Zdravim potreboval bych to zkontrolovat PC,nejak se mi porad vraci jeden a ten samy malware hned jak po zneskodneni Ad-awarem zapnu internet
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kuba at 2010-04-05 17:40:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 361 GB (77%) free of 467 GB
Total RAM: 3327 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:03, on 5.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\vVX1000.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\QIP\qip.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\RSIT.exe
D:\Program Files\trend micro\Kuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] D:\WINDOWS\vVX1000.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 5023 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-07-14 570664]
"VX1000"=D:\WINDOWS\vVX1000.exe [2006-12-06 707360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Garena\Garena.exe"="C:\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\QIP\qip.exe"="D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe"="D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Hry\Left4Dead\hl2.exe"="D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Hry\Left4Dead\left4dead.exe"="D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong"
"C:\torrent\uTorrent.exe"="C:\torrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe"="D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe"="D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe"="D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe"="D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"D:\Program Files\Hry\CoD 5\CoDWaW.exe"="D:\Program Files\Hry\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Hry\CoD 5\CoDWaWmp.exe"="D:\Program Files\Hry\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2010-03-28 12:55:05 ----D---- D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2010-03-19 18:37:58 ----D---- D:\Documents and Settings\All Users\Data aplikací\BioWare
2010-03-19 18:35:57 ----D---- D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
2010-03-14 19:54:27 ----A---- D:\WINDOWS\system32\XAudio2_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\xactengine3_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\D3DCompiler_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx11_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx10_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dcsx_42.dll
2010-03-06 17:11:30 ----D---- D:\WINDOWS\system32\xlive
2010-03-06 17:11:30 ----D---- D:\Program Files\Microsoft Games for Windows - LIVE
======List of files/folders modified in the last 1 months======
2010-04-05 17:41:03 ----D---- D:\WINDOWS\Prefetch
2010-04-05 17:41:00 ----D---- D:\WINDOWS\Temp
2010-04-05 17:40:56 ----D---- D:\Program Files\trend micro
2010-04-05 17:31:47 ----D---- D:\Documents and Settings\Kuba\Data aplikací\Skype
2010-04-05 17:16:48 ----D---- D:\Program Files\Mozilla Firefox
2010-04-05 17:12:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\skypePM
2010-04-05 15:16:53 ----A---- D:\WINDOWS\NeroDigital.ini
2010-04-05 08:44:36 ----D---- D:\WINDOWS\system32\CatRoot2
2010-04-05 08:14:52 ----D---- D:\WINDOWS\system32
2010-04-05 08:14:52 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 08:11:01 ----SD---- D:\WINDOWS\Tasks
2010-04-05 08:10:43 ----D---- D:\WINDOWS
2010-04-05 00:21:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-04-04 22:54:25 ----HD---- D:\Program Files\InstallShield Installation Information
2010-04-04 22:54:22 ----SHD---- D:\WINDOWS\Installer
2010-04-04 22:49:32 ----HD---- D:\WINDOWS\inf
2010-04-04 22:49:21 ----RSD---- D:\WINDOWS\assembly
2010-04-04 22:49:06 ----D---- D:\WINDOWS\system32\DirectX
2010-04-04 22:43:34 ----D---- D:\Program Files\Hry
2010-04-04 22:42:02 ----D---- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
2010-04-04 17:27:06 ----RD---- D:\Program Files
2010-04-03 16:51:08 ----D---- D:\Documents and Settings\Kuba\Data aplikací\vlc
2010-04-01 17:10:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\dvdcss
2010-03-30 17:06:40 ----SD---- D:\Documents and Settings\Kuba\Data aplikací\Microsoft
2010-03-28 12:55:03 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2010-03-28 12:45:14 ----D---- D:\Program Files\Common Files
2010-03-06 17:11:30 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-03-06 16:08:43 ----D---- D:\Program Files\AGEIA Technologies
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AsIO;AsIO; D:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; D:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 a77nmpua;a77nmpua; D:\WINDOWS\system32\drivers\a77nmpua.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 GarenaPEngine;GarenaPEngine; \??\D:\WINDOWS\TEMP\BHL201.tmp []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VX1000;VX-1000; D:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-07-30 73728]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2010-02-05 75064]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1181328]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Preventivka
Zdravím 
Odinstalujte Garenu.
Doporučuji odinstalovat:
C:\torrent\uTorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Doporučuji odinstalovat Ad-Aware.
