53 | Computer Name = KOMUNITA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.5.0.1017, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19. 6. 2013 10:40:30 | Computer Name = KOMUNITA | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll,
verze 10.3.183.7, adresa chyby 0x003e5107.

Error - 21. 6. 2013 10:30:31 | Computer Name = KOMUNITA | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll,
verze 10.3.183.7, adresa chyby 0x003a48b8.

[ OSession Events ]
Error - 19. 4. 2010 6:52:21 | Computer Name = HOME- | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 2924 seconds with 1380 seconds of active time. This session ended with a
crash.

Error - 26. 6. 2011 4:53:16 | Computer Name = KOMUNITA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 44 seconds with 0 seconds of active time. This session ended with a crash.

Error - 16. 11. 2011 9:32:52 | Computer Name = KOMUNITA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 54 seconds with 0 seconds of active time. This session ended with a crash.

Error - 5. 3. 2012 12:17:01 | Computer Name = KOMUNITA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 28. 6. 2013 8:24:02 | Computer Name = KOMUNITA | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 28. 6. 2013 8:24:10 | Computer Name = KOMUNITA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 28. 6. 2013 8:24:12 | Computer Name = KOMUNITA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 28. 6. 2013 8:26:34 | Computer Name = KOMUNITA | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 28. 6. 2013 8:27:44 | Computer Name = KOMUNITA | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 28. 6. 2013 8:28:14 | Computer Name = KOMUNITA | Source = DCOM | ID = 10010
Description = Server {8BC3F05E-D86B-11D0-A075-00C04FB68820} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 28. 6. 2013 8:29:28 | Computer Name = KOMUNITA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 28. 6. 2013 13:06:13 | Computer Name = KOMUNITA | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 28. 6. 2013 13:06:19 | Computer Name = KOMUNITA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 28. 6. 2013 13:07:09 | Computer Name = KOMUNITA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

Re: Policia SR

Napsal: 29 čer 2013 21:42
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ashvpex4)
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2000478354-507921405-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PC\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\3JQHH5GS.DEFAULT\EXTENSIONS\{2F17F610-5E97-4FED-828F-9940B7B577A4}
[2009.12.21 19:33:09 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\qipsearch.xml
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll File not found
[2013.06.28 13:41:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.06.28 14:02:35 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad
[2013.06.28 13:48:40 | 000,304,160 | ---- | M] () -- C:\StiImg.dat
[2013.06.28 13:57:05 | 000,003,075 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.js
[2013.06.28 13:41:30 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad
[2011.08.13 11:59:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.12.23 13:13:36 | 000,115,200 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[2013.06.29 19:53:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2011.07.09 17:51:02 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2013.06.29 19:47:09 | 000,000,912 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.29 20:10:27 | 000,000,916 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Policia SR

Napsal: 30 čer 2013 08:24
od H1Tm4N
All processes killed
========== OTL ==========
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys not found.
Error: No service named ashvpex4 was found to stop!
Service\Driver key ashvpex4 not found.
Registry value HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2000478354-507921405-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3jqhh5gs.default\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.
Invalid CLSID key: _nltide_2
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.
Invalid CLSID key: _nltide_2
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\.spop\ deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\rundll32.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad moved successfully.
C:\StiImg.dat moved successfully.
File C:\Documents and Settings\All Users\Data aplikací\ej7ofh.js not found.
File C:\Documents and Settings\All Users\Data aplikací\ej7ofh.pad not found.
C:\WINDOWS\system32\d3d9caps.dat moved successfully.
C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1064.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP106B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1997.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A2A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP263.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP364.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46A.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP61B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP808.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP898.tmp folder deleted successfully.
C:\WINDOWS\CSC\csc1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6D91.tmp deleted successfully.
C:\WINDOWS\temp\htt9B.tmp deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\expressburnShakeIcon.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: Pc
->Temp folder emptied: 107105994 bytes
->Temporary Internet Files folder emptied: 5785878 bytes
->Java cache emptied: 772480 bytes
->FireFox cache emptied: 146831320 bytes
->Google Chrome cache emptied: 222087643 bytes
->Opera cache emptied: 60871029 bytes
->Flash cache emptied: 24055 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7632 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 408669681 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 908,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pc
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pc
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06302013_091522

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Policia SR

Napsal: 30 čer 2013 08:35
od vyosek
Fajn, jak se chova PC :???:

Re: Policia SR

Napsal: 30 čer 2013 08:37
od H1Tm4N
PC je v poriadku. Beží poznateľne rýchlejšie. Ďakujem veľmi pekne za pomoc! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz