========== Files Created - No Company Name ==========
[2012.06.19 17:37:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.06.19 17:37:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.06.19 17:37:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.06.19 17:37:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.06.15 17:54:46 | 000,023,832 | ---- | C] () -- C:\Documents and Settings\Athlon\Dokumenty\Obraz0062.gif
[2012.06.15 17:54:18 | 000,234,450 | ---- | C] () -- C:\Documents and Settings\Athlon\Dokumenty\Obraz0052.jpg
[2012.06.05 19:22:40 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Converter.lnk
[2012.05.08 17:12:35 | 005,386,240 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2012.05.08 17:09:01 | 000,004,140 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
[2012.05.05 19:09:40 | 000,158,386 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1844237615-776561741-839522115-1004-0.dat
[2012.05.02 20:40:38 | 000,158,386 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.04.07 20:09:15 | 002,783,770 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.07 19:18:02 | 000,000,241 | ---- | C] () -- C:\Documents and Settings\Athlon\SR.vbs
[2012.04.07 15:29:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.03.30 18:35:07 | 000,052,736 | ---- | C] () -- C:\Documents and Settings\Athlon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.16 15:53:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.14 16:58:23 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Athlon\Data aplikací\winscp.rnd
[2011.12.16 20:18:57 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.12.16 20:18:57 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.08.27 20:55:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011.08.22 10:31:01 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Athlon\Local Settings\Data aplikací\PUTTY.RND
[2011.06.11 18:09:27 | 000,058,150 | ---- | C] () -- C:\Documents and Settings\Athlon\Data aplikací\SQLite3.dll
[2011.05.20 17:33:47 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.05.20 17:33:32 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.05.20 17:33:31 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.05.05 20:36:12 | 000,292,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.05.05 20:36:12 | 000,292,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.05.05 20:36:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.05.03 09:41:39 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Athlon\Data aplikací\steam_md4.dat
[2011.04.23 16:06:22 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\Athlon\Data aplikací\room.dat
[2011.04.08 19:44:40 | 010,379,264 | ---- | C] () -- C:\Documents and Settings\Athlon\s-1-5-21-1844237615-776561741-839522115-1004.rrr
[2010.11.30 21:42:27 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.10.17 18:44:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010.08.14 15:54:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010.07.06 21:09:57 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2009.02.05 20:24:51 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Athlon\Data aplikací\PnkBstrK.sys
[2008.04.26 15:41:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Athlon\PUTTY.RND
[2008.04.15 15:33:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Athlon\__ng3d.lock
[2008.02.09 22:04:06 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.12.24 19:43:51 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Athlon\default.pls
========== LOP Check ==========
[2012.03.20 18:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AltrixSoft
[2012.06.19 16:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[2012.04.06 08:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2012.04.15 10:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.12.01 16:29:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.12.01 16:34:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2010.12.01 16:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2010.12.02 14:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2010.12.01 16:55:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX
[2010.12.01 16:34:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2010.12.01 16:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2010.12.02 14:01:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2012.06.05 15:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2010.12.01 16:34:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2010.12.01 16:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSetup000
[2010.12.01 16:34:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2010.12.01 16:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2011.03.14 17:44:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.02.02 20:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.11.04 17:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.04.30 17:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2011.05.28 15:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.10.09 19:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2007.10.19 13:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2012.06.23 11:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.05.28 15:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2011.06.11 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaAccount
[2011.05.28 15:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.05.28 15:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.14 20:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2012.06.20 10:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2012.04.15 10:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2009.02.11 15:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.06.06 14:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.08.14 15:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tunngle
[2010.11.26 23:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2012.02.24 17:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WNR
[2012.06.19 16:45:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.04 23:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\.minecraft
[2012.04.04 23:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\.wtw
[2010.06.14 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\AnvSoft
[2012.03.14 21:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\AVG
[2011.11.14 20:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\AVG Secure Search
[2011.10.29 12:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\AVG2012
[2010.09.13 15:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\CadSoft
[2011.02.27 16:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Canon
[2012.05.08 16:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Carambis
[2012.03.18 17:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Charles
[2012.02.18 21:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\DAEMON Tools Lite
[2010.04.30 20:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\GetRightToGo
[2008.07.25 19:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\GrabPro
[2011.01.29 16:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\gtk-2.0
[2008.12.04 16:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Hide IP NG
[2012.05.14 19:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\ICQ
[2008.01.11 14:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\ICQLite
[2010.10.25 19:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Image Zone Express
[2011.10.10 15:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\IObit
[2011.02.12 11:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\LolClient
[2012.05.25 14:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\LolClient2
[2009.11.27 20:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Mobipocket
[2010.04.30 20:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Moyea
[2012.03.23 16:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Mumble
[2012.06.22 08:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\OpenCandy
[2011.08.25 22:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\OpenOffice.org
[2012.03.30 18:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Oracle
[2008.11.14 19:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Orbit
[2011.05.28 15:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\PC Suite
[2012.06.06 14:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Registry Mechanic
[2011.07.04 18:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Rovio
[2011.10.09 17:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Search Settings
[2011.12.10 13:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\TeamViewer
[2009.12.24 20:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\Transcend
[2012.02.18 21:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\uTorrent
[2012.02.24 17:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Athlon\Data aplikací\WNR
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:66BB1E73
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
Prosim kontrolu logu
Re: Prosim kontrolu logu
OTL Extras logfile created on: 23.6.2012 14:35:54 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Documents and Settings\Athlon\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,07% Memory free
3,85 Gb Paging File | 3,29 Gb Available in Paging File | 85,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 372,60 Gb Total Space | 306,77 Gb Free Space | 82,33% Space Free | Partition Type: NTFS
Computer Name: ATHLONX2 | User Name: Athlon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"56668:TCP" = 56668:TCP:*:Enabled:Pando Media Booster
"56668:UDP" = 56668:UDP:*:Enabled:Pando Media Booster
"57847:TCP" = 57847:TCP:*:Enabled:Pando Media Booster
"57847:UDP" = 57847:UDP:*:Enabled:Pando Media Booster
"57671:TCP" = 57671:TCP:*:Enabled:Pando Media Booster
"57671:UDP" = 57671:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"56668:TCP" = 56668:TCP:*:Enabled:Pando Media Booster
"56668:UDP" = 56668:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"6910:TCP" = 6910:TCP:*:Enabled:League of Legends Launcher
"6910:UDP" = 6910:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"6969:TCP" = 6969:TCP:*:Enabled:League of Legends Launcher
"6969:UDP" = 6969:UDP:*:Enabled:League of Legends Launcher
"6939:TCP" = 6939:TCP:*:Enabled:League of Legends Launcher
"6939:UDP" = 6939:UDP:*:Enabled:League of Legends Launcher
"57847:TCP" = 57847:TCP:*:Enabled:Pando Media Booster
"57847:UDP" = 57847:UDP:*:Enabled:Pando Media Booster
"8381:TCP" = 8381:TCP:*:Enabled:League of Legends Launcher
"8381:UDP" = 8381:UDP:*:Enabled:League of Legends Launcher
"6975:TCP" = 6975:TCP:*:Enabled:League of Legends Launcher
"6975:UDP" = 6975:UDP:*:