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
V logu nevidím firewall, doinstalujte 
Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Jsou s PC nějaké problémy 
Odinstalujte Garenu. Doporučuji odinstalovat:C:\torrent\uTorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Doporučuji odinstalovat Ad-Aware. Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523 Jsou s PC nějaké problémy 
Re: Preventivka
mám odinstalovat Ad-aware? to nebudu mít anti-spyware....a garenu uz jsem odinstaloval pred par tydny,nemam zadne slozky z ni nic..nainstaloval jsem si tam ten sunbelt firewall....konkretně jen jeden problem kdy mam zpomaleny internet,někam se třeba nemužu dostat,když to pak projedu ad.warem odstraní to dycky ten malware a pak to zas chvilku běží v poho. tady je nový log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kuba at 2010-04-06 11:16:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 361 GB (77%) free of 467 GB
Total RAM: 3327 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:55, on 6.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\vVX1000.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\RSIT.exe
D:\Program Files\trend micro\Kuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] D:\WINDOWS\vVX1000.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 5138 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-07-14 570664]
"VX1000"=D:\WINDOWS\vVX1000.exe [2006-12-06 707360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Garena\Garena.exe"="C:\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\QIP\qip.exe"="D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe"="D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Hry\Left4Dead\hl2.exe"="D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Hry\Left4Dead\left4dead.exe"="D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong"
"C:\torrent\uTorrent.exe"="C:\torrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe"="D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe"="D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe"="D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe"="D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"D:\Program Files\Hry\CoD 5\CoDWaW.exe"="D:\Program Files\Hry\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Hry\CoD 5\CoDWaWmp.exe"="D:\Program Files\Hry\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-04-06 11:11:44 ----D---- D:\Program Files\Sunbelt Software
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2010-03-28 12:55:05 ----D---- D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2010-03-19 18:37:58 ----D---- D:\Documents and Settings\All Users\Data aplikací\BioWare
2010-03-19 18:35:57 ----D---- D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
2010-03-14 19:54:27 ----A---- D:\WINDOWS\system32\XAudio2_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\xactengine3_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\D3DCompiler_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx11_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx10_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dcsx_42.dll
======List of files/folders modified in the last 1 months======
2010-04-06 11:16:54 ----D---- D:\WINDOWS\Temp
2010-04-06 11:16:54 ----D---- D:\Program Files\trend micro
2010-04-06 11:16:29 ----D---- D:\WINDOWS
2010-04-06 11:14:41 ----D---- D:\WINDOWS\Prefetch
2010-04-06 11:14:09 ----D---- D:\Program Files\Mozilla Firefox
2010-04-06 11:13:48 ----SD---- D:\WINDOWS\Tasks
2010-04-06 11:12:20 ----N---- D:\WINDOWS\SchedLgU.Txt
2010-04-06 11:11:59 ----SHD---- D:\WINDOWS\Installer
2010-04-06 11:11:54 ----HD---- D:\WINDOWS\inf
2010-04-06 11:11:53 ----D---- D:\WINDOWS\system32\drivers
2010-04-06 11:11:52 ----D---- D:\WINDOWS\system32
2010-04-06 11:11:44 ----RD---- D:\Program Files
2010-04-06 08:44:44 ----D---- D:\WINDOWS\system32\CatRoot2
2010-04-06 08:25:11 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 18:06:34 ----D---- D:\Documents and Settings\Kuba\Data aplikací\Skype
2010-04-05 17:12:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\skypePM
2010-04-05 15:16:53 ----A---- D:\WINDOWS\NeroDigital.ini
2010-04-04 22:54:25 ----HD---- D:\Program Files\InstallShield Installation Information
2010-04-04 22:49:34 ----D---- D:\WINDOWS\system32\DirectX
2010-04-04 22:49:21 ----RSD---- D:\WINDOWS\assembly
2010-04-04 22:43:34 ----D---- D:\Program Files\Hry
2010-04-04 22:42:02 ----D---- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
2010-04-03 16:51:08 ----D---- D:\Documents and Settings\Kuba\Data aplikací\vlc
2010-04-01 17:10:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\dvdcss
2010-03-30 17:06:40 ----SD---- D:\Documents and Settings\Kuba\Data aplikací\Microsoft
2010-03-28 12:55:03 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2010-03-28 12:45:14 ----D---- D:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AsIO;AsIO; D:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; D:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; D:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; D:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; D:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ai5akvrf;ai5akvrf; D:\WINDOWS\system32\drivers\ai5akvrf.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 GarenaPEngine;GarenaPEngine; \??\D:\WINDOWS\TEMP\BHL201.tmp []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VX1000;VX-1000; D:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-07-30 73728]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2010-02-05 75064]
R2 SbPF.Launcher;SbPF.Launcher; D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1181328]
S2 SPF4;Sunbelt Personal Firewall 4; D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Kuba at 2010-04-06 11:16:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 361 GB (77%) free of 467 GB
Total RAM: 3327 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:55, on 6.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\vVX1000.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\RSIT.exe
D:\Program Files\trend micro\Kuba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] D:\WINDOWS\vVX1000.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 5138 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
D:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-07-14 570664]
"VX1000"=D:\WINDOWS\vVX1000.exe [2006-12-06 707360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Garena\Garena.exe"="C:\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\QIP\qip.exe"="D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe"="D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Hry\Left4Dead\hl2.exe"="D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Hry\Left4Dead\left4dead.exe"="D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong"
