aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-25 12:02:22
-----------------------------
12:02:22.296 OS Version: Windows 5.1.2600 Service Pack 3
12:02:22.296 Number of processors: 1 586 0x103
12:02:22.296 ComputerName: PC-F5CE6C3DE1A7 UserName: stolní pc
12:02:22.703 Initialize success
12:02:35.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
12:02:35.046 Disk 0 Vendor: ST340014A 3.06 Size: 38166MB BusType: 3
12:02:35.046 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
12:02:35.046 Disk 1 Vendor: WDC_WD1600JB-00GVC0 08.02D08 Size: 152627MB BusType: 3
12:02:35.187 Disk 0 MBR read successfully
12:02:35.187 Disk 0 MBR scan
12:02:35.187 Disk 0 Windows XP default MBR code
12:02:35.187 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38164 MB offset 2048
12:02:35.203 Disk 0 scanning sectors +78161920
12:02:35.406 Disk 0 scanning C:\WINDOWS\system32\drivers
12:02:42.625 Service scanning
12:03:00.468 Modules scanning
12:03:12.406 Disk 0 trace - called modules:
12:03:12.421 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys intelide.sys PCIIDEX.SYS
12:03:12.437 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f8fab8]
12:03:12.437 3 CLASSPNP.SYS[f766efd7] -> nt!IofCallDriver -> \Device\0000005c[0x86fcbf18]
12:03:12.437 5 ACPI.sys[f75e5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86fca940]
12:03:12.437 \Driver\atapi[0x86f4e628] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xf7b386c1]
12:03:12.437 Scan finished successfully
12:03:32.171 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\MBR.dat"
12:03:32.171 The log file has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\aswMBR.txt"
Spyware Doctor LOG Vyřešeno
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
piše mi to že mam v pc antivirus avast ale mam tam jen eset a ten jsem vypl
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
Stahl jsem http://www.avast.com/cs-cz/uninstall-utility a avast je pryč tak tady mate ten LOG z Conbofix :
ComboFix 13-11-23.02 - stolní pc 25.11.2013 23:12:34.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.562 [GMT 1:00]
Spuštěný z: c:\documents and settings\stolní pc\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\ikhcore.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 19:01 . 2013-11-25 19:01 -------- d-----w- c:\program files\CCleaner
2013-11-25 17:10 . 2013-11-25 17:14 -------- d-----w- c:\program files\Valve
2013-11-25 17:09 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2013-11-25 17:09 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2013-11-25 17:09 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2013-11-25 17:09 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2013-11-25 17:09 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2013-11-25 17:09 . 2013-11-25 17:09 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2013-11-25 17:09 . 2013-11-25 17:09 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2013-11-25 16:35 . 2013-11-25 16:35 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\vlc
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Keyphrene
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\KetchupTV
2013-11-25 15:44 . 2013-11-25 16:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2013-11-25 00:10 . 2013-11-25 00:10 -------- d-----w- c:\windows\ERUNT
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\program files\ESET
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2013-11-24 13:17 . 2013-11-24 14:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2013-11-24 11:16 . 2013-11-25 12:11 -------- d-----w- C:\AdwCleaner
2013-11-24 02:56 . 2013-11-24 02:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\TuneUp Software
2013-11-24 00:35 . 2013-11-24 19:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2013-11-23 23:01 . 2013-11-23 23:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-11-23 22:48 . 2013-11-23 22:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2013-11-23 21:30 . 2013-11-23 21:30 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\PCFixKit
2013-11-23 21:30 . 2013-11-23 21:33 -------- d-----w- c:\program files\PCFixKit
2013-11-23 20:15 . 2013-11-25 16:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-11-23 17:33 . 2005-07-06 16:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 17:13 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-11-22 21:50 . 2013-11-22 21:51 -------- d-----w- c:\documents and settings\Administrator
2013-11-21 12:30 . 2013-11-21 15:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2013-11-20 22:45 . 2013-11-20 22:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2013-11-17 21:27 . 2013-11-17 21:27 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\ESET
2013-11-16 22:18 . 2013-11-24 18:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-11-16 22:18 . 2013-11-16 22:18 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\MFAData
2013-11-16 22:10 . 2013-11-16 22:10 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ad-Aware Antivirus
2013-11-15 19:14 . 2013-11-15 19:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2013-11-15 01:29 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2013-11-15 01:29 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2013-11-15 01:29 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2013-11-15 01:04 . 2008-04-13 20:14 2560 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\USMT\iconlib.dll
2013-11-14 16:07 . 2013-11-14 16:07 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
2013-11-14 14:32 . 2013-11-14 14:32 -------- d-sh--w- c:\documents and settings\stolní pc\IECompatCache
2013-11-14 13:44 . 2013-11-14 13:45 -------- dc-h--w- c:\windows\ie8
2013-11-13 14:12 . 2013-11-19 20:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\ElevatedDiagnostics
2013-11-12 20:48 . 2013-11-12 21:15 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\YoWindow
2013-11-12 20:21 . 2013-11-12 20:22 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Dream Aquarium
2013-11-12 19:59 . 2013-11-12 20:00 -------- d-----w- c:\program files\Las Vegas Nightlife Screen Saver
2013-11-12 19:15 . 2013-11-12 19:15 566030 ----a-w- c:\windows\Flash Screensaver.scr
2013-11-11 23:46 . 2013-11-11 23:51 -------- d-----w- c:\program files\WiSE
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Malwarebytes
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\IObit
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Apple Computer
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\AppData
2013-11-01 21:47 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2013-11-01 21:47 . 2013-11-01 21:50 -------- d-----w- c:\program files\IObit
2013-11-01 10:44 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-10-31 09:10 . 2013-10-31 09:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-10-31 09:05 . 2013-10-31 09:05 -------- d-----w- c:\program files\GreenTree Applications
2013-10-31 08:55 . 2013-10-31 08:55 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\MPC-HC
2013-10-31 08:54 . 2013-10-31 08:58 -------- d-----w- c:\program files\XP Codec Pack
2013-10-29 12:11 . 2013-10-29 12:11 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
2013-10-29 10:06 . 2013-11-17 02:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer
2013-10-29 10:06 . 2013-10-29 10:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer Pro
2013-10-29 10:05 . 2013-10-29 10:05 -------- d-----w- c:\program files\Webteh
2013-10-28 10:12 . 2013-11-24 02:32 -------- dc----w- c:\windows\system32\DRVSTORE
2013-10-28 10:11 . 2013-10-28 10:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2013-10-28 10:07 . 2013-10-28 10:17 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Samsung
2013-10-28 10:06 . 2013-10-28 10:17 -------- d-----w- c:\program files\Samsung
2013-10-28 10:04 . 2013-10-28 10:04 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
2013-10-27 22:21 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:17 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-27 22:17 . 2013-10-27 22:17 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2013-10-27 22:14 . 2013-10-27 22:15 -------- d-----w- c:\program files\CrystalDiskInfo
2013-10-27 20:56 . 2013-10-27 20:58 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Adobe
2013-10-27 19:33 . 2013-10-27 19:33 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 14:36 . 2013-10-23 14:37 10523648 ----a-w- c:\windows\system32\RTLCPL.exe
2013-10-23 14:36 . 2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
2013-10-23 14:35 . 2013-10-23 14:36 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2013-10-23 14:35 . 2013-10-23 14:36 18788352 ----a-w- c:\windows\system32\alsndmgr.cpl
2013-10-23 14:35 . 2013-10-23 14:36 217088 ----a-w- c:\windows\Alcrmv.exe
2013-10-23 14:35 . 2013-10-23 14:37 40960 ----a-w- c:\windows\system32\ChCfg.exe
2013-10-23 14:35 . 2013-10-23 14:36 315392 ----a-w- c:\windows\alcupd.exe
2013-10-13 11:42 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-04-14 06:51 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-04-14 06:51 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-04-14 06:51 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-04-14 06:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 06:12 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-17 14:17 . 2013-09-17 14:17 184664 ----a-w- c:\windows\system32\drivers\eamon.sys
2013-09-17 14:17 . 2013-09-17 14:17 134248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-17 14:17 . 2013-09-17 14:17 118768 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2013-08-29 07:01 . 2008-04-14 05:45 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 06:52 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Documents and Settings\\stolní pc\\Dokumenty\\programy\\mortyr\\Mortyr 2\\Argon.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [17.9.2013 15:17 118768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.9.2013 12:06 1337752]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
SafeBoot-29284329.sys
MSConfigStartUp-Malwarebytes Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-25 23:20
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
.
