Prosím o kontrolu a předem děkuji ;)

Příspěvekod **jaro3** » 15 kvě 2010 12:23

To Ivca24: Vlož nové téma do sekce Problémy s hardwarem:
viewforum.php?f=7
Vlož celý název síť. karty a oni Ti pomohou najít ovladače ke kartě.

To Growe101 :

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG či Avast, následně T-Cleaner smaž a zapni si AVG či Avast.

Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.

Můžeš smazat prázdnou složku:
c:\windows\XSxS

Reklama

Growe101 · Příspěvekod **Growe101** » 15 kvě 2010 13:25

OTL logfile created on: 15.5.2010 13:04:33 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Jirka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,41 Gb Total Space | 37,27 Gb Free Space | 26,54% Space Free | Partition Type: NTFS
Drive D: | 8,64 Gb Total Space | 2,43 Gb Free Space | 28,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIRKA-PC
Current User Name: Jirka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.05.15 12:55:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\otl.exe
PRC - [2010.05.15 12:54:52 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTH.scr
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

========== Modules (SafeList) ==========

MOD - [2010.05.15 12:55:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\otl.exe
MOD - [2010.05.06 23:02:00 | 000,151,648 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\snxPlugins.dll
MOD - [2008.08.28 05:40:11 | 000,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2008.05.27 07:18:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2008.01.19 09:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2008.01.19 09:36:40 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2008.01.19 09:36:40 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
MOD - [2008.01.19 09:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2008.01.19 09:35:37 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2008.01.19 09:34:07 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2008.01.19 09:34:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2008.01.19 09:33:42 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.19 09:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.05.13 13:24:27 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:41:12 | 000,307,280 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.10.03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.09.05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.11.01 08:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007.11.01 08:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007.11.01 08:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007.10.18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.07.11 02:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.05.31 00:36:59 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007.05.31 00:36:59 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007.05.31 00:36:59 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.05.09 17:33:00 | 000,048,640 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007.02.22 18:40:08 | 000,140,680 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.01.05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.01.05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F E1 57 C3 1C F4 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2010.05.14 14:59:59 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010.05.15 12:55:00 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2010.05.15 12:44:39 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTH.scr
[2010.05.15 12:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.15 12:01:18 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.05.15 12:01:17 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.05.15 12:01:14 | 000,307,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2010.05.15 12:01:14 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.05.15 12:01:12 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.05.15 12:01:08 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.05.15 12:00:33 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.05.15 12:00:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010.05.15 11:48:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.05.15 11:48:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.05.15 08:08:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.05.15 07:49:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.05.14 23:34:35 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Malwarebytes
[2010.05.14 23:34:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.14 23:34:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.14 23:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.14 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.14 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Enterprise System Information
[2010.05.14 15:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2010.05.14 15:29:08 | 296,330,688 | ---- | C] (Activision ) -- C:\Users\Jirka\Desktop\CoD4MW-1.6-PatchSetup.exe
[2010.05.14 15:29:03 | 039,968,152 | ---- | C] (Activision ) -- C:\Users\Jirka\Desktop\CoD4MW-1.6-1.7-PatchSetup.exe
[2010.05.14 14:18:13 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\WinRAR
[2010.05.14 14:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.05.14 13:59:43 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\PunkBuster
[2010.05.14 13:52:47 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Zaparit
[2010.05.14 13:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\GamePark
[2010.05.14 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Activision
[2010.05.14 09:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.05.13 19:05:47 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\NumusAutoDiskBuilder