"C:\torrent\uTorrent.exe"="C:\torrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe"="D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe"="D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe"="D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe"="D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"D:\Program Files\Hry\CoD 5\CoDWaW.exe"="D:\Program Files\Hry\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Hry\CoD 5\CoDWaWmp.exe"="D:\Program Files\Hry\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-04-06 11:11:44 ----D---- D:\Program Files\Sunbelt Software
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\wrap_oal.dll
2010-03-28 13:16:17 ----A---- D:\WINDOWS\system32\OpenAL32.dll
2010-03-28 12:55:05 ----D---- D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2010-03-19 18:37:58 ----D---- D:\Documents and Settings\All Users\Data aplikací\BioWare
2010-03-19 18:35:57 ----D---- D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
2010-03-14 19:54:27 ----A---- D:\WINDOWS\system32\XAudio2_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\xactengine3_5.dll
2010-03-14 19:54:26 ----A---- D:\WINDOWS\system32\D3DCompiler_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx11_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dx10_42.dll
2010-03-14 19:54:25 ----A---- D:\WINDOWS\system32\d3dcsx_42.dll
======List of files/folders modified in the last 1 months======
2010-04-06 11:16:54 ----D---- D:\WINDOWS\Temp
2010-04-06 11:16:54 ----D---- D:\Program Files\trend micro
2010-04-06 11:16:29 ----D---- D:\WINDOWS
2010-04-06 11:14:41 ----D---- D:\WINDOWS\Prefetch
2010-04-06 11:14:09 ----D---- D:\Program Files\Mozilla Firefox
2010-04-06 11:13:48 ----SD---- D:\WINDOWS\Tasks
2010-04-06 11:12:20 ----N---- D:\WINDOWS\SchedLgU.Txt
2010-04-06 11:11:59 ----SHD---- D:\WINDOWS\Installer
2010-04-06 11:11:54 ----HD---- D:\WINDOWS\inf
2010-04-06 11:11:53 ----D---- D:\WINDOWS\system32\drivers
2010-04-06 11:11:52 ----D---- D:\WINDOWS\system32
2010-04-06 11:11:44 ----RD---- D:\Program Files
2010-04-06 08:44:44 ----D---- D:\WINDOWS\system32\CatRoot2
2010-04-06 08:25:11 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 18:06:34 ----D---- D:\Documents and Settings\Kuba\Data aplikací\Skype
2010-04-05 17:12:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\skypePM
2010-04-05 15:16:53 ----A---- D:\WINDOWS\NeroDigital.ini
2010-04-04 22:54:25 ----HD---- D:\Program Files\InstallShield Installation Information
2010-04-04 22:49:34 ----D---- D:\WINDOWS\system32\DirectX
2010-04-04 22:49:21 ----RSD---- D:\WINDOWS\assembly
2010-04-04 22:43:34 ----D---- D:\Program Files\Hry
2010-04-04 22:42:02 ----D---- D:\Documents and Settings\Kuba\Data aplikací\uTorrent
2010-04-03 16:51:08 ----D---- D:\Documents and Settings\Kuba\Data aplikací\vlc
2010-04-01 17:10:28 ----D---- D:\Documents and Settings\Kuba\Data aplikací\dvdcss
2010-03-30 17:06:40 ----SD---- D:\Documents and Settings\Kuba\Data aplikací\Microsoft
2010-03-28 12:55:03 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2010-03-28 12:45:14 ----D---- D:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AsIO;AsIO; D:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; D:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; D:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; D:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; D:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ai5akvrf;ai5akvrf; D:\WINDOWS\system32\drivers\ai5akvrf.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 GarenaPEngine;GarenaPEngine; \??\D:\WINDOWS\TEMP\BHL201.tmp []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VX1000;VX-1000; D:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-07-30 73728]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2010-02-05 75064]
R2 SbPF.Launcher;SbPF.Launcher; D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1181328]
S2 SPF4;Sunbelt Personal Firewall 4; D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Preventivka
Avast již antispyware obsahuje, ale můžete ho ponechat.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte program, poté klikněte na Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Preventivka
Tady jsou a chci se zeptat,je možné že mi ten firewall co jsem si nainstaloval absolutně zpomaluje internet?trvá to hodinu než se někam dostanu a kdy ho vypnu už to nedělá.
OTL Extras logfile created on: 7.4.2010 13:42:09 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,55 Gb Free Space | 97,91% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 351,02 Gb Free Space | 76,98% Space Free | Partition Type: NTFS
Drive E: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Garena\Garena.exe" = C:\Garena\Garena.exe:*:Enabled:Garena -- File not found
"D:\Program Files\QIP\qip.exe" = D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe" = D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"D:\Program Files\Hry\Left4Dead\hl2.exe" = D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2 -- File not found
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found
"D:\Program Files\Hry\Left4Dead\left4dead.exe" = D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead -- File not found
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe" = D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong -- ()
"C:\torrent\uTorrent.exe" = C:\torrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe" = D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe" = D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe" = D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH)
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe" = D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2 -- (Ascaron Entertainment GmbH)
"D:\Program Files\Hry\CoD 5\CoDWaW.exe" = D:\Program Files\Hry\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"D:\Program Files\Hry\CoD 5\CoDWaWmp.exe" = D:\Program Files\Hry\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C95D52-2172-B580-CDD3-695DDAA193BC}" = CCC Help English
"{02B232C3-46A6-03C0-EEB6-2F518E329457}" = Catalyst Control Center HydraVision Full
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0EC8FEB1-5F6C-C110-26E3-98688B131C7B}" = Catalyst Control Center Core Implementation
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1C4B921A-724F-742D-A848-87BA42680DCA}" = CCC Help Korean
"{21AA8C0C-0700-0434-A439-95A735A805D0}" = CCC Help Italian
"{234305B0-B206-26E0-263D-D62F89E58493}" = CCC Help Spanish