Celkový čas: 2013-11-25 23:23:03
ComboFix-quarantined-files.txt 2013-11-25 22:23
ComboFix2.txt 2013-11-12 15:35
.
Před spuštěním: Volných bajtů: 22 703 157 248
Po spuštění: Volných bajtů: 22 685 634 560
.
- - End Of File - - 8C57B9D3C1DE905F00AC5989CD6C9A83
413FC2A0C716421B3158746D63736515
ComboFix 13-11-23.02 - stolní pc 25.11.2013 23:12:34.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.562 [GMT 1:00]
Spuštěný z: c:\documents and settings\stolní pc\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\ikhcore.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 19:01 . 2013-11-25 19:01 -------- d-----w- c:\program files\CCleaner
2013-11-25 17:10 . 2013-11-25 17:14 -------- d-----w- c:\program files\Valve
2013-11-25 17:09 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2013-11-25 17:09 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2013-11-25 17:09 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2013-11-25 17:09 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2013-11-25 17:09 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2013-11-25 17:09 . 2013-11-25 17:09 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2013-11-25 17:09 . 2013-11-25 17:09 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2013-11-25 16:35 . 2013-11-25 16:35 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\vlc
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Keyphrene
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\KetchupTV
2013-11-25 15:44 . 2013-11-25 16:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2013-11-25 00:10 . 2013-11-25 00:10 -------- d-----w- c:\windows\ERUNT
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\program files\ESET
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2013-11-24 13:17 . 2013-11-24 14:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2013-11-24 11:16 . 2013-11-25 12:11 -------- d-----w- C:\AdwCleaner
2013-11-24 02:56 . 2013-11-24 02:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\TuneUp Software
2013-11-24 00:35 . 2013-11-24 19:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2013-11-23 23:01 . 2013-11-23 23:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-11-23 22:48 . 2013-11-23 22:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2013-11-23 21:30 . 2013-11-23 21:30 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\PCFixKit
2013-11-23 21:30 . 2013-11-23 21:33 -------- d-----w- c:\program files\PCFixKit
2013-11-23 20:15 . 2013-11-25 16:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-11-23 17:33 . 2005-07-06 16:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 17:13 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-11-22 21:50 . 2013-11-22 21:51 -------- d-----w- c:\documents and settings\Administrator
2013-11-21 12:30 . 2013-11-21 15:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2013-11-20 22:45 . 2013-11-20 22:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2013-11-17 21:27 . 2013-11-17 21:27 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\ESET
2013-11-16 22:18 . 2013-11-24 18:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-11-16 22:18 . 2013-11-16 22:18 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\MFAData
2013-11-16 22:10 . 2013-11-16 22:10 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ad-Aware Antivirus
2013-11-15 19:14 . 2013-11-15 19:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2013-11-15 01:29 . 2008-04-14 07:51 9728 ------w- c:\windows\system32\rwnh.dll
2013-11-15 01:29 . 2008-04-14 07:51 10752 ------w- c:\windows\system32\smtpapi.dll
2013-11-15 01:29 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2013-11-15 01:04 . 2008-04-13 20:14 2560 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\USMT\iconlib.dll
2013-11-14 16:07 . 2013-11-14 16:07 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
2013-11-14 14:32 . 2013-11-14 14:32 -------- d-sh--w- c:\documents and settings\stolní pc\IECompatCache
2013-11-14 13:44 . 2013-11-14 13:45 -------- dc-h--w- c:\windows\ie8
2013-11-13 14:12 . 2013-11-19 20:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\ElevatedDiagnostics
2013-11-12 20:48 . 2013-11-12 21:15 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\YoWindow
2013-11-12 20:21 . 2013-11-12 20:22 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Dream Aquarium
2013-11-12 19:59 . 2013-11-12 20:00 -------- d-----w- c:\program files\Las Vegas Nightlife Screen Saver
2013-11-12 19:15 . 2013-11-12 19:15 566030 ----a-w- c:\windows\Flash Screensaver.scr
2013-11-11 23:46 . 2013-11-11 23:51 -------- d-----w- c:\program files\WiSE
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Malwarebytes
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\IObit
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Apple Computer
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\AppData
2013-11-01 21:47 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2013-11-01 21:47 . 2013-11-01 21:50 -------- d-----w- c:\program files\IObit
2013-11-01 10:44 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-10-31 09:10 . 2013-10-31 09:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-10-31 09:05 . 2013-10-31 09:05 -------- d-----w- c:\program files\GreenTree Applications
2013-10-31 08:55 . 2013-10-31 08:55 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\MPC-HC
2013-10-31 08:54 . 2013-10-31 08:58 -------- d-----w- c:\program files\XP Codec Pack
2013-10-29 12:11 . 2013-10-29 12:11 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
2013-10-29 10:06 . 2013-11-17 02:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer
2013-10-29 10:06 . 2013-10-29 10:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer Pro
2013-10-29 10:05 . 2013-10-29 10:05 -------- d-----w- c:\program files\Webteh
2013-10-28 10:12 . 2013-11-24 02:32 -------- dc----w- c:\windows\system32\DRVSTORE
2013-10-28 10:11 . 2013-10-28 10:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2013-10-28 10:07 . 2013-10-28 10:17 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Samsung
2013-10-28 10:06 . 2013-10-28 10:17 -------- d-----w- c:\program files\Samsung
2013-10-28 10:04 . 2013-10-28 10:04 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
2013-10-27 22:21 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:17 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-27 22:17 . 2013-10-27 22:17 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2013-10-27 22:14 . 2013-10-27 22:15 -------- d-----w- c:\program files\CrystalDiskInfo
2013-10-27 20:56 . 2013-10-27 20:58 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Adobe
2013-10-27 19:33 . 2013-10-27 19:33 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 14:36 . 2013-10-23 14:37 10523648 ----a-w- c:\windows\system32\RTLCPL.exe
2013-10-23 14:36 . 2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
2013-10-23 14:35 . 2013-10-23 14:36 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2013-10-23 14:35 . 2013-10-23 14:36 18788352 ----a-w- c:\windows\system32\alsndmgr.cpl
2013-10-23 14:35 . 2013-10-23 14:36 217088 ----a-w- c:\windows\Alcrmv.exe
2013-10-23 14:35 . 2013-10-23 14:37 40960 ----a-w- c:\windows\system32\ChCfg.exe
2013-10-23 14:35 . 2013-10-23 14:36 315392 ----a-w- c:\windows\alcupd.exe
2013-10-13 11:42 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-04-14 06:51 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-04-14 06:51 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-04-14 06:51 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-04-14 06:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 06:12 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-17 14:17 . 2013-09-17 14:17 184664 ----a-w- c:\windows\system32\drivers\eamon.sys
2013-09-17 14:17 . 2013-09-17 14:17 134248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-17 14:17 . 2013-09-17 14:17 118768 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2013-08-29 07:01 . 2008-04-14 05:45 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 06:52 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Documents and Settings\\stolní pc\\Dokumenty\\programy\\mortyr\\Mortyr 2\\Argon.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [17.9.2013 15:17 118768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.9.2013 12:06 1337752]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
SafeBoot-29284329.sys
MSConfigStartUp-Malwarebytes Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-25 23:20
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
.
