prosím o kontrolu logu, mám zpomalené PC

Zpráva

Lukáš Krejčík

Prosím o kontrolu logu, mám podezření na vir. V poslední době se mě dost zpomalilo PC, projevuje se například zpomalením Opery, která mě nyní bere klidně 100% CPU atd.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Krejčík at 2010-04-10 15:35:43
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 8 GB (33%) free of 25 GB
Total RAM: 1919 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:59, on 10.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\EasyVPN\crdphService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ad Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\COMODO\EasyVPN\Vpnservice.exe
C:\apache2triad\bin\httpd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\apache2triad\mysql\bin\mysqld.exe
C:\apache2triad\bin\httpd.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\apache2triad\mail\bin\XMail.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Postak\Postak.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\QIP\qip.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Krejčík\Plocha\Bezpečnost\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Krejčík.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.quick.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Postak\SRank.dll
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Postak\Postak.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKUS\S-1-5-21-327999040-2201747496-715196379-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'apache2triad')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{86A2C205-AB6F-43ED-9253-92B6BA0766DD}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad Aware\aawservice.exe
O23 - Service: Apache2Triad Apache2 Service (Apache2) - Apache Software Foundation - C:\apache2triad\bin\httpd.exe
O23 - Service: Apache2Triad Apache2 Service with SSL (Apache2SSL) - Apache Software Foundation - C:\apache2triad\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - C:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - C:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Apache2Triad MySql Service (MySql) - Unknown owner - C:\apache2triad\mysql\bin\mysqld.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Apache2Triad PostgreSQL Service (PgSql) - PostgreSQL Global Development Group - C:\apache2triad\pgsql\bin\pg_ctl.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: Apache2Triad SlimFTPd Server (SlimFTPd) - Unknown owner - C:\apache2triad\ftp\SlimFTPd.exe
O23 - Service: Apache2Triad Xmail Service (XMail) - Unknown owner - C:\apache2triad\mail\bin\XMail.exe

--
End of file - 8676 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-12-16 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-12-16 491520]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Postak\SRank.dll [2005-05-17 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-06-15 917504]
"SMail"=C:\Program Files\Postak\Postak.exe [2006-05-18 450560]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"OEXPRESS"=C:\WINDOWS\OETRN.EXE [2007-12-16 26624]
"QIP2005"=C:\Program Files\QIP\qip.exe [2008-12-09 3259392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
C:\Program Files\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\system32\oodtray.exe [2008-11-03 2540800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-08 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Hry\Pán prstenů\game.dat"="D:\Hry\Pán prstenů\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"D:\Hry\The Battle for Middle-earth\game.dat"="D:\Hry\The Battle for Middle-earth\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe"="C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Hry\Warcraft 3 1.21\war3.exe"="D:\Hry\Warcraft 3 1.21\war3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Sunbelt Software\Personal Firewall\KPF4GUI.EXE"="C:\Program Files\Sunbelt Software\Personal Firewall\KPF4GUI.EXE:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\QIP\QIP.EXE"="C:\Program Files\QIP\QIP.EXE:*:Enabled:Quiet Internet Pager"
"H:\Skype Portable\Phone\Skype.exe"="H:\Skype Portable\Phone\Skype.exe:*:Enabled:Skype"
"D:\Hry\Civilization 4\Warlords\Civ4Warlords.exe"="D:\Hry\Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"D:\Hry\Civilization 4\Warlords\Civ4Warlords_PitBoss.exe"="D:\Hry\Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"D:\Hry\LOTR\game.dat"="D:\Hry\LOTR\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Krejčík\Plocha\LoLInstaller.exe"="C:\Documents and Settings\Krejčík\Plocha\LoLInstaller.exe:*:Enabled:LoL Downloader"
"D:\Hry\LoL\air\LolClient.exe"="D:\Hry\LoL\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Hry\LoL\game\League of Legends.exe"="D:\Hry\LoL\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bae18784-bb16-11dd-9401-0018f33d7f8c}]
shell\AutoRun\command - setupSNK.exe

======List of files/folders created in the last 1 months======

2010-04-10 15:35:23 ----D---- C:\rsit
2010-04-09 10:16:44 ----D---- C:\Documents and Settings\Krejčík\Data aplikací\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
2010-04-09 10:15:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-04-09 09:56:46 ----SHD---- C:\FOUND.002
2010-04-04 10:58:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-04 10:57:18 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-04 10:57:18 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-04 10:57:18 ----A---- C:\WINDOWS\system32\java.exe
2010-03-29 19:54:50 ----D---- C:\WINDOWS\system32\DRVSTORE
2010-03-29 19:54:45 ----D---- C:\Program Files\COMODO
2010-03-29 19:54:45 ----D---- C:\Documents and Settings\Krejčík\Data aplikací\COMODO
2010-03-23 21:25:24 ----A---- C:\WINDOWS\rzrunins.exe

======List of files/folders modified in the last 1 months======

2010-04-10 15:35:20 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-04-09 16:57:58 ----A---- C:\WINDOWS\wincmd.ini
2010-04-09 15:15:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-08 20:08:10 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-03 20:06:50 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2006-07-18 284184]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2006-07-18 91672]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2007-10-12 15781]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-08 1506816]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-10-12 223128]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-10-12 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-01-20 862340]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-21 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-18 17024]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 ATP;Comodo EasyVPN Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
S3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ipswuio;ipswuio; C:\WINDOWS\System32\DRIVERS\ipswuio.sys [2006-01-24 34944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SANDRA;SANDRA; \??\C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Ad Aware\aawservice.exe [2008-07-25 611664]
R2 Apache2;Apache2Triad Apache2 Service; C:\apache2triad\bin\httpd.exe [2009-06-01 17408]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-08 405504]
R2 CrdphService;COMODO EasyVPN VNC Service; C:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; C:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2006-07-18 1205784]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 MySql;Apache2Triad MySql Service; C:\apache2triad\mysql\bin\mysqld.exe [2009-06-01 3960832]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-06-15 507904]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe [2008-04-22 98488]
R2 SlimFTPd;Apache2Triad SlimFTPd Server; C:\apache2triad\ftp\SlimFTPd.exe [2009-06-01 54272]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 XMail;Apache2Triad Xmail Service; C:\apache2triad\mail\bin\XMail.exe [2009-06-01 339968]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\Hamachi\hamachi-2.exe [2009-10-29 1074568]
S2 PHPGeekUtil;PHPGeekUtil; c:\apache\APACHE.EXE --ntservice []
S3 Apache2SSL;Apache2Triad Apache2 Service with SSL; C:\apache2triad\bin\httpd.exe [2009-06-01 17408]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 PgSql;Apache2Triad PostgreSQL Service; C:\apache2triad\pgsql\bin\pg_ctl.exe [2009-06-01 75207]
S4 hpdj;hpdj; C:\DOCUME~1\KREJČÍK\LOCALS~1\Temp\hpdj.exe -servicerunning=true -uninstall=hp deskjet 3500 series -product= []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 10 dub 2010 15:57

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Doporučuji odinstalovat:
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\uTorrent\uTorrent.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

Obrázek

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Lukáš Krejčík

OTL Extras logfile created on: 10.4.2010 17:10:14 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Krejčík\Plocha\Bezpečnost
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,72 Gb Total Space | 8,09 Gb Free Space | 32,74% Space Free | Partition Type: FAT32
Drive D: | 66,56 Gb Total Space | 6,65 Gb Free Space | 9,99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BILL
Current User Name: Krejčík
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\8.0.Pro\ACDSee8Pro.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"8377:TCP" = 8377:TCP:*:Enabled:League of Legends Launcher
"8377:UDP" = 8377:UDP:*:Enabled:League of Legends Launcher