"{2AEB1EAF-9E1C-4361-8562-5AC7AE6AC177}" = ATI AVIVO Codecs
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{318089B6-063F-5F09-F84E-742AAA512F3B}" = CCC Help Thai
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3794889D-F4E3-C5CD-D3B0-B605D137BD9E}" = CCC Help Polish
"{3C105379-729D-992E-AFF1-3AD9D9CD5847}" = ccc-utility
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F7022C8-0E0B-DD89-0424-4DDBBEAE9662}" = Catalyst Control Center Graphics Full Existing
"{3F80E737-C04B-742F-39CF-16D472780D2F}" = CCC Help Greek
"{4003780A-8579-4701-B397-C76725BB44B1}" = CCC Help Japanese
"{47B02FDB-17F9-A8BE-23C9-B080313DA1BD}" = CCC Help Portuguese
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5192AB64-1154-5D5B-9292-E9DF51AE4759}" = Catalyst Control Center Localization All
"{533EA890-F246-66D0-DBD2-C87078C5991B}" = CCC Help Chinese Standard
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54C1F42B-0BA1-7CB2-F175-C2B69D7FF74E}" = ccc-core-preinstall
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{66B6D13A-9CC1-417D-B6F2-58AA539D1029}" = Nero 7 Essentials
"{6E535222-B704-F8CB-C235-70CB58C362D9}" = CCC Help Swedish
"{70B59829-7C8F-C378-B9F0-78E5C9879224}" = CCC Help Russian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77251F6F-90CB-C80D-D709-701517C6FF36}" = ccc-core-static
"{79A3E128-DE54-2E2A-99F8-37F7872A26FD}" = CCC Help Norwegian
"{7AC64083-A73C-FA07-7BE9-BEFDBDCA393F}" = CCC Help Dutch
"{80D12CA0-52A2-4E50-9379-3B101D53B8BA}" = CCC Help French
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D05DE05-5FC1-6C0C-8DA1-807BE4EE72BB}" = CCC Help Finnish
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A083E0DD-212F-F991-EC8D-673DDD3BD9F5}" = Catalyst Control Center Graphics Light
"{A1AEDF29-CC4F-CB06-227C-ACE1C3F92A8E}" = CCC Help Hungarian
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A409609F-E81D-B613-B7AE-89D28DAAFD26}" = CCC Help Danish
"{ADF62610-0391-4ABA-E67C-8DF8F51F897E}" = CCC Help German
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{BAD68DAA-DA40-3681-996C-7B91959EC9CA}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF7D89CA-6AB3-FD7E-903B-1821EE6453B5}" = CCC Help Chinese Traditional
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8A6B20B-C028-9C52-41BF-CA706A666B45}" = CCC Help Czech
"{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}" = Vietcong & Vietcong: Fist Alpha
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E13FD48B-341E-0A3F-5306-C407E60AB28F}" = CCC Help Turkish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EF714D4E-B503-D848-73DD-2FE18ECA7BFB}" = Catalyst Control Center Graphics Previews Common
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HijackThis" = HijackThis 2.0.2
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Posel Smrti 2_is1" = Posel Smrti 2
"PunkBusterSvc" = PunkBuster Services
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.2.2010 6:19:24 | Computer Name = JAKUB | Source = Steam Client Service | ID = 1
Description =
Error - 14.3.2010 14:10:27 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace bfbc2game.exe, verze 1.0.1.0, chybující modul bfbc2game.exe,
verze 1.0.1.0, adresa chyby 0x01913907.
Error - 14.3.2010 14:10:42 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace bfbc2game.exe, verze 1.0.1.0, chybující modul bfbc2game.exe,
verze 1.0.1.0, adresa chyby 0x01913907.
Error - 16.3.2010 11:25:08 | Computer Name = JAKUB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msiexec.exe, verze 3.1.4001.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.3.2010 12:14:26 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.58, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 16.3.2010 12:42:37 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.59, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 19.3.2010 12:35:58 | Computer Name = JAKUB | Source = MsiInstaller | ID = 1013
Description = Produkt: NVIDIA PhysX -- Installation terminated
Error - 23.3.2010 12:16:17 | Computer Name = JAKUB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DAOrigins.exe, verze 1.1.9363.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 25.3.2010 11:53:25 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.59, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 28.3.2010 6:55:06 | Computer Name = JAKUB | Source = MsiInstaller | ID = 1013
Description = Product: AGEIA PhysX v7.11.13 -- Installation terminated
[ System Events ]
Error - 4.4.2010 11:24:05 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 4.4.2010 11:24:35 | Computer Name = JAKUB | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 5.4.2010 2:10:40 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 2:21:10 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 5:04:40 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 5:05:10 | Computer Name = JAKUB | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 6.4.2010 5:13:26 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 13:06:08 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 7.4.2010 7:36:38 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 7.4.2010 7:40:36 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7034
Description = Služba Sunbelt Personal Firewall 4 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
< End of report >
OTL logfile created on: 7.4.2010 13:42:09 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,55 Gb Free Space | 97,91% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 351,02 Gb Free Space | 76,98% Space Free | Partition Type: NTFS
Drive E: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.07 13:41:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.04 07:56:41 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.12.06 01:38:57 | 000,707,360 | R--- | M] (Microsoft Corporation) -- D:\WINDOWS\vVX1000.exe
========== Modules (SafeList) ==========
MOD - [2010.04.07 13:41:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010.02.04 18:01:33 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Stopped] -- D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.03 19:36:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.23 14:55:23 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.04.29 05:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.01 13:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.11.25 10:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.09.23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.08.08 18:08:10 | 000,143,360 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.12.06 01:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = About:Blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.04.04 07:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.04.04 07:56:55 | 000,000,000 | ---D | M]