[2010.05.13 19:05:39 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010.05.13 19:05:39 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Xenocode
[2010.05.13 19:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010.05.13 19:05:39 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2010.05.13 18:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor
[2010.05.13 17:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010.05.13 14:42:07 | 000,000,000 | ---D | C] -- C:\553536acd1807a299639ab2c41f3
[2010.05.13 14:41:11 | 000,000,000 | ---D | C] -- C:\dbd7f0d4892c63686edd3067
[2010.05.13 10:54:53 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\Downloads
[2010.05.13 10:52:49 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\DivX
[2010.05.13 10:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.05.13 10:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010.05.13 10:49:33 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Google
[2010.05.13 10:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.05.13 10:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.05.13 10:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.05.13 03:45:52 | 000,000,000 | ---D | C] -- C:\Windows\PANTHER
[2010.05.13 03:45:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010.05.13 03:44:02 | 000,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2010.05.13 03:44:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\cs
[2010.05.13 03:44:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2010.05.13 03:43:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\pscr.sys.mui
[2010.05.13 03:43:08 | 000,004,096 | ---- | C] (SCM Microsystems) -- C:\Windows\System32\drivers\cs-CZ\SCR111.sys.mui
[2010.05.13 03:43:08 | 000,004,096 | ---- | C] (Gemplus) -- C:\Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2010.05.13 03:43:08 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\stcusb.sys.mui
[2010.05.13 03:43:08 | 000,003,584 | ---- | C] (Gemplus) -- C:\Windows\System32\drivers\cs-CZ\gpr400.sys.mui
[2010.05.13 03:43:08 | 000,003,072 | ---- | C] (OMNIKEY) -- C:\Windows\System32\drivers\cs-CZ\cxbp0wdm.sys.mui
[2010.05.13 03:43:08 | 000,003,072 | ---- | C] (OMNIKEY AG) -- C:\Windows\System32\drivers\cs-CZ\cmbp0wdm.sys.mui
[2010.05.13 03:43:00 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerId.sys.mui
[2010.05.13 03:42:54 | 000,006,656 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\cs-CZ\yk60x86.sys.mui
[2010.05.13 03:42:53 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\cs-CZ\ltmdmnt.sys.mui
[2010.05.13 03:42:31 | 000,004,608 | ---- | C] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\cs-CZ\ntrigdigi.sys.mui
[2010.05.13 03:42:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrParwdm.sys.mui
[2010.05.13 03:14:49 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.05.12 19:42:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.05.12 19:06:12 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010.05.12 19:06:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.05.12 18:54:44 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Microsoft Games
[2010.05.12 18:35:52 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.05.12 18:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.05.12 18:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.05.12 18:29:38 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2010.05.12 18:29:38 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2010.05.12 18:29:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.05.12 18:23:24 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Searches
[2010.05.12 18:22:56 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Identities
[2010.05.12 18:22:45 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Contacts
[2010.05.12 18:22:41 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\VirtualStore
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\AppData\Local\Temporary Internet Files
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Šablony
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Soubory cookie
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\SendTo
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Recent
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Okolní tiskárny
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Okolní síť
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Documents\Obrázky
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Nabídka Start
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Local Settings
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Documents\Hudba
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\AppData\Local\Historie
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Documents\Filmy
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Dokumenty
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\Data aplikací
[2010.05.12 18:22:17 | 000,000,000 | -HSD | C] -- C:\Users\Jirka\AppData\Local\Data aplikací
[2010.05.12 18:22:12 | 000,000,000 | --SD | C] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2010.05.12 18:22:12 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Desktop
[2010.05.12 18:22:12 | 000,000,000 | -H-D | C] -- C:\Users\Jirka\AppData
[2010.05.12 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Temp
[2010.05.12 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Microsoft
[2010.05.12 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Media Center Programs
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Videos
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Saved Games
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Pictures
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Music
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Links