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Hry\Pán prstenů\game.dat" = D:\Hry\Pán prstenů\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- File not found
"D:\Hry\The Battle for Middle-earth\game.dat" = D:\Hry\The Battle for Middle-earth\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- File not found
"C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe" = C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"D:\Hry\Warcraft 3 1.21\war3.exe" = D:\Hry\Warcraft 3 1.21\war3.exe:*:Enabled:Warcraft III -- File not found
"C:\Program Files\Sunbelt Software\Personal Firewall\KPF4GUI.EXE" = C:\Program Files\Sunbelt Software\Personal Firewall\KPF4GUI.EXE:*:Enabled:Sunbelt Kerio Firewall GUI -- (Sunbelt Software)
"C:\Program Files\QIP\QIP.EXE" = C:\Program Files\QIP\QIP.EXE:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"H:\Skype Portable\Phone\Skype.exe" = H:\Skype Portable\Phone\Skype.exe:*:Enabled:Skype -- File not found
"D:\Hry\Civilization 4\Warlords\Civ4Warlords.exe" = D:\Hry\Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords -- (Firaxis Games)
"D:\Hry\Civilization 4\Warlords\Civ4Warlords_PitBoss.exe" = D:\Hry\Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss -- (Firaxis Games)
"C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"D:\Hry\LOTR\game.dat" = D:\Hry\LOTR\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\Krejčík\Plocha\LoLInstaller.exe" = C:\Documents and Settings\Krejčík\Plocha\LoLInstaller.exe:*:Enabled:LoL Downloader -- File not found
"D:\Hry\LoL\air\LolClient.exe" = D:\Hry\LoL\air\LolClient.exe:*:Enabled:League of Legends Lobby -- File not found
"D:\Hry\LoL\game\League of Legends.exe" = D:\Hry\LoL\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Ovládací panel ATI
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"{16622757-3724-4DA8-A5CC-3CE75636E8B9}" = COMODO EasyVPN
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 19
"{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java(TM) SE Development Kit 6 Update 13
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{674756A1-D4E6-445C-959B-AD8D0C03FABC}" = SLOW-PCfighter
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 4.00
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7911C404-9AFA-4BB2-B9B7-E47423D87528}" = Knights Of Honor
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{90437E5F-0A9E-4B63-AD8B-D232897D18BF}" = ATI Parental Control & Encoder
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3
"{A87869D7-B133-498C-A347-D9BE109FF6C8}" = USB2.0 1.3M Web Cam
"{AC76BA86-7AD7-1029-7B44-A81000000003}" = Adobe Reader 8.1.0 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet NIC Driver
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2c
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE12677C-F7D2-45A8-BBF9-0FC0B972EDC3}" = League of Legends
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{E659E0EE-10E6-49B7-8696-60F38D0EB174}" = Sunbelt Kerio Personal Firewall
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F99F74B4-972B-4B06-B893-6B3B0DB0128B}" = ACDSee Pro
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Apache2Triad" = Apache2Triad: apache server bundle
"ATI Display Driver" = ATI Display Driver
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DotaKeys" = DotaKeys
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"InstallShield_{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOGO!Soft Comfort V5.0 Demo" = LOGO!Soft Comfort V5.0 Demo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Mozilla Firefox (2.0.0.9)" = Mozilla Firefox (2.0.0.9)
"nbi-nb-base-6.5.1.0.200903060201" = NetBeans IDE 6.5.1
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NOD32" = Antivirový systém NOD32
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06
"PC Translator" = PC Translator
"PSPad editor_is1" = PSPad editor
"QIP 2005_is1" = QIP 2005 8080
"QIP2005" = QIP 2005 Uninstall
"QuicktimeAlt_is1" = QuickTime Alternative 2.3.0
"RealAlt_is1" = Real Alternative 1.60
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"Scorpions WinCheater 2.07 (s databází 106)_is1" = Scorpions WinCheater
"SLOW-PCfighter" = SLOW-PCfighter
"SMail" = Seznam Pošťák
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SpaceTime 3.0" = SpaceTime 3.0
"Starcraft Brood War (RAZOR 1911)" = Starcraft Brood War (RAZOR 1911)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VideoLAN VLC media player 0.8.6c
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4.4.2010 4:07:18 | Computer Name = BILL | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 nhc.exe, P2 1.8.9.6, P3 2d, P4 system.drawing,
P5 2.0.0.0, P6 4889dec2, P7 18d, P8 51, P9 system.invalidoperationexception, P10
NIL.