[2010.01.19 16:24:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Extensions
[2010.04.06 19:16:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.01.19 20:53:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.04 22:45:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\battlefieldheroespatcher@ea.com
[2010.01.24 16:15:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\DTToolbar@toolbarnet.com
[2010.02.03 19:36:47 | 000,002,059 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\daemon-search.xml
[2010.01.19 16:21:52 | 000,002,061 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qipsearch.xml
[2010.04.07 13:39:10 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010.04.04 07:56:49 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.04 07:56:49 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.04 07:56:49 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.04 07:56:49 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.04 07:56:49 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.01.29 15:55:38 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX1000] D:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.71.150.2 212.71.146.2
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.18 22:34:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - D:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.06 11:16:28 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Kuba\Recent
[2010.04.06 11:11:53 | 000,065,576 | ---- | C] (Sunbelt Software, Inc.) -- D:\WINDOWS\System32\drivers\SbFwIm.sys
[2010.04.06 11:11:52 | 000,270,888 | R--- | C] (Sunbelt Software, Inc.) -- D:\WINDOWS\System32\drivers\SbFw.sys
[2010.04.06 11:11:44 | 000,000,000 | ---D | C] -- D:\Program Files\Sunbelt Software
[2010.04.04 22:54:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Activision
[2010.04.04 17:36:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Dokumenty\BlackMirror2
[2010.04.04 08:44:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\AliensVsPredator
[2010.03.28 13:18:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Ascaron Entertainment
[2010.03.28 13:18:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Dokumenty\Ascaron Entertainment
[2010.03.28 13:16:17 | 000,413,696 | ---- | C] (Creative Labs) -- D:\WINDOWS\System32\wrap_oal.dll
[2010.03.28 13:16:17 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\WINDOWS\System32\OpenAL32.dll
[2010.03.28 12:55:05 | 000,000,000 | ---D | C] -- D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
[2010.03.19 18:37:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.03.19 18:35:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
[2010.03.14 19:54:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAudio2_5.dll
[2010.03.14 19:54:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DCompiler_42.dll
[2010.03.14 19:54:26 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xactengine3_5.dll
[2010.03.14 19:54:25 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dcsx_42.dll
[2010.03.14 19:54:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DX9_42.dll
[2010.03.14 19:54:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx10_42.dll
[2010.03.14 19:54:25 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx11_42.dll
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.07 13:40:50 | 001,020,324 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.07 13:40:50 | 000,432,492 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.04.07 13:40:50 | 000,429,024 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.04.07 13:40:50 | 000,078,052 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.04.07 13:40:50 | 000,067,448 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.04.07 13:38:59 | 000,000,256 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010.04.07 13:37:10 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.07 13:37:10 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010.04.07 13:36:26 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.04.07 13:36:21 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.04.07 13:36:20 | 000,167,952 | ---- | M] () -- D:\WINDOWS\System32\ativvaxx.cap
[2010.04.06 20:21:44 | 004,456,448 | -H-- | M] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.04.06 20:21:44 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.04.06 19:07:21 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010.04.06 15:13:12 | 000,019,456 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.06 08:20:53 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.04.05 17:12:21 | 000,002,283 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.04 22:49:01 | 000,001,403 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Call of Duty - World at War Pro jednoho.lnk
[2010.04.04 17:31:17 | 000,000,805 | ---- | M] () -- D:\Documents and Settings\Kuba\Plocha\Posel Smrti 2.lnk
[2010.04.02 17:45:11 | 000,006,876 | ---- | M] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100402_174439.reg
[2010.03.29 16:41:40 | 000,044,640 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.29 16:41:31 | 000,192,976 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.28 13:16:17 | 000,413,696 | ---- | M] (Creative Labs) -- D:\WINDOWS\System32\wrap_oal.dll
[2010.03.28 13:16:17 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\WINDOWS\System32\OpenAL32.dll
[2010.03.28 13:16:10 | 000,001,854 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Sacred 2 - Fallen Angel.lnk
[2 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.04 22:49:01 | 000,001,403 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Call of Duty - World at War Pro jednoho.lnk
[2010.04.04 17:31:17 | 000,000,805 | ---- | C] () -- D:\Documents and Settings\Kuba\Plocha\Posel Smrti 2.lnk
[2010.04.02 17:44:40 | 000,006,876 | ---- | C] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100402_174439.reg
[2010.03.28 13:16:10 | 000,001,854 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Sacred 2 - Fallen Angel.lnk
[2010.02.21 13:27:24 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\vbzlib1.dll
[2010.02.12 20:25:59 | 000,179,816 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.01.31 17:04:20 | 000,691,696 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys
[2010.01.23 14:29:01 | 000,015,498 | R--- | C] () -- D:\WINDOWS\VX1000.ini
[2010.01.22 19:02:20 | 000,139,456 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.01.22 19:02:20 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Kuba\Data aplikací\PnkBstrK.sys