Celkový čas: 2013-11-25 23:23:03
ComboFix-quarantined-files.txt 2013-11-25 22:23
ComboFix2.txt 2013-11-12 15:35
.
Před spuštěním: Volných bajtů: 22 703 157 248
Po spuštění: Volných bajtů: 22 685 634 560
.
- - End Of File - - 8C57B9D3C1DE905F00AC5989CD6C9A83
413FC2A0C716421B3158746D63736515
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\system32\drivers\sp_rsdrv2.sys
Folder::
c:\documents and settings\All Users\Data aplikací\Lavasoft
c:\documents and settings\All Users\Data aplikací\Avira
c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
c:\documents and settings\All Users\Data aplikací\Norton
c:\documents and settings\stolní pc\Data aplikací\Ad-Aware Antivirus
c:\documents and settings\stolní pc\Data aplikací\AVG
c:\documents and settings\All Users\Data aplikací\AVG
c:\program files\Skype\Updater
Driver::
SkypeUpdate
Esgiguard
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a8,a1,a6,55,a5,f7,d1,48,b2,3c,5a,\
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
ComboFix 13-11-23.02 - stolní pc 26.11.2013 13:45:47.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.588 [GMT 1:00]
Spuštěný z: c:\documents and settings\stolní pc\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\stolní pc\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\system32\drivers\sp_rsdrv2.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Legacy_SKYPEUPDATE
-------\Service_esgiguard
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 01:13 . 2013-11-26 03:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-25 19:01 . 2013-11-25 19:01 -------- d-----w- c:\program files\CCleaner
2013-11-25 17:10 . 2013-11-26 00:43 -------- d-----w- c:\program files\Valve
2013-11-25 16:35 . 2013-11-25 16:35 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\vlc
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Keyphrene
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\KetchupTV
2013-11-25 15:44 . 2013-11-25 16:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2013-11-25 00:10 . 2013-11-25 00:10 -------- d-----w- c:\windows\ERUNT
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\program files\ESET
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2013-11-24 13:17 . 2013-11-24 14:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2013-11-24 11:16 . 2013-11-26 03:22 -------- d-----w- C:\AdwCleaner
2013-11-24 02:56 . 2013-11-24 02:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\TuneUp Software
2013-11-24 00:35 . 2013-11-24 19:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2013-11-23 23:01 . 2013-11-23 23:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-11-23 22:48 . 2013-11-23 22:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2013-11-23 21:30 . 2013-11-23 21:30 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\PCFixKit
2013-11-23 21:30 . 2013-11-23 21:33 -------- d-----w- c:\program files\PCFixKit
2013-11-23 20:15 . 2013-11-25 16:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-11-23 17:33 . 2005-07-06 16:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 17:13 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-11-22 21:50 . 2013-11-22 21:51 -------- d-----w- c:\documents and settings\Administrator
2013-11-21 12:30 . 2013-11-21 15:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2013-11-20 22:45 . 2013-11-20 22:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2013-11-17 21:27 . 2013-11-17 21:27 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\ESET
2013-11-16 22:18 . 2013-11-24 18:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-11-16 22:18 . 2013-11-16 22:18 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\MFAData
2013-11-16 22:10 . 2013-11-16 22:10 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ad-Aware Antivirus
2013-11-15 19:14 . 2013-11-15 19:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2013-11-15 01:29 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2013-11-15 01:04 . 2008-04-13 20:14 2560 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\USMT\iconlib.dll
2013-11-14 16:07 . 2013-11-14 16:07 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
2013-11-14 14:32 . 2013-11-14 14:32 -------- d-sh--w- c:\documents and settings\stolní pc\IECompatCache
2013-11-14 13:44 . 2013-11-14 13:45 -------- dc-h--w- c:\windows\ie8
2013-11-13 14:12 . 2013-11-19 20:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\ElevatedDiagnostics
2013-11-12 20:48 . 2013-11-12 21:15 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\YoWindow
2013-11-12 20:21 . 2013-11-12 20:22 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Dream Aquarium
2013-11-12 19:59 . 2013-11-12 20:00 -------- d-----w- c:\program files\Las Vegas Nightlife Screen Saver
2013-11-12 19:15 . 2013-11-12 19:15 566030 ----a-w- c:\windows\Flash Screensaver.scr
2013-11-11 23:46 . 2013-11-11 23:51 -------- d-----w- c:\program files\WiSE
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Malwarebytes
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\IObit
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Apple Computer
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\AppData
2013-11-01 21:47 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2013-11-01 21:47 . 2013-11-01 21:50 -------- d-----w- c:\program files\IObit
2013-11-01 10:44 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-10-31 09:10 . 2013-11-26 03:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-10-31 09:05 . 2013-10-31 09:05 -------- d-----w- c:\program files\GreenTree Applications
2013-10-31 08:55 . 2013-10-31 08:55 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\MPC-HC
2013-10-31 08:54 . 2013-10-31 08:58 -------- d-----w- c:\program files\XP Codec Pack
2013-10-29 12:11 . 2013-10-29 12:11 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
2013-10-29 10:06 . 2013-11-17 02:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer
2013-10-29 10:06 . 2013-10-29 10:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer Pro
2013-10-29 10:05 . 2013-10-29 10:05 -------- d-----w- c:\program files\Webteh
2013-10-28 10:12 . 2013-11-24 02:32 -------- dc----w- c:\windows\system32\DRVSTORE
2013-10-28 10:11 . 2013-10-28 10:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2013-10-28 10:07 . 2013-10-28 10:17 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Samsung
2013-10-28 10:06 . 2013-10-28 10:17 -------- d-----w- c:\program files\Samsung
2013-10-28 10:04 . 2013-10-28 10:04 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
2013-10-27 22:21 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:17 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-27 22:17 . 2013-10-27 22:17 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2013-10-27 22:14 . 2013-10-27 22:15 -------- d-----w- c:\program files\CrystalDiskInfo
2013-10-27 20:56 . 2013-10-27 20:58 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Adobe
2013-10-27 19:33 . 2013-10-27 19:33 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 14:36 . 2013-10-23 14:37 10523648 ----a-w- c:\windows\system32\RTLCPL.exe
2013-10-23 14:36 . 2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
2013-10-23 14:35 . 2013-10-23 14:36 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2013-10-23 14:35 . 2013-10-23 14:36 18788352 ----a-w- c:\windows\system32\alsndmgr.cpl
2013-10-23 14:35 . 2013-10-23 14:36 217088 ----a-w- c:\windows\Alcrmv.exe
2013-10-23 14:35 . 2013-10-23 14:37 40960 ----a-w- c:\windows\system32\ChCfg.exe
2013-10-23 14:35 . 2013-10-23 14:36 315392 ----a-w- c:\windows\alcupd.exe
2013-10-13 11:42 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-04-14 06:51 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-04-14 06:51 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-04-14 06:51 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-04-14 06:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 06:12 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-17 14:17 . 2013-09-17 14:17 184664 ----a-w- c:\windows\system32\drivers\eamon.sys
2013-09-17 14:17 . 2013-09-17 14:17 134248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-17 14:17 . 2013-09-17 14:17 118768 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2013-08-29 07:01 . 2008-04-14 05:45 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 06:52 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"SkypeUpdate"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Documents and Settings\\stolní pc\\Dokumenty\\programy\\mortyr\\Mortyr 2\\Argon.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [17.9.2013 15:17 118768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.9.2013 12:06 1337752]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-26 13:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2024)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-11-26 13:58:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-26 12:58
ComboFix2.txt 2013-11-12 15:35
.
Před spuštěním: Volných bajtů: 22 924 541 952
Po spuštění: Volných bajtů: 22 896 312 320
.
- - End Of File - - A17062C490E23921083EC768C64673A0
413FC2A0C716421B3158746D63736515
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.588 [GMT 1:00]
Spuštěný z: c:\documents and settings\stolní pc\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\stolní pc\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\system32\drivers\sp_rsdrv2.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Legacy_SKYPEUPDATE
-------\Service_esgiguard
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 01:13 . 2013-11-26 03:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-11-25 19:01 . 2013-11-25 19:01 -------- d-----w- c:\program files\CCleaner
2013-11-25 17:10 . 2013-11-26 00:43 -------- d-----w- c:\program files\Valve
2013-11-25 16:35 . 2013-11-25 16:35 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\vlc