Error - 6.4.2010 10:11:41 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> (OS 10048)Normálně je povoleno pouze jedno použití každé adresy
(protokolu, síťové adresy, portu) soketu. : make_sock: could not bind to address
0.0.0.0:80 .

Error - 6.4.2010 10:11:41 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> no listening sockets available, shutting down .

Error - 6.4.2010 10:11:41 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> Unable to open logs .

Error - 6.4.2010 15:24:22 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> (OS 10048)Normálně je povoleno pouze jedno použití každé adresy
(protokolu, síťové adresy, portu) soketu. : make_sock: could not bind to address
0.0.0.0:80 .

Error - 6.4.2010 15:24:22 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> no listening sockets available, shutting down .

Error - 6.4.2010 15:24:22 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> Unable to open logs .

Error - 9.4.2010 3:06:10 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> (OS 10048)Normálně je povoleno pouze jedno použití každé adresy
(protokolu, síťové adresy, portu) soketu. : make_sock: could not bind to address
0.0.0.0:80 .

Error - 9.4.2010 3:06:10 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> no listening sockets available, shutting down .

Error - 9.4.2010 3:06:10 | Computer Name = BILL | Source = Apache Service | ID = 3299
Description = The Apache service named Apache2Triad Apache2 Service reported the
following error: >>> Unable to open logs .

[ System Events ]
Error - 9.4.2010 10:57:26 | Computer Name = BILL | Source = Service Control Manager | ID = 7000
Description = Služba PHPGeekUtil neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 10.4.2010 7:48:39 | Computer Name = BILL | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 10.4.2010 8:37:36 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 8:37:36 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 8:39:22 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 8:39:22 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 9:34:40 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 9:34:40 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 9:35:23 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Error - 10.4.2010 9:35:23 | Computer Name = BILL | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}.
Došlo
k chybě: %5 při provádění příkazu: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