[2010.01.19 20:51:39 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2010.01.19 20:51:38 | 000,019,456 | ---- | C] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.19 00:05:02 | 000,024,576 | R--- | C] () -- D:\WINDOWS\System32\AsIO.dll
[2010.01.19 00:05:02 | 000,012,400 | R--- | C] () -- D:\WINDOWS\System32\drivers\AsIO.sys
[2010.01.18 23:51:02 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.18 23:50:50 | 000,028,545 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010.01.18 23:50:50 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.18 23:46:14 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2010.01.18 23:38:31 | 000,000,178 | -HS- | C] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.01.18 23:38:30 | 004,456,448 | -H-- | C] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.01.18 23:38:30 | 000,001,024 | -H-- | C] () -- D:\Documents and Settings\Kuba\ntuser.dat.LOG
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- D:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelFrench.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
< End of report >
OTL Extras logfile created on: 7.4.2010 13:42:09 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,55 Gb Free Space | 97,91% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 351,02 Gb Free Space | 76,98% Space Free | Partition Type: NTFS
Drive E: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Garena\Garena.exe" = C:\Garena\Garena.exe:*:Enabled:Garena -- File not found
"D:\Program Files\QIP\qip.exe" = D:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"D:\Program Files\Hry\Warcraft III\Warcraft III.exe" = D:\Program Files\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"D:\Program Files\Hry\Left4Dead\hl2.exe" = D:\Program Files\Hry\Left4Dead\hl2.exe:*:Enabled:hl2 -- File not found
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found
"D:\Program Files\Hry\Left4Dead\left4dead.exe" = D:\Program Files\Hry\Left4Dead\left4dead.exe:*:Enabled:left4dead -- File not found
"D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe" = D:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong -- ()
"C:\torrent\uTorrent.exe" = C:\torrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe" = D:\Program Files\Hry\Battlefield bad company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"D:\Program Files\Hry\CoD2\CoD2MP_s.exe" = D:\Program Files\Hry\CoD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"D:\Program Files\Hry\Sacred 2\system\s2gs.exe" = D:\Program Files\Hry\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH)
"D:\Program Files\Hry\Sacred 2\system\sacred2.exe" = D:\Program Files\Hry\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2 -- (Ascaron Entertainment GmbH)
"D:\Program Files\Hry\CoD 5\CoDWaW.exe" = D:\Program Files\Hry\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"D:\Program Files\Hry\CoD 5\CoDWaWmp.exe" = D:\Program Files\Hry\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C95D52-2172-B580-CDD3-695DDAA193BC}" = CCC Help English
"{02B232C3-46A6-03C0-EEB6-2F518E329457}" = Catalyst Control Center HydraVision Full
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0EC8FEB1-5F6C-C110-26E3-98688B131C7B}" = Catalyst Control Center Core Implementation
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1C4B921A-724F-742D-A848-87BA42680DCA}" = CCC Help Korean
"{21AA8C0C-0700-0434-A439-95A735A805D0}" = CCC Help Italian
"{234305B0-B206-26E0-263D-D62F89E58493}" = CCC Help Spanish
"{2AEB1EAF-9E1C-4361-8562-5AC7AE6AC177}" = ATI AVIVO Codecs
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{318089B6-063F-5F09-F84E-742AAA512F3B}" = CCC Help Thai
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3794889D-F4E3-C5CD-D3B0-B605D137BD9E}" = CCC Help Polish
"{3C105379-729D-992E-AFF1-3AD9D9CD5847}" = ccc-utility
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F7022C8-0E0B-DD89-0424-4DDBBEAE9662}" = Catalyst Control Center Graphics Full Existing
"{3F80E737-C04B-742F-39CF-16D472780D2F}" = CCC Help Greek
"{4003780A-8579-4701-B397-C76725BB44B1}" = CCC Help Japanese
"{47B02FDB-17F9-A8BE-23C9-B080313DA1BD}" = CCC Help Portuguese
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{513148E7-B7A1-48B2-B518-668701E546F5}" = LightScribe System Software 1.14.19.1
"{5192AB64-1154-5D5B-9292-E9DF51AE4759}" = Catalyst Control Center Localization All
"{533EA890-F246-66D0-DBD2-C87078C5991B}" = CCC Help Chinese Standard
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54C1F42B-0BA1-7CB2-F175-C2B69D7FF74E}" = ccc-core-preinstall
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{66B6D13A-9CC1-417D-B6F2-58AA539D1029}" = Nero 7 Essentials
"{6E535222-B704-F8CB-C235-70CB58C362D9}" = CCC Help Swedish
"{70B59829-7C8F-C378-B9F0-78E5C9879224}" = CCC Help Russian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77251F6F-90CB-C80D-D709-701517C6FF36}" = ccc-core-static
"{79A3E128-DE54-2E2A-99F8-37F7872A26FD}" = CCC Help Norwegian
"{7AC64083-A73C-FA07-7BE9-BEFDBDCA393F}" = CCC Help Dutch
"{80D12CA0-52A2-4E50-9379-3B101D53B8BA}" = CCC Help French
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D05DE05-5FC1-6C0C-8DA1-807BE4EE72BB}" = CCC Help Finnish
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A083E0DD-212F-F991-EC8D-673DDD3BD9F5}" = Catalyst Control Center Graphics Light
"{A1AEDF29-CC4F-CB06-227C-ACE1C3F92A8E}" = CCC Help Hungarian
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A409609F-E81D-B613-B7AE-89D28DAAFD26}" = CCC Help Danish
"{ADF62610-0391-4ABA-E67C-8DF8F51F897E}" = CCC Help German
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{BAD68DAA-DA40-3681-996C-7B91959EC9CA}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF7D89CA-6AB3-FD7E-903B-1821EE6453B5}" = CCC Help Chinese Traditional
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8A6B20B-C028-9C52-41BF-CA706A666B45}" = CCC Help Czech
"{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}" = Vietcong & Vietcong: Fist Alpha
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E13FD48B-341E-0A3F-5306-C407E60AB28F}" = CCC Help Turkish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EF714D4E-B503-D848-73DD-2FE18ECA7BFB}" = Catalyst Control Center Graphics Previews Common
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HijackThis" = HijackThis 2.0.2
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Posel Smrti 2_is1" = Posel Smrti 2
"PunkBusterSvc" = PunkBuster Services
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.2.2010 6:19:24 | Computer Name = JAKUB | Source = Steam Client Service | ID = 1
Description =
Error - 14.3.2010 14:10:27 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace bfbc2game.exe, verze 1.0.1.0, chybující modul bfbc2game.exe,
verze 1.0.1.0, adresa chyby 0x01913907.