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Keyphrene
2013-11-25 16:31 . 2013-11-25 16:31 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\KetchupTV
2013-11-25 15:44 . 2013-11-25 16:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2013-11-25 00:10 . 2013-11-25 00:10 -------- d-----w- c:\windows\ERUNT
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\program files\ESET
2013-11-24 20:08 . 2013-11-24 20:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2013-11-24 14:53 . 2013-11-24 14:53 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2013-11-24 13:17 . 2013-11-24 14:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2013-11-24 11:16 . 2013-11-26 03:22 -------- d-----w- C:\AdwCleaner
2013-11-24 02:56 . 2013-11-24 02:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\TuneUp Software
2013-11-24 00:35 . 2013-11-24 19:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2013-11-23 23:01 . 2013-11-23 23:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-11-23 22:48 . 2013-11-23 22:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2013-11-23 21:30 . 2013-11-23 21:30 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\PCFixKit
2013-11-23 21:30 . 2013-11-23 21:33 -------- d-----w- c:\program files\PCFixKit
2013-11-23 20:15 . 2013-11-25 16:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-11-23 17:33 . 2005-07-06 16:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 17:13 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-11-22 21:50 . 2013-11-22 21:51 -------- d-----w- c:\documents and settings\Administrator
2013-11-21 12:30 . 2013-11-21 15:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2013-11-20 22:45 . 2013-11-20 22:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2013-11-17 21:27 . 2013-11-17 21:27 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\ESET
2013-11-16 22:18 . 2013-11-24 18:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-11-16 22:18 . 2013-11-16 22:18 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\MFAData
2013-11-16 22:10 . 2013-11-16 22:10 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ad-Aware Antivirus
2013-11-15 19:14 . 2013-11-15 19:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2013-11-15 01:29 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2013-11-15 01:04 . 2008-04-13 20:14 2560 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\USMT\iconlib.dll
2013-11-14 16:07 . 2013-11-14 16:07 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
2013-11-14 14:32 . 2013-11-14 14:32 -------- d-sh--w- c:\documents and settings\stolní pc\IECompatCache
2013-11-14 13:44 . 2013-11-14 13:45 -------- dc-h--w- c:\windows\ie8
2013-11-13 14:12 . 2013-11-19 20:56 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\ElevatedDiagnostics
2013-11-12 20:48 . 2013-11-12 21:15 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\YoWindow
2013-11-12 20:21 . 2013-11-12 20:22 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Dream Aquarium
2013-11-12 19:59 . 2013-11-12 20:00 -------- d-----w- c:\program files\Las Vegas Nightlife Screen Saver
2013-11-12 19:15 . 2013-11-12 19:15 566030 ----a-w- c:\windows\Flash Screensaver.scr
2013-11-11 23:46 . 2013-11-11 23:51 -------- d-----w- c:\program files\WiSE
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Malwarebytes
2013-11-04 13:06 . 2013-11-04 13:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\IObit
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Apple Computer
2013-11-01 21:51 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\stolní pc\AppData
2013-11-01 21:47 . 2013-11-01 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2013-11-01 21:47 . 2013-11-01 21:50 -------- d-----w- c:\program files\IObit
2013-11-01 10:44 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-10-31 09:10 . 2013-11-26 03:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-10-31 09:05 . 2013-10-31 09:05 -------- d-----w- c:\program files\GreenTree Applications
2013-10-31 08:55 . 2013-10-31 08:55 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\MPC-HC
2013-10-31 08:54 . 2013-10-31 08:58 -------- d-----w- c:\program files\XP Codec Pack
2013-10-29 12:11 . 2013-10-29 12:11 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
2013-10-29 10:06 . 2013-11-17 02:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer
2013-10-29 10:06 . 2013-10-29 10:06 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer Pro
2013-10-29 10:05 . 2013-10-29 10:05 -------- d-----w- c:\program files\Webteh
2013-10-28 10:12 . 2013-11-24 02:32 -------- dc----w- c:\windows\system32\DRVSTORE
2013-10-28 10:11 . 2013-10-28 10:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2013-10-28 10:07 . 2013-10-28 10:17 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Samsung
2013-10-28 10:06 . 2013-10-28 10:17 -------- d-----w- c:\program files\Samsung
2013-10-28 10:04 . 2013-10-28 10:04 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
2013-10-27 22:21 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-10-27 22:17 . 2013-10-27 22:17 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-27 22:17 . 2013-10-27 22:17 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2013-10-27 22:14 . 2013-10-27 22:15 -------- d-----w- c:\program files\CrystalDiskInfo
2013-10-27 20:56 . 2013-10-27 20:58 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Adobe
2013-10-27 19:33 . 2013-10-27 19:33 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 14:36 . 2013-10-23 14:37 10523648 ----a-w- c:\windows\system32\RTLCPL.exe
2013-10-23 14:36 . 2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
2013-10-23 14:35 . 2013-10-23 14:36 135168 ----a-w- c:\windows\system32\RtlCPAPI.dll
2013-10-23 14:35 . 2013-10-23 14:36 18788352 ----a-w- c:\windows\system32\alsndmgr.cpl
2013-10-23 14:35 . 2013-10-23 14:36 217088 ----a-w- c:\windows\Alcrmv.exe
2013-10-23 14:35 . 2013-10-23 14:37 40960 ----a-w- c:\windows\system32\ChCfg.exe
2013-10-23 14:35 . 2013-10-23 14:36 315392 ----a-w- c:\windows\alcupd.exe
2013-10-13 11:42 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2008-04-14 06:51 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2008-04-14 06:51 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2008-04-14 06:51 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2008-04-14 06:51 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 06:12 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-17 14:17 . 2013-09-17 14:17 184664 ----a-w- c:\windows\system32\drivers\eamon.sys
2013-09-17 14:17 . 2013-09-17 14:17 134248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-17 14:17 . 2013-09-17 14:17 118768 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2013-08-29 07:01 . 2008-04-14 05:45 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 06:52 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-10-21 14:27 20549280 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2013-10-23 14:36 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"SkypeUpdate"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Documents and Settings\\stolní pc\\Dokumenty\\programy\\mortyr\\Mortyr 2\\Argon.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [17.9.2013 15:17 118768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.9.2013 12:06 1337752]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-26 13:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2024)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-11-26 13:58:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-26 12:58
ComboFix2.txt 2013-11-12 15:35
.
Před spuštěním: Volných bajtů: 22 924 541 952
Po spuštění: Volných bajtů: 22 896 312 320
.
- - End Of File - - A17062C490E23921083EC768C64673A0
413FC2A0C716421B3158746D63736515
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:26, on 26.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
--
End of file - 2077 bytes
Scan saved at 14:07:26, on 26.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
--
End of file - 2077 bytes
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-26 14:10:11
-----------------------------
14:10:11.312 OS Version: Windows 5.1.2600 Service Pack 3
14:10:11.312 Number of processors: 1 586 0x103
14:10:11.312 ComputerName: PC-F5CE6C3DE1A7 UserName: stolní pc
14:10:11.687 Initialize success
14:10:21.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:10:21.265 Disk 0 Vendor: ST340014A 3.06 Size: 38166MB BusType: 3
14:10:21.265 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
14:10:21.265 Disk 1 Vendor: WDC_WD1600JB-00GVC0 08.02D08 Size: 152627MB BusType: 3
14:10:21.375 Disk 0 MBR read successfully
14:10:21.375 Disk 0 MBR scan
14:10:21.375 Disk 0 Windows XP default MBR code
14:10:21.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38164 MB offset 2048
14:10:21.390 Disk 0 scanning sectors +78161920
14:10:21.515 Disk 0 scanning C:\WINDOWS\system32\drivers
14:10:27.015 Service scanning
14:10:42.218 Modules scanning
14:10:53.281 Disk 0 trace - called modules:
14:10:53.296 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys intelide.sys PCIIDEX.SYS
14:10:53.312 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f81ab8]
14:10:53.312 3 CLASSPNP.SYS[f76a7fd7] -> nt!IofCallDriver -> \Device\0000005d[0x86f6d0c0]
14:10:53.312 5 ACPI.sys[f761e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86fcbd98]
14:10:53.312 \Driver\atapi[0x86f6b6c0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xf7b716c1]
14:10:53.312 Scan finished successfully
14:11:16.328 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\MBR.dat"
14:11:16.343 The log file has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\aswMBR.txt"
Run date: 2013-11-26 14:10:11
-----------------------------
14:10:11.312 OS Version: Windows 5.1.2600 Service Pack 3
14:10:11.312 Number of processors: 1 586 0x103
14:10:11.312 ComputerName: PC-F5CE6C3DE1A7 UserName: stolní pc
14:10:11.687 Initialize success