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Favorites
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Downloads
[2010.05.12 18:22:11 | 000,000,000 | R--D | C] -- C:\Users\Jirka\Dokumenty
[2010.05.12 18:20:59 | 000,516,784 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedCry.dll
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.05.12 18:17:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.05.12 18:17:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.05.12 18:17:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.05.12 17:58:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.05.12 17:56:21 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010.05.12 17:47:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.04.28 13:04:40 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010.03.08 19:59:18 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2010.02.19 21:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivX.dll
[2010.02.19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx0c.dll
[2010.02.19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx07.dll
[2010.02.19 21:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx0a.dll
[2010.02.19 21:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx16.dll
[2010.02.19 21:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx11.dll
[2010.02.18 19:03:23 | 000,000,000 | ---D | C] -- C:\PFiles
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010.05.15 13:04:18 | 001,048,576 | -HS- | M] () -- C:\Users\Jirka\ntuser.dat
[2010.05.15 13:02:02 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.15 12:56:24 | 000,586,766 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.15 12:56:23 | 001,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.15 12:56:23 | 000,598,090 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.15 12:56:23 | 000,114,636 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.15 12:56:23 | 000,100,838 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.15 12:55:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2010.05.15 12:54:52 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTH.scr
[2010.05.15 12:52:44 | 000,000,680 | ---- | M] () -- C:\Users\Jirka\AppData\Local\d3d9caps.dat
[2010.05.15 12:50:09 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.15 12:49:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.15 12:49:49 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.15 12:49:49 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.15 12:49:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.15 12:49:31 | 2146,418,688 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.15 12:48:16 | 000,524,288 | -HS- | M] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.15 12:48:16 | 000,065,536 | -HS- | M] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.15 12:30:50 | 000,001,670 | ---- | M] () -- C:\Users\Jirka\Desktop\CCleaner.lnk
[2010.05.15 12:01:19 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2010.05.15 12:01:08 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.05.15 11:54:04 | 001,163,143 | -H-- | M] () -- C:\Users\Jirka\AppData\Local\IconCache.db
[2010.05.15 11:41:01 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.05.15 07:47:11 | 000,031,871 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.05.14 23:34:33 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.14 19:03:44 | 000,228,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.14 17:55:58 | 000,000,890 | ---- | M] () -- C:\Users\Jirka\Desktop\AIDA32.lnk
[2010.05.14 15:11:42 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010.05.14 14:39:22 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010.05.14 14:39:17 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010.05.14 13:43:16 | 000,001,630 | ---- | M] () -- C:\Users\Jirka\Desktop\GamePark.lnk
[2010.05.13 14:41:51 | 000,065,536 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010.05.13 12:58:11 | 027,787,264 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.05.13 12:58:10 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.05.13 12:58:10 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.05.13 10:53:30 | 000,001,394 | ---- | M] () -- C:\Users\Jirka\Desktop\DivX Movies.lnk
[2010.05.13 10:52:45 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.05.13 10:52:01 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.13 10:51:50 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.05.13 09:07:52 | 000,001,589 | ---- | M] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.05.13 08:48:29 | 000,049,168 | ---- | M] () -- C:\Users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.13 03:46:29 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010.05.13 03:43:43 | 000,286,912 | ---- | M] () -- C:\Windows\System32\perfi005.dat
[2010.05.13 03:43:43 | 000,034,724 | ---- | M] () -- C:\Windows\System32\perfd005.dat
[2010.05.13 03:43:08 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\pscr.sys.mui
[2010.05.13 03:43:08 | 000,004,096 | ---- | M] (SCM Microsystems) -- C:\Windows\System32\drivers\cs-CZ\SCR111.sys.mui
[2010.05.13 03:43:08 | 000,004,096 | ---- | M] (Gemplus) -- C:\Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2010.05.13 03:43:08 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\stcusb.sys.mui
[2010.05.13 03:43:08 | 000,003,584 | ---- | M] (Gemplus) -- C:\Windows\System32\drivers\cs-CZ\gpr400.sys.mui
[2010.05.13 03:43:08 | 000,003,072 | ---- | M] (OMNIKEY) -- C:\Windows\System32\drivers\cs-CZ\cxbp0wdm.sys.mui
[2010.05.13 03:43:08 | 000,003,072 | ---- | M] (OMNIKEY AG) -- C:\Windows\System32\drivers\cs-CZ\cmbp0wdm.sys.mui
[2010.05.13 03:43:00 | 000,009,728 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerId.sys.mui
[2010.05.13 03:42:54 | 000,006,656 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\cs-CZ\yk60x86.sys.mui