Error - 14.3.2010 14:10:42 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace bfbc2game.exe, verze 1.0.1.0, chybující modul bfbc2game.exe,
verze 1.0.1.0, adresa chyby 0x01913907.
Error - 16.3.2010 11:25:08 | Computer Name = JAKUB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msiexec.exe, verze 3.1.4001.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.3.2010 12:14:26 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.58, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 16.3.2010 12:42:37 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.59, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 19.3.2010 12:35:58 | Computer Name = JAKUB | Source = MsiInstaller | ID = 1013
Description = Produkt: NVIDIA PhysX -- Installation terminated
Error - 23.3.2010 12:16:17 | Computer Name = JAKUB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DAOrigins.exe, verze 1.1.9363.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 25.3.2010 11:53:25 | Computer Name = JAKUB | Source = Application Error | ID = 1000
Description = Chybující aplikace ereg.exe, verze 1.0.0.59, chybující modul flash6.ocx,
verze 6.0.88.0, adresa chyby 0x000503b3.
Error - 28.3.2010 6:55:06 | Computer Name = JAKUB | Source = MsiInstaller | ID = 1013
Description = Product: AGEIA PhysX v7.11.13 -- Installation terminated
[ System Events ]
Error - 4.4.2010 11:24:05 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 4.4.2010 11:24:35 | Computer Name = JAKUB | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 5.4.2010 2:10:40 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 2:21:10 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 5:04:40 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 5:05:10 | Computer Name = JAKUB | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 6.4.2010 5:13:26 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 6.4.2010 13:06:08 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 7.4.2010 7:36:38 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 7.4.2010 7:40:36 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7034
Description = Služba Sunbelt Personal Firewall 4 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
< End of report >
OTL logfile created on: 7.4.2010 13:42:09 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: | Country: | Language: | Date Format:
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 9,76 Gb Total Space | 9,55 Gb Free Space | 97,91% Space Free | Partition Type: FAT32
Drive D: | 455,99 Gb Total Space | 351,02 Gb Free Space | 76,98% Space Free | Partition Type: NTFS
Drive E: | 3,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAKUB
Current User Name: Kuba
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.07 13:41:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.04 07:56:41 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.12.06 01:38:57 | 000,707,360 | R--- | M] (Microsoft Corporation) -- D:\WINDOWS\vVX1000.exe
========== Modules (SafeList) ==========
MOD - [2010.04.07 13:41:40 | 000,561,664 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Kuba\Dokumenty\Stažené soubory\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2010.02.04 18:01:33 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Stopped] -- D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Stopped] -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- D:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.03 19:36:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.23 14:55:23 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.04.29 05:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.01 13:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.11.25 10:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.09.23 19:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.08.08 18:08:10 | 000,143,360 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.12.06 01:39:11 | 001,963,680 | R--- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = About:Blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.04.04 07:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.04.04 07:56:55 | 000,000,000 | ---D | M]
[2010.01.19 16:24:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Extensions
[2010.04.06 19:16:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.01.19 20:53:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.04 22:45:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\battlefieldheroespatcher@ea.com
[2010.01.24 16:15:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\DTToolbar@toolbarnet.com
[2010.02.03 19:36:47 | 000,002,059 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\daemon-search.xml
[2010.01.19 16:21:52 | 000,002,061 | ---- | M] () -- D:\Documents and Settings\Kuba\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qipsearch.xml
[2010.04.07 13:39:10 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010.04.04 07:56:49 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.04 07:56:49 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.04 07:56:49 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.04 07:56:49 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.04 07:56:49 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.01.29 15:55:38 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VX1000] D:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.71.150.2 212.71.146.2
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.18 22:34:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - D:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.06 11:16:28 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Kuba\Recent
[2010.04.06 11:11:53 | 000,065,576 | ---- | C] (Sunbelt Software, Inc.) -- D:\WINDOWS\System32\drivers\SbFwIm.sys
[2010.04.06 11:11:52 | 000,270,888 | R--- | C] (Sunbelt Software, Inc.) -- D:\WINDOWS\System32\drivers\SbFw.sys
[2010.04.06 11:11:44 | 000,000,000 | ---D | C] -- D:\Program Files\Sunbelt Software
[2010.04.04 22:54:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Activision
[2010.04.04 17:36:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Dokumenty\BlackMirror2
[2010.04.04 08:44:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\AliensVsPredator
[2010.03.28 13:18:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\Ascaron Entertainment
[2010.03.28 13:18:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Kuba\Dokumenty\Ascaron Entertainment
[2010.03.28 13:16:17 | 000,413,696 | ---- | C] (Creative Labs) -- D:\WINDOWS\System32\wrap_oal.dll
[2010.03.28 13:16:17 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\WINDOWS\System32\OpenAL32.dll
[2010.03.28 12:55:05 | 000,000,000 | ---D | C] -- D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
[2010.03.19 18:37:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.03.19 18:35:57 | 000,000,000 | ---D | C] -- D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
[2010.03.14 19:54:27 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\XAudio2_5.dll
[2010.03.14 19:54:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DCompiler_42.dll