14:10:21.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:10:21.265 Disk 0 Vendor: ST340014A 3.06 Size: 38166MB BusType: 3
14:10:21.265 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
14:10:21.265 Disk 1 Vendor: WDC_WD1600JB-00GVC0 08.02D08 Size: 152627MB BusType: 3
14:10:21.375 Disk 0 MBR read successfully
14:10:21.375 Disk 0 MBR scan
14:10:21.375 Disk 0 Windows XP default MBR code
14:10:21.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38164 MB offset 2048
14:10:21.390 Disk 0 scanning sectors +78161920
14:10:21.515 Disk 0 scanning C:\WINDOWS\system32\drivers
14:10:27.015 Service scanning
14:10:42.218 Modules scanning
14:10:53.281 Disk 0 trace - called modules:
14:10:53.296 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys intelide.sys PCIIDEX.SYS
14:10:53.312 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f81ab8]
14:10:53.312 3 CLASSPNP.SYS[f76a7fd7] -> nt!IofCallDriver -> \Device\0000005d[0x86f6d0c0]
14:10:53.312 5 ACPI.sys[f761e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86fcbd98]
14:10:53.312 \Driver\atapi[0x86f6b6c0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xf7b716c1]
14:10:53.312 Scan finished successfully
14:11:16.328 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\MBR.dat"
14:11:16.343 The log file has been saved successfully to "C:\Documents and Settings\stolní pc\Plocha\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
OTL logfile created on: 26.11.2013 20:26:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 682,93 Mb Available Physical Memory | 66,73% Memory free
2,41 Gb Paging File | 2,19 Gb Available in Paging File | 91,09% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 24,23 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 44,38 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 38,40 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Computer Name: PC-F5CE6C3DE1A7 | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\stolní pc\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (prohlp02) -- C:\WINDOWS\system32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\system32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\system32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\system32\drivers\sfhlp01.sys (Protection Technology)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.10.25 16:08:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.11.24 21:08:39 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Ask.com (Enabled)
CHR - default_search_provider: search_url = http://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.seznam.cz/
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2013.11.26 13:54:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1102FA41-72E9-407F-8A52-7C308987B50C}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.10.23 14:44:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.11.26 20:24:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2013.11.26 20:12:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\stolní pc\Recent
[2013.11.26 20:11:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.11.26 13:59:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.11.26 13:40:26 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
[2013.11.26 04:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader
[2013.11.26 02:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2013.11.25 20:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2013.11.25 20:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.25 18:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2013.11.25 17:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\vlc
[2013.11.25 17:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Keyphrene
[2013.11.25 17:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\KetchupTV
[2013.11.25 16:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2013.11.25 01:10:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.25 01:09:12 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\stolní pc\Plocha\JRT.exe
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.24 20:36:13 | 001,681,800 | ---- | C] (ESET) -- C:\Documents and Settings\stolní pc\Plocha\eset_nod32_antivirus_live_installer_.exe
[2013.11.24 16:13:25 | 005,049,344 | ---- | C] (Crawler.com ) -- C:\Documents and Settings\stolní pc\Plocha\SpywareTerminatorSetup.exe
[2013.11.24 14:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2013.11.24 12:16:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.24 12:10:55 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\TFC.exe
[2013.11.24 12:08:49 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe
[2013.11.24 04:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Application Data
[2013.11.24 03:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\TuneUp Software
[2013.11.24 03:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2013.11.24 01:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2013.11.24 00:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.11.23 23:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2013.11.23 22:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\PCFixKit
[2013.11.23 22:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\PCFixKit
[2013.11.23 21:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.11.21 13:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Norton
[2013.11.21 13:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
[2013.11.20 23:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\ESET
[2013.11.19 00:09:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013.11.17 22:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\ESET
[2013.11.16 23:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\MFAData
[2013.11.16 23:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.11.16 23:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Ad-Aware Antivirus
[2013.11.15 20:14:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2013.11.15 14:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Dokumenty\aktualizace listopad 2013
[2013.11.15 08:58:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.11.15 02:29:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2013.11.14 17:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
[2013.11.14 15:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.11.14 15:32:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\stolní pc\IECompatCache
[2013.11.14 14:44:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.11.14 14:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows PowerShell 1.0
[2013.11.13 15:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\ElevatedDiagnostics
[2013.11.12 21:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\YoWindow
[2013.11.12 21:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Dream Aquarium
[2013.11.12 20:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Las Vegas Nightlife Screen Saver
[2013.11.12 16:09:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\Nástroje pro správu
[2013.11.12 16:09:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\stolní pc\Dokumenty\Filmy
[2013.11.12 16:09:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.11.12 00:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\WiSE
[2013.11.04 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Malwarebytes
[2013.11.04 14:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.11.01 22:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\IObit
[2013.11.01 22:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.11.01 22:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Apple Computer
[2013.11.01 22:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\AppData
[2013.11.01 22:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.11.01 22:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013.11.01 11:45:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013.11.01 11:45:18 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013.11.01 11:45:17 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013.11.01 11:45:03 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013.11.01 11:45:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013.11.01 11:45:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013.11.01 11:45:01 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013.11.01 11:45:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013.11.01 11:44:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013.11.01 11:44:59 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013.11.01 11:44:58 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013.11.01 11:44:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013.11.01 11:44:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013.10.31 10:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.10.31 10:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013.10.31 09:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\MPC-HC
[2013.10.31 09:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2013.10.31 09:01:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mortyr 2
[2013.10.29 13:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
[2013.10.29 11:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\BS.Player
[2013.10.29 11:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer Pro
[2013.10.29 11:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer
[2013.10.29 11:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2013.10.28 11:12:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013.10.28 11:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.10.28 11:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Samsung
[2013.10.28 11:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013.10.28 11:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