[2010.05.13 03:42:53 | 000,009,728 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\cs-CZ\ltmdmnt.sys.mui
[2010.05.13 03:42:31 | 000,004,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\cs-CZ\ntrigdigi.sys.mui
[2010.05.13 03:42:25 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrParwdm.sys.mui
[2010.05.12 18:39:41 | 000,524,288 | -HS- | M] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.12 18:22:17 | 000,000,020 | -HS- | M] () -- C:\Users\Jirka\ntuser.ini
[2010.05.12 17:59:53 | 000,058,328 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.05.06 22:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010.05.06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.05.06 22:41:12 | 000,307,280 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.05.06 22:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010.03.08 19:59:18 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2010.02.23 05:09:09 | 000,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2010.02.19 21:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivX.dll
[2010.02.19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx0c.dll
[2010.02.19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx07.dll
[2010.02.19 21:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx0a.dll
[2010.02.19 21:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx16.dll
[2010.02.19 21:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx11.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.15 12:30:50 | 000,001,670 | ---- | C] () -- C:\Users\Jirka\Desktop\CCleaner.lnk
[2010.05.15 12:01:19 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2010.05.15 11:58:11 | 000,000,680 | ---- | C] () -- C:\Users\Jirka\AppData\Local\d3d9caps.dat
[2010.05.14 23:34:33 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.14 17:55:58 | 000,000,890 | ---- | C] () -- C:\Users\Jirka\Desktop\AIDA32.lnk
[2010.05.14 16:48:19 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.05.14 16:48:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.05.14 16:48:16 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010.05.14 13:43:16 | 000,001,630 | ---- | C] () -- C:\Users\Jirka\Desktop\GamePark.lnk
[2010.05.14 12:40:37 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.05.14 12:12:42 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010.05.14 12:11:50 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010.05.14 12:11:36 | 003,662,296 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010.05.14 12:10:17 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010.05.14 12:09:40 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010.05.14 12:09:37 | 000,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010.05.14 12:09:27 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010.05.14 12:08:54 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010.05.14 12:06:50 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010.05.14 12:06:00 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2010.05.14 12:05:55 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2010.05.14 12:05:50 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010.05.14 12:05:41 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2010.05.14 12:05:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010.05.14 09:48:37 | 000,031,871 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.05.13 14:41:51 | 000,065,536 | ---- | C] () -- C:\Windows\SPInstall.etl
[2010.05.13 12:43:27 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.05.13 12:43:27 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.05.13 12:43:26 | 027,787,264 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.05.13 10:53:30 | 000,001,394 | ---- | C] () -- C:\Users\Jirka\Desktop\DivX Movies.lnk
[2010.05.13 10:52:45 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.05.13 10:52:01 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.13 10:51:50 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.05.13 10:50:35 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.13 10:50:32 | 000,000,934 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.13 09:07:52 | 000,001,589 | ---- | C] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.05.13 03:45:52 | 000,057,656 | ---- | C] () -- C:\Windows\System32\OEMLOGO.BMP
[2010.05.13 03:45:52 | 000,057,656 | ---- | C] () -- C:\Windows\FSC_LOGO_POSITIVE_JPG_MIDDLE.BMP
[2010.05.13 03:45:52 | 000,005,658 | ---- | C] () -- C:\Windows\System32\OEMLOGO.PNG
[2010.05.13 03:44:46 | 000,598,090 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2010.05.13 03:44:46 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2010.05.13 03:44:46 | 000,114,636 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2010.05.13 03:44:46 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2010.05.12 20:40:25 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.05.12 20:40:23 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2010.05.12 20:26:15 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010.05.12 18:22:17 | 000,000,020 | -HS- | C] () -- C:\Users\Jirka\ntuser.ini
[2010.05.12 18:22:15 | 000,524,288 | -HS- | C] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.12 18:22:15 | 000,524,288 | -HS- | C] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.12 18:22:14 | 000,065,536 | -HS- | C] () -- C:\Users\Jirka\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.12 18:22:13 | 000,262,144 | -H-- | C] () -- C:\Users\Jirka\ntuser.dat.LOG1
[2010.05.12 18:22:13 | 000,000,000 | -H-- | C] () -- C:\Users\Jirka\ntuser.dat.LOG2
[2010.05.12 18:22:11 | 001,048,576 | -HS- | C] () -- C:\Users\Jirka\ntuser.dat
[2010.05.12 18:07:35 | 2146,418,688 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.12 17:12:16 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