< End of report >

Lukáš Krejčík

OTL logfile created on: 10.4.2010 17:10:14 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Krejčík\Plocha\Bezpečnost
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,72 Gb Total Space | 8,09 Gb Free Space | 32,74% Space Free | Partition Type: FAT32
Drive D: | 66,56 Gb Total Space | 6,65 Gb Free Space | 9,99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BILL
Current User Name: Krejčík
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.10 17:09:26 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krejčík\Plocha\Bezpečnost\OTL.exe
PRC - [2010.04.09 20:13:08 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.08.11 18:47:02 | 000,491,768 | ---- | M] (COMODO) -- C:\Program Files\COMODO\EasyVPN\crdphService.exe
PRC - [2009.08.11 18:46:24 | 000,045,304 | ---- | M] () -- C:\Program Files\COMODO\EasyVPN\Vpnservice.exe
PRC - [2009.06.01 21:46:04 | 003,960,832 | ---- | M] () -- C:\apache2triad\mysql\bin\mysqld.exe
PRC - [2009.06.01 21:45:46 | 000,339,968 | ---- | M] () -- C:\apache2triad\mail\bin\xmail.exe
PRC - [2009.06.01 21:45:22 | 000,054,272 | ---- | M] () -- C:\apache2triad\ftp\SlimFTPd.exe
PRC - [2009.06.01 21:45:16 | 000,017,408 | ---- | M] (Apache Software Foundation) -- C:\apache2triad\bin\httpd.exe
PRC - [2008.12.09 17:00:52 | 003,259,392 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2008.07.25 11:07:54 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Ad Aware\aawservice.exe
PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.06.15 13:23:58 | 000,917,504 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2008.06.15 13:23:58 | 000,507,904 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2008.04.22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) -- C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe
PRC - [2007.12.16 16:19:28 | 000,026,624 | ---- | M] () -- C:\WINDOWS\OETRN.EXE
PRC - [2007.10.12 19:43:22 | 000,757,796 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2007.05.04 02:33:22 | 002,629,632 | ---- | M] (http://www.pbus-167.com) -- C:\Program Files\Notebook Hardware Control\nhc.exe
PRC - [2006.07.18 12:02:58 | 001,205,784 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2006.07.18 12:02:56 | 001,955,352 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2006.05.18 14:36:14 | 000,450,560 | ---- | M] (Seznam.cz a.s.) -- C:\Program Files\Postak\Postak.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.04.10 17:09:26 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krejčík\Plocha\Bezpečnost\OTL.exe
MOD - [2007.12.16 16:19:28 | 000,045,056 | ---- | M] () -- C:\WINDOWS\TRNOEH.DLL
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PHPGeekUtil)
SRV - File not found [Disabled | Stopped] -- -- (hpdj)
SRV - [2009.10.29 12:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.08.11 18:47:02 | 000,491,768 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\EasyVPN\crdphService.exe -- (CrdphService)
SRV - [2009.08.11 18:46:24 | 000,045,304 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\EasyVPN\Vpnservice.exe -- (EasyVpnAdpt)
SRV - [2009.06.01 21:47:44 | 000,075,207 | ---- | M] (PostgreSQL Global Development Group) [On_Demand | Stopped] -- C:\apache2triad\pgsql\bin\pg_ctl.exe -- (PgSql)
SRV - [2009.06.01 21:46:04 | 003,960,832 | ---- | M] () [Auto | Running] -- C:\apache2triad\mysql\bin\mysqld.exe -- (MySql)
SRV - [2009.06.01 21:45:46 | 000,339,968 | ---- | M] () [Auto | Running] -- C:\apache2triad\mail\bin\xmail.exe -- (XMail)
SRV - [2009.06.01 21:45:22 | 000,054,272 | ---- | M] () [Auto | Running] -- C:\apache2triad\ftp\SlimFTPd.exe -- (SlimFTPd)
SRV - [2009.06.01 21:45:16 | 000,017,408 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\apache2triad\bin\httpd.exe -- (Apache2SSL)
SRV - [2009.06.01 21:45:16 | 000,017,408 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\apache2triad\bin\httpd.exe -- (Apache2)
SRV - [2008.11.03 11:45:46 | 001,332,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.25 11:07:54 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Ad Aware\aawservice.exe -- (aawservice)
SRV - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.07.10 02:49:34 | 000,258,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.06.15 13:23:58 | 000,507,904 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2008.04.22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Running] -- C:\Program Files\Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2006.07.18 12:02:58 | 001,205,784 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)

========== Driver Services (SafeList) ==========

DRV - [2010.04.09 16:57:36 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2009.12.02 20:34:52 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2009.09.23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.10 10:08:54 | 000,017,424 | ---- | M] (Comodo, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmdatp.sys -- (ATP)
DRV - [2008.06.15 13:24:00 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2008.03.10 19:30:36 | 000,021,408 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandra Lite XII.SP2c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2007.10.12 21:24:18 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007.10.12 20:25:40 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2007.10.12 20:23:46 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.10.12 20:18:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006.07.18 12:02:52 | 000,091,672 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2006.07.18 12:02:50 | 000,284,184 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2006.05.04 10:13:52 | 004,271,616 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.03.08 16:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.01.24 10:45:56 | 000,034,944 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipswuio.sys -- (ipswuio)
DRV - [2006.01.20 06:44:42 | 000,862,340 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006.01.18 12:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.10.21 08:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2005.02.11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 13:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.18 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.04.19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001.08.17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.quick.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007.11.04 16:56:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007.11.04 16:56:36 | 000,000,000 | ---D | M]