[2013.10.27 23:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\AVG
[2013.10.27 23:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.10.27 23:17:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.10.27 23:17:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.10.27 23:14:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2013.10.27 23:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\WinRAR
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\WinRAR
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2013.10.27 22:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.10.27 21:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Macromedia
[2013.10.27 21:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Adobe
[2013.10.27 21:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Adobe
[2013.10.27 20:34:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.10.27 20:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Windows Search
========== Files - Modified Within 30 Days ==========
[2013.11.26 20:24:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2013.11.26 20:21:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.26 20:21:16 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.26 20:21:16 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.26 13:54:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.11.26 13:40:37 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
[2013.11.26 04:30:08 | 000,481,766 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.26 04:30:08 | 000,477,042 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.26 04:30:08 | 000,092,926 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.26 04:30:08 | 000,080,222 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.26 04:26:35 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.11.26 04:08:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.11.26 04:08:10 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.11.26 04:08:10 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.11.26 01:47:47 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013.11.26 01:31:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.25 23:03:27 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.11.25 20:01:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.11.25 13:00:01 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\Skype.lnk
[2013.11.25 01:09:34 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\stolní pc\Plocha\JRT.exe
[2013.11.24 21:08:50 | 000,001,773 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\ESET NOD32 Antivirus.lnk
[2013.11.24 20:36:19 | 001,681,800 | ---- | M] (ESET) -- C:\Documents and Settings\stolní pc\Plocha\eset_nod32_antivirus_live_installer_.exe
[2013.11.24 16:13:38 | 005,049,344 | ---- | M] (Crawler.com ) -- C:\Documents and Settings\stolní pc\Plocha\SpywareTerminatorSetup.exe
[2013.11.24 12:11:23 | 001,091,882 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\adwcleaner.exe
[2013.11.24 12:10:58 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\TFC.exe
[2013.11.24 12:08:52 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe
[2013.11.12 20:51:36 | 000,000,025 | ---- | M] () -- C:\WINDOWS\fls.002
[2013.11.12 20:15:24 | 000,566,030 | ---- | M] () -- C:\WINDOWS\Flash Screensaver.scr
[2013.10.31 11:22:30 | 000,001,072 | ---- | M] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.10.31 09:56:07 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.31 09:02:03 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\Mortyr 2.lnk
[2013.10.29 14:10:56 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013.10.29 14:10:56 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013.10.29 11:07:54 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\BS.Player FREE.lnk
[2013.10.27 23:14:38 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\CrystalDiskInfo.lnk
========== Files Created - No Company Name ==========
[2013.11.26 04:30:04 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.11.26 02:06:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.11.26 02:06:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.11.25 23:05:12 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2013.11.25 20:01:11 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.11.24 21:08:50 | 000,001,773 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\ESET NOD32 Antivirus.lnk
[2013.11.24 12:11:20 | 001,091,882 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\adwcleaner.exe
[2013.11.24 09:35:38 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\Outlook Express.lnk
[2013.11.23 18:13:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2013.11.21 14:35:17 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.11.17 02:49:09 | 000,083,246 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1004336348-1284227242-515967899-1005-0.dat
[2013.11.17 01:55:28 | 000,083,246 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.11.12 20:51:36 | 000,000,025 | ---- | C] () -- C:\WINDOWS\fls.002
[2013.11.12 20:15:23 | 000,566,030 | ---- | C] () -- C:\WINDOWS\Flash Screensaver.scr
[2013.10.31 11:22:30 | 000,001,072 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.10.31 10:05:49 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.10.31 09:02:03 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\Mortyr 2.lnk
[2013.10.29 14:09:16 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013.10.29 14:09:16 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013.10.29 13:44:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.29 11:07:54 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\BS.Player FREE.lnk
[2013.10.27 23:14:38 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\CrystalDiskInfo.lnk
[2013.10.26 10:27:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\fusioncache.dat
[2013.10.25 11:07:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.10.23 16:31:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.23 16:30:22 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.23 15:37:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.10.23 15:36:58 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.10.23 14:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.10.23 14:39:50 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2013.10.24 16:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.11.15 18:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.10.27 23:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.11.24 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2013.10.27 23:17:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.11.24 21:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.01 22:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.11.24 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.10.28 11:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.11.23 23:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2013.11.24 00:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.11.26 04:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.10.27 23:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.11.01 22:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.11.16 23:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Ad-Aware Antivirus
[2013.10.23 15:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\AVAST Software
[2013.10.27 23:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\AVG
[2013.11.17 03:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer
[2013.10.29 11:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer Pro
[2013.11.12 21:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Dream Aquarium
[2013.11.19 21:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\ElevatedDiagnostics
[2013.11.01 22:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\IObit
[2013.11.25 17:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\KetchupTV
[2013.10.31 09:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\MPC-HC
[2013.11.23 22:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\PCFixKit
[2013.10.28 11:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Samsung
[2013.11.24 03:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\TuneUp Software
[2013.10.27 20:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Windows Search
[2013.11.12 22:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\YoWindow
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 682,93 Mb Available Physical Memory | 66,73% Memory free
2,41 Gb Paging File | 2,19 Gb Available in Paging File | 91,09% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 24,23 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 44,38 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 38,40 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Computer Name: PC-F5CE6C3DE1A7 | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\stolní pc\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (prohlp02) -- C:\WINDOWS\system32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\system32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\system32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\system32\drivers\sfhlp01.sys (Protection Technology)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.10.25 16:08:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.11.24 21:08:39 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Ask.com (Enabled)
CHR - default_search_provider: search_url = http://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.seznam.cz/
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2013.11.26 13:54:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1102FA41-72E9-407F-8A52-7C308987B50C}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.10.23 14:44:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.11.26 20:24:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2013.11.26 20:12:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\stolní pc\Recent