========== LOP Check ==========

[2010.05.13 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\NumusAutoDiskBuilder
[2010.05.15 12:48:18 | 000,007,824 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009.04.11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010.05.13 03:46:29 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010.05.15 11:48:13 | 000,019,487 | ---- | M] () -- C:\ComboFix.txt
[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007.11.07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007.11.07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007.11.07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007.11.07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010.05.15 12:49:31 | 2146,418,688 | -HS- | M] () -- C:\hiberfil.sys
[2007.11.07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007.11.07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007.11.07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007.11.07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007.11.07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007.11.07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007.11.07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007.11.07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007.11.07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008.07.31 09:14:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.05.14 23:35:29 | 000,000,103 | ---- | M] () -- C:\mbam-error.txt
[2008.07.31 09:14:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.05.15 12:49:28 | 2460,205,056 | -HS- | M] () -- C:\pagefile.sys
[2007.11.07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007.11.07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007.11.07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2008.01.19 09:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.19 09:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.05.06 22:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.05.06 22:41:12 | 000,307,280 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.05.12 20:54:17 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2010.05.13 09:00:48 | 000,439,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.02.23 13:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2010.02.23 13:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010.02.23 13:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010.05.12 20:52:05 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 13:52:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys
< End of report >

Growe101 · Příspěvekod **Growe101** » 15 kvě 2010 13:28

OTL Extras logfile created on: 15.5.2010 13:04:33 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Jirka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,41 Gb Total Space | 37,27 Gb Free Space | 26,54% Space Free | Partition Type: NTFS
Drive D: | 8,64 Gb Total Space | 2,43 Gb Free Space | 28,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIRKA-PC
Current User Name: Jirka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E6FB3FF-EF6E-479F-B2DD-454541A5BFAF}" = protocol=6 | dir=in | app=c:\users\jirka\desktop\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C18EC1F0-98E4-4829-8338-275A73E1FB1F}" = protocol=17 | dir=in | app=c:\users\jirka\desktop\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{B1EDAE49-940B-4266-A3E1-96C9F44615CE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{905A5406-917E-40CE-AAC2-044E5A11CAEF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{9BAF043B-82FC-43E2-96EA-5F68015F4FA2}" = AuthenTec Fingerprint Sensor Minimum Install
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIDA32_is1" = AIDA32 v3.80
"avast5" = avast! Pro Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Setup.divx.com" = DivX Setup
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.5.2010 9:12:44 | Computer Name = Jirka-PC | Source = ESENT | ID = 215
Description = WinMail (4048) WindowsMail0: Zálohování bylo ukončeno, protože bylo
zastaveno klientem nebo protože se nezdařilo připojení ke klientovi.

Error - 14.5.2010 9:14:59 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219, kód výjimky
0xc0000005, posun chyby 0x0027782e, ID procesu 0xbe0, čas spuštění aplikace 0x01caf3676e8e8dd6.

Error - 14.5.2010 9:19:33 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219, kód výjimky
0xc0000005, posun chyby 0x0027782e, ID procesu 0x92c, čas spuštění aplikace 0x01caf3681426eb26.

Error - 14.5.2010 9:32:10 | Computer Name = Jirka-PC | Source = VSS | ID = 8194
Description =

Error - 14.5.2010 9:35:12 | Computer Name = Jirka-PC | Source = VSS | ID = 8194
Description =

Error - 14.5.2010 9:37:20 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219, kód výjimky
0xc0000005, posun chyby 0x0027782e, ID procesu 0xd80, čas spuštění aplikace 0x01caf36a8c467f16.

Error - 14.5.2010 9:38:45 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219, kód výjimky
0xc0000005, posun chyby 0x0027782e, ID procesu 0x490, čas spuštění aplikace 0x01caf36ac27a61a6.

Error - 14.5.2010 10:20:33 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18904, časové razítko
0x4b835fec, chybující modul Flash10e.ocx, verze 10.0.45.2, časové razítko 0x4b5f8faa,
kód výjimky 0xc0000005, posun chyby 0x000024eb, ID procesu 0xae8, čas spuštění aplikace
0x01caf3708c7e6630.