[2010.03.14 19:54:26 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xactengine3_5.dll
[2010.03.14 19:54:25 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dcsx_42.dll
[2010.03.14 19:54:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\D3DX9_42.dll
[2010.03.14 19:54:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx10_42.dll
[2010.03.14 19:54:25 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\d3dx11_42.dll
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2010.01.18 23:34:33 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.07 13:40:50 | 001,020,324 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.07 13:40:50 | 000,432,492 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.04.07 13:40:50 | 000,429,024 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.04.07 13:40:50 | 000,078,052 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.04.07 13:40:50 | 000,067,448 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.04.07 13:38:59 | 000,000,256 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010.04.07 13:37:10 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.07 13:37:10 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.04.07 13:37:09 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010.04.07 13:36:26 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.04.07 13:36:21 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.04.07 13:36:20 | 000,167,952 | ---- | M] () -- D:\WINDOWS\System32\ativvaxx.cap
[2010.04.06 20:21:44 | 004,456,448 | -H-- | M] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.04.06 20:21:44 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.04.06 19:07:21 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010.04.06 15:13:12 | 000,019,456 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.06 08:20:53 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.04.05 17:12:21 | 000,002,283 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.04 22:49:01 | 000,001,403 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Call of Duty - World at War Pro jednoho.lnk
[2010.04.04 17:31:17 | 000,000,805 | ---- | M] () -- D:\Documents and Settings\Kuba\Plocha\Posel Smrti 2.lnk
[2010.04.02 17:45:11 | 000,006,876 | ---- | M] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100402_174439.reg
[2010.03.29 16:41:40 | 000,044,640 | ---- | M] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.29 16:41:31 | 000,192,976 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.28 13:16:17 | 000,413,696 | ---- | M] (Creative Labs) -- D:\WINDOWS\System32\wrap_oal.dll
[2010.03.28 13:16:17 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\WINDOWS\System32\OpenAL32.dll
[2010.03.28 13:16:10 | 000,001,854 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Sacred 2 - Fallen Angel.lnk
[2 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.04 22:49:01 | 000,001,403 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Call of Duty - World at War Pro jednoho.lnk
[2010.04.04 17:31:17 | 000,000,805 | ---- | C] () -- D:\Documents and Settings\Kuba\Plocha\Posel Smrti 2.lnk
[2010.04.02 17:44:40 | 000,006,876 | ---- | C] () -- D:\Documents and Settings\Kuba\Dokumenty\cc_20100402_174439.reg
[2010.03.28 13:16:10 | 000,001,854 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Sacred 2 - Fallen Angel.lnk
[2010.02.21 13:27:24 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\vbzlib1.dll
[2010.02.12 20:25:59 | 000,179,816 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.01.31 17:04:20 | 000,691,696 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys
[2010.01.23 14:29:01 | 000,015,498 | R--- | C] () -- D:\WINDOWS\VX1000.ini
[2010.01.22 19:02:20 | 000,139,456 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.01.22 19:02:20 | 000,138,056 | ---- | C] () -- D:\Documents and Settings\Kuba\Data aplikací\PnkBstrK.sys
[2010.01.19 20:51:39 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2010.01.19 20:51:38 | 000,019,456 | ---- | C] () -- D:\Documents and Settings\Kuba\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.19 00:05:02 | 000,024,576 | R--- | C] () -- D:\WINDOWS\System32\AsIO.dll
[2010.01.19 00:05:02 | 000,012,400 | R--- | C] () -- D:\WINDOWS\System32\drivers\AsIO.sys
[2010.01.18 23:51:02 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.18 23:50:50 | 000,028,545 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010.01.18 23:50:50 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.18 23:46:14 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2010.01.18 23:38:31 | 000,000,178 | -HS- | C] () -- D:\Documents and Settings\Kuba\ntuser.ini
[2010.01.18 23:38:30 | 004,456,448 | -H-- | C] () -- D:\Documents and Settings\Kuba\NTUSER.DAT
[2010.01.18 23:38:30 | 000,001,024 | -H-- | C] () -- D:\Documents and Settings\Kuba\ntuser.dat.LOG
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- D:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelFrench.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Preventivka
Je to možné.
Spusťte OTL a do spodního okna vložte následující skript.
Poté klikněte na Opravit, PC se restartuje, log vložte sem.
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
[2 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT] Re: Preventivka
Tady to tedy je
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 138656 bytes
->FireFox cache emptied: 81675217 bytes
->Flash cache emptied: 3001 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8234208 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1619336173 bytes
Total Files Cleaned = 1 630,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kuba
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.0 log created on 04072010_153230
Files\Folders moved on Reboot...
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder D:\WINDOWS\temp\Perflib_Perfdata_7d4.dat not found!
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll deleted successfully.
D:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 138656 bytes
->FireFox cache emptied: 81675217 bytes
->Flash cache emptied: 3001 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8234208 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1619336173 bytes
Total Files Cleaned = 1 630,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kuba
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.0 log created on 04072010_153230
Files\Folders moved on Reboot...
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder D:\WINDOWS\temp\Perflib_Perfdata_7d4.dat not found!
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Preventivka
docela v poho:) potřeboval jsem jen tu preventivku jestli tam náhodou něco nevydíte.ale ten sunbelt dám asi pryč 
fakt to děsně zpomaluje internet
fakt to děsně zpomaluje internet-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Preventivka
Mužu ten firewall odstranit pres ovladaci panely a pridat nebo odebrat ?protože to nemá nikde soubor uninstal.nebo se to má odstranit jinak??
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?