[2013.11.26 20:11:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.11.26 13:59:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.11.26 13:40:26 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
[2013.11.26 04:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader
[2013.11.26 02:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2013.11.25 20:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2013.11.25 20:01:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.25 18:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2013.11.25 17:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\vlc
[2013.11.25 17:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Keyphrene
[2013.11.25 17:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\KetchupTV
[2013.11.25 16:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2013.11.25 01:10:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.25 01:09:12 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\stolní pc\Plocha\JRT.exe
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2013.11.24 21:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.24 20:36:13 | 001,681,800 | ---- | C] (ESET) -- C:\Documents and Settings\stolní pc\Plocha\eset_nod32_antivirus_live_installer_.exe
[2013.11.24 16:13:25 | 005,049,344 | ---- | C] (Crawler.com ) -- C:\Documents and Settings\stolní pc\Plocha\SpywareTerminatorSetup.exe
[2013.11.24 14:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2013.11.24 12:16:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.24 12:10:55 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\TFC.exe
[2013.11.24 12:08:49 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe
[2013.11.24 04:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Application Data
[2013.11.24 03:56:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\TuneUp Software
[2013.11.24 03:47:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2013.11.24 01:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2013.11.24 00:01:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.11.23 23:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2013.11.23 22:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\PCFixKit
[2013.11.23 22:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\PCFixKit
[2013.11.23 21:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.11.21 13:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Norton
[2013.11.21 13:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
[2013.11.20 23:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\ESET
[2013.11.19 00:09:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013.11.17 22:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\ESET
[2013.11.16 23:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\MFAData
[2013.11.16 23:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.11.16 23:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Ad-Aware Antivirus
[2013.11.15 20:14:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2013.11.15 14:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Dokumenty\aktualizace listopad 2013
[2013.11.15 08:58:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.11.15 02:29:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2013.11.14 17:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Supremus Corporation
[2013.11.14 15:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.11.14 15:32:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\stolní pc\IECompatCache
[2013.11.14 14:44:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.11.14 14:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows PowerShell 1.0
[2013.11.13 15:12:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\ElevatedDiagnostics
[2013.11.12 21:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\YoWindow
[2013.11.12 21:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Dream Aquarium
[2013.11.12 20:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Las Vegas Nightlife Screen Saver
[2013.11.12 16:09:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\Nástroje pro správu
[2013.11.12 16:09:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\stolní pc\Dokumenty\Filmy
[2013.11.12 16:09:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.11.12 00:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\WiSE
[2013.11.04 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Malwarebytes
[2013.11.04 14:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.11.01 22:51:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\IObit
[2013.11.01 22:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.11.01 22:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Apple Computer
[2013.11.01 22:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\AppData
[2013.11.01 22:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.11.01 22:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013.11.01 11:45:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013.11.01 11:45:18 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013.11.01 11:45:17 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013.11.01 11:45:03 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013.11.01 11:45:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013.11.01 11:45:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013.11.01 11:45:01 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013.11.01 11:45:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013.11.01 11:44:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013.11.01 11:44:59 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013.11.01 11:44:58 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013.11.01 11:44:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013.11.01 11:44:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013.10.31 10:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.10.31 10:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013.10.31 09:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\MPC-HC
[2013.10.31 09:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2013.10.31 09:01:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mortyr 2
[2013.10.29 13:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft Corporation
[2013.10.29 11:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\BS.Player
[2013.10.29 11:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer Pro
[2013.10.29 11:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer
[2013.10.29 11:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2013.10.28 11:12:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013.10.28 11:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.10.28 11:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Samsung
[2013.10.28 11:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013.10.28 11:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Downloaded Installations
[2013.10.27 23:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\AVG
[2013.10.27 23:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.10.27 23:17:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.10.27 23:17:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.10.27 23:14:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2013.10.27 23:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\WinRAR
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\WinRAR
[2013.10.27 22:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2013.10.27 22:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.10.27 21:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Macromedia
[2013.10.27 21:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Adobe
[2013.10.27 21:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Adobe
[2013.10.27 20:34:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.10.27 20:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Data aplikací\Windows Search
========== Files - Modified Within 30 Days ==========
[2013.11.26 20:24:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2013.11.26 20:21:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.26 20:21:16 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.26 20:21:16 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.26 13:54:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.11.26 13:40:37 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
[2013.11.26 04:30:08 | 000,481,766 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.26 04:30:08 | 000,477,042 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.26 04:30:08 | 000,092,926 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.26 04:30:08 | 000,080,222 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.26 04:26:35 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.11.26 04:08:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.11.26 04:08:10 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.11.26 04:08:10 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.11.26 01:47:47 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013.11.26 01:31:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.25 23:03:27 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.11.25 20:01:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.11.25 13:00:01 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\Skype.lnk
[2013.11.25 01:09:34 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\stolní pc\Plocha\JRT.exe
[2013.11.24 21:08:50 | 000,001,773 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\ESET NOD32 Antivirus.lnk
[2013.11.24 20:36:19 | 001,681,800 | ---- | M] (ESET) -- C:\Documents and Settings\stolní pc\Plocha\eset_nod32_antivirus_live_installer_.exe
[2013.11.24 16:13:38 | 005,049,344 | ---- | M] (Crawler.com ) -- C:\Documents and Settings\stolní pc\Plocha\SpywareTerminatorSetup.exe