Error - 14.5.2010 10:20:43 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18904, časové razítko
0x4b835fec, chybující modul Flash10e.ocx, verze 10.0.45.2, časové razítko 0x4b5f8faa,
kód výjimky 0xc0000005, posun chyby 0x000024e8, ID procesu 0x89c, čas spuštění aplikace
0x01caf3709f47b1e0.

Error - 14.5.2010 10:20:56 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18904, časové razítko
0x4b835fec, chybující modul Flash10e.ocx, verze 10.0.45.2, časové razítko 0x4b5f8faa,
kód výjimky 0xc0000005, posun chyby 0x000024eb, ID procesu 0xf88, čas spuštění aplikace
0x01caf370a7871580.

[ System Events ]
Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:42:49 | Computer Name = Jirka-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 13.5.2010 8:48:34 | Computer Name = Jirka-PC | Source = DCOM | ID = 10010
Description =

Error - 13.5.2010 10:47:07 | Computer Name = Jirka-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:31:30, 13.5.2010) bylo neočekávané.

Error - 13.5.2010 10:52:26 | Computer Name = Jirka-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 001E680534F7
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

Příspěvekod **jaro3** » 15 kvě 2010 15:25

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

:Files
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
c:\windows\Tasks\*.job /s
C:\Windows\msdownld.tmp
C:\Users\Jirka\AppData\Local\d3d9caps.dat
C:\Windows\tasks\SA.DAT
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
C:\ProgramData\nvModes.001

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Growe101 · Příspěvekod **Growe101** » 15 kvě 2010 16:20

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP165E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8A64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Temp\RACF6DC.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4ec8577eaccd976121d72d12bafdc8f8\$dpx$.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4ec8577eaccd976121d72d12bafdc8f8\BITF97A.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{97712D3D-19FA-4E21-BBF0-81877D2918DD}.job moved successfully.
File\Folder C:\Windows\msdownld.tmp not found.
C:\Users\Jirka\AppData\Local\d3d9caps.dat moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
C:\ProgramData\nvModes.001 moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jirka
->Temp folder emptied: 1154906 bytes
->Temporary Internet Files folder emptied: 63782414 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 16291 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 775 bytes
RecycleBin emptied: 421888 bytes

Total Files Cleaned = 62,00 mb

OTL by OldTimer - Version 3.2.4.1 log created on 05152010_160541

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 15 kvě 2010 16:45

Smaž OTH , OTL.

PC je nejspíše čisté , poslední krok:

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer (není již podmínkou)! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .

Growe101 · Příspěvekod **Growe101** » 15 kvě 2010 20:54

Hlášení kontroly

Sobota, Květen 15, 2010 17:08:41 - 20:50:11

Název počítače: JIRKA-PC
Typ kontroly: Kontrolovat systém na přítomnost malwaru, spywaru a programů rootkit
Cíl: C:\ D:\

Nalezený malware: 5

TrackingCookie.Atdmt (spyware)
Systém (Vyléčeno)
TrackingCookie.Adtech (spyware)
Systém (Vyléčeno)
TrackingCookie.Doubleclick (spyware)
Systém (Vyléčeno)
TrackingCookie.Tradedoubler (spyware)
Systém (Vyléčeno)
TrackingCookie.Yieldmanager (spyware)
Systém (Vyléčeno)
Statistika

Kontrolováno:
Soubory: 1234674
Systém: 3044
Nekontrolováno: 2
Akce:
Vyléčeno: 5
Přejmenováno: 0
Odstraněno: 0
Nevyčištěno: 0
Odesláno: 0
Nekontrolované soubory:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
Možnosti

Moduly kontroly:
Možnosti kontroly:
Kontrolovat určené soubory: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Používat pokročilou heuristiku

Příspěvekod **jaro3** » 15 kvě 2010 22:26

5 malware vyléčeno , takže PC je čisté , případné problémy nejsou ve spojitosti s viry.Vložit nové téma do jiné sekce-problémy s HW.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím o kontrolu a předem děkuji ;) Vyřešeno

Re: Prosím o kontrolu a předem děkuji ;) Vyřešeno

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Re: Prosím o kontrolu a předem děkuji ;)

Kdo je online