[2009.01.27 21:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krejčík\Data aplikací\Mozilla\Extensions
[2007.11.04 16:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krejčík\Data aplikací\Mozilla\Firefox\Profiles\mq7z89l0.default\extensions
[2007.11.04 16:56:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.08 12:19:22 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010.01.26 23:22:44 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.26 23:22:44 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.26 23:22:44 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.26 23:22:44 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.26 23:22:44 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Postak\SRank.dll (Seznam.cz a.s.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NotebookHardwareControl] C:\Program Files\Notebook Hardware Control\nhc.exe (http://www.pbus-167.com)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SMail] C:\Program Files\Postak\Postak.exe (Seznam.cz a.s.)
O4 - HKCU..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Krejčík\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krejčík\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.12 19:26:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{bae18784-bb16-11dd-9401-0018f33d7f8c}\Shell\AutoRun\command - "" = setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.09 10:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krejčík\Data aplikací\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010.04.09 10:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.04.09 09:56:46 | 000,000,000 | -HSD | C] -- C:\FOUND.002
[2010.04.04 10:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.04.04 10:57:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.04 10:57:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.04 10:57:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.03.29 19:54:50 | 000,017,424 | ---- | C] (Comodo, Inc.) -- C:\WINDOWS\System32\drivers\cmdatp.sys
[2010.03.29 19:54:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.03.29 19:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010.03.29 19:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krejčík\Data aplikací\COMODO
[2010.03.01 17:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
[2007.10.12 19:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.10.12 19:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.10.12 19:18:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.10.12 19:18:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[3 C:\Documents and Settings\All Users\Data aplikací\*.tmp files -> C:\Documents and Settings\All Users\Data aplikací\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Krejčík\*.tmp files -> C:\Documents and Settings\Krejčík\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.10 17:08:40 | 000,001,790 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.04.10 14:24:56 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Krejčík\Plocha\volejbal.xls
[2010.04.10 14:05:02 | 000,100,352 | ---- | M] () -- C:\Documents and Settings\Krejčík\Plocha\KrejcikLukasSMP02042010rev.doc
[2010.04.10 11:28:38 | 002,563,254 | ---- | M] () -- C:\WINDOWS\ACD Wallpaper.bmp
[2010.04.09 16:57:58 | 000,002,502 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.04.09 16:57:36 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) -- C:\WINDOWS\System32\drivers\nhcDriver.sys
[2010.04.09 16:57:00 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.09 16:56:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.09 16:56:40 | 2012,663,808 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.09 16:56:38 | 000,194,097 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.09 15:15:12 | 054,525,952 | -H-- | M] () -- C:\Documents and Settings\Krejčík\NTUSER.DAT
[2010.04.09 15:14:26 | 002,641,612 | -H-- | M] () -- C:\Documents and Settings\Krejčík\Local Settings\Data aplikací\IconCache.db
[2010.04.09 14:33:28 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010.04.09 13:25:46 | 000,000,324 | ---- | M] () -- C:\Documents and Settings\Krejčík\Dokumenty\spider.sav
[2010.04.08 20:08:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.08 19:51:06 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Krejčík\Plocha\Projekt Krejčík.doc
[2010.04.03 20:06:50 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.03.31 09:19:36 | 000,000,496 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.03.29 19:57:20 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO EasyVPN.lnk
[2010.03.28 19:52:42 | 000,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[3 C:\Documents and Settings\All Users\Data aplikací\*.tmp files -> C:\Documents and Settings\All Users\Data aplikací\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Krejčík\*.tmp files -> C:\Documents and Settings\Krejčík\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.10 12:25:57 | 000,100,352 | ---- | C] () -- C:\Documents and Settings\Krejčík\Plocha\KrejcikLukasSMP02042010rev.doc
[2010.03.29 19:57:19 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO EasyVPN.lnk
[2010.03.28 11:36:58 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Krejčík\Plocha\Projekt Krejčík.doc
[2010.03.23 21:25:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\rzrunins.exe
[2010.02.24 23:07:02 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.01.10 16:21:15 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.01.10 16:02:33 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Krejčík\Local Settings\Data aplikací\PUTTY.RND
[2010.01.06 02:26:18 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Krejčík\.recently-used.xbel
[2009.12.10 18:08:09 | 000,077,328 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.06.27 17:48:06 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2009.06.27 17:48:05 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2009.06.16 22:57:04 | 000,000,225 | ---- | C] () -- C:\WINDOWS\RomeTW.ini
[2009.06.01 21:53:06 | 000,042,595 | ---- | C] () -- C:\WINDOWS\php.ini
[2009.06.01 21:53:06 | 000,002,488 | ---- | C] () -- C:\WINDOWS\my.ini
[2009.02.07 16:09:56 | 000,000,700 | ---- | C] () -- C:\WINDOWS\DesetiPrsty.INI
[2008.11.19 16:34:33 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2008.11.13 08:22:31 | 007,118,848 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\sandra.mda
[2008.10.24 18:40:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.03.03 22:54:49 | 000,004,586 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2008.01.26 17:50:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\simpler.ini
[2007.12.16 16:19:28 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2007.12.16 16:19:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2007.12.16 16:19:27 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2007.12.16 16:19:08 | 000,004,129 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2007.12.16 16:18:35 | 000,001,790 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2007.12.16 16:18:34 | 000,002,996 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2007.12.16 16:18:23 | 000,004,952 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2007.12.16 16:18:23 | 000,002,359 | ---- | C] () -- C:\WINDOWS\Wdict32.INI
[2007.11.20 13:44:22 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2007.11.10 14:16:12 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Krejčík\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.10.22 22:21:14 | 000,000,158 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.10.20 13:24:39 | 000,059,207 | ---- | C] () -- C:\Documents and Settings\Krejčík\removefiles.txttemp
[2007.10.20 13:23:40 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Krejčík\persistent_state
[2007.10.15 14:25:54 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.10.12 20:46:52 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2007.10.12 20:38:29 | 000,000,208 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.10.12 20:25:39 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2007.10.12 20:23:45 | 000,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.10.12 20:23:45 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd2237.sys
[2007.10.12 19:59:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56spn.dll
[2007.10.12 19:59:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56itl.dll
[2007.10.12 19:59:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56eng.dll
[2007.10.12 19:59:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56brz.dll
[2007.10.12 19:59:00 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56ger.dll
[2007.10.12 19:59:00 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56fra.dll
[2007.10.12 19:59:00 | 000,053,248 | R--- | C] () -- C:\WINDOWS\sm56jpn.dll
[2007.10.12 19:59:00 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56cht.dll
[2007.10.12 19:59:00 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56chs.dll
[2007.10.12 19:58:41 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.10.12 19:42:58 | 000,002,502 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.10.12 19:35:09 | 054,525,952 | -H-- | C] () -- C:\Documents and Settings\Krejčík\NTUSER.DAT
[2007.10.12 19:35:09 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Krejčík\ntuser.dat.LOG
[2007.10.12 19:35:09 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\Krejčík\ntuser.ini
[2007.10.12 19:35:00 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2007.10.12 19:35:00 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2007.10.12 19:30:30 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.09.01 15:20:46 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\vspxcore.dll
[2004.11.20 11:15:21 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004.11.20 11:15:21 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002.02.08 04:20:20 | 000,002,063 | ---- | C] () -- C:\WINDOWS\System32\my.ini
[2001.09.19 22:52:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2001.08.16 20:04:46 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ming.dll
[2001.07.26 21:44:38 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\libxml2.dll
[2000.10.22 20:26:44 | 000,438,334 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2000.10.22 06:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\libsasl.dll
[2000.10.07 08:41:10 | 000,747,486 | ---- | C] () -- C:\WINDOWS\System32\iconv-1.3.dll
[2000.09.27 03:28:20 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2000.08.24 20:44:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2000.08.24 20:44:08 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[1999.05.24 13:26:42 | 000,317,440 | ---- | C] () -- C:\WINDOWS\System32\FdfTk.dll
[1997.09.08 02:13:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\mSQL.dll
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
< End of report >

#5 Příspěvek od **Caroprd111** » 10 dub 2010 17:54

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z OTL a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Lukáš Krejčík

zapracuju na tom, zatím díky za pomoc

#7 Příspěvek od **Caroprd111** » 11 dub 2010 13:08

VIRY.CZ

prosím o kontrolu logu, mám zpomalené PC

prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC

Re: prosím o kontrolu logu, mám zpomalené PC