[2013.11.24 12:11:23 | 001,091,882 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\adwcleaner.exe
[2013.11.24 12:10:58 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\TFC.exe
[2013.11.24 12:08:52 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe
[2013.11.12 20:51:36 | 000,000,025 | ---- | M] () -- C:\WINDOWS\fls.002
[2013.11.12 20:15:24 | 000,566,030 | ---- | M] () -- C:\WINDOWS\Flash Screensaver.scr
[2013.10.31 11:22:30 | 000,001,072 | ---- | M] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.10.31 09:56:07 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.31 09:02:03 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\Mortyr 2.lnk
[2013.10.29 14:10:56 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013.10.29 14:10:56 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013.10.29 11:07:54 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\BS.Player FREE.lnk
[2013.10.27 23:14:38 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\CrystalDiskInfo.lnk
========== Files Created - No Company Name ==========
[2013.11.26 04:30:04 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.11.26 02:06:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.11.26 02:06:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.11.25 23:05:12 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2013.11.25 20:01:11 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.11.24 21:08:50 | 000,001,773 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\ESET NOD32 Antivirus.lnk
[2013.11.24 12:11:20 | 001,091,882 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\adwcleaner.exe
[2013.11.24 09:35:38 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\stolní pc\Nabídka Start\Programy\Outlook Express.lnk
[2013.11.23 18:13:05 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2013.11.21 14:35:17 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.11.17 02:49:09 | 000,083,246 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1004336348-1284227242-515967899-1005-0.dat
[2013.11.17 01:55:28 | 000,083,246 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.11.12 20:51:36 | 000,000,025 | ---- | C] () -- C:\WINDOWS\fls.002
[2013.11.12 20:15:23 | 000,566,030 | ---- | C] () -- C:\WINDOWS\Flash Screensaver.scr
[2013.10.31 11:22:30 | 000,001,072 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.10.31 10:05:49 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.10.31 09:02:03 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\Mortyr 2.lnk
[2013.10.29 14:09:16 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013.10.29 14:09:16 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013.10.29 13:44:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.29 11:07:54 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\BS.Player FREE.lnk
[2013.10.27 23:14:38 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\stolní pc\Plocha\CrystalDiskInfo.lnk
[2013.10.26 10:27:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\fusioncache.dat
[2013.10.25 11:07:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.10.23 16:31:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.23 16:30:22 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.23 15:37:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.10.23 15:36:58 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.10.23 14:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.10.23 14:39:50 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2013.10.24 16:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.11.15 18:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.10.27 23:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.11.24 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2013.10.27 23:17:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.11.24 21:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.01 22:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.11.24 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.10.28 11:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.11.23 23:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2013.11.24 00:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.11.26 04:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.10.27 23:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.11.01 22:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.11.16 23:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Ad-Aware Antivirus
[2013.10.23 15:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\AVAST Software
[2013.10.27 23:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\AVG
[2013.11.17 03:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer
[2013.10.29 11:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer Pro
[2013.11.12 21:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Dream Aquarium
[2013.11.19 21:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\ElevatedDiagnostics
[2013.11.01 22:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\IObit
[2013.11.25 17:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\KetchupTV
[2013.10.31 09:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\MPC-HC
[2013.11.23 22:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\PCFixKit
[2013.10.28 11:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Samsung
[2013.11.24 03:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\TuneUp Software
[2013.10.27 20:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Windows Search
[2013.11.12 22:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\YoWindow
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
OTL Extras logfile created on: 26.11.2013 20:26:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 682,93 Mb Available Physical Memory | 66,73% Memory free
2,41 Gb Paging File | 2,19 Gb Available in Paging File | 91,09% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 24,23 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 44,38 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 38,40 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Computer Name: PC-F5CE6C3DE1A7 | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Documents and Settings\stolní pc\Dokumenty\programy\mortyr\Mortyr 2\Argon.exe" = C:\Documents and Settings\stolní pc\Dokumenty\programy\mortyr\Mortyr 2\Argon.exe:*:Enabled:Argon -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{490C412C-8F1F-4351-9E11-C950159DC86F}" = ESET NOD32 Antivirus
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.0.0
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mortyr2_is1" = Mortyr 2 v 1.350
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.11.2013 5:26:24 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 8:54:53 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 8:54:54 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 8:55:09 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 14:24:38 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 15:21:57 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
[ System Events ]
Error - 26.11.2013 14:24:22 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:38 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 26.11.2013 14:24:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde
Error - 26.11.2013 15:20:44 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:50 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 26.11.2013 15:21:57 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 682,93 Mb Available Physical Memory | 66,73% Memory free
2,41 Gb Paging File | 2,19 Gb Available in Paging File | 91,09% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 24,23 Gb Free Space | 65,02% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 44,38 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 38,40 Gb Free Space | 39,08% Space Free | Partition Type: NTFS
Computer Name: PC-F5CE6C3DE1A7 | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Documents and Settings\stolní pc\Dokumenty\programy\mortyr\Mortyr 2\Argon.exe" = C:\Documents and Settings\stolní pc\Dokumenty\programy\mortyr\Mortyr 2\Argon.exe:*:Enabled:Argon -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{490C412C-8F1F-4351-9E11-C950159DC86F}" = ESET NOD32 Antivirus
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.0.0
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mortyr2_is1" = Mortyr 2 v 1.350
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.11.2013 5:26:24 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 8:54:53 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 8:54:54 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 8:55:09 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 14:24:38 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.
Error - 26.11.2013 15:21:57 | Computer Name = PC-F5CE6C3DE1A7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb
[ System Events ]
Error - 26.11.2013 14:24:22 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:29 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:38 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 14:24:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 26.11.2013 14:24:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde
Error - 26.11.2013 15:20:44 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:43 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:49 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.11.2013 15:21:50 | Computer Name = PC-F5CE6C3DE1A7 | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 26.11.2013 15:21:57 | Computer Name = PC-F5CE6C3DE1A7 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
-
tomaskorbas
- Level 1
- Příspěvky: 58
- Registrován: listopad 13
- Pohlaví:
- Stav:
Offline
Re: Spyware Doctor LOG
Tady mate ty logy
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 76 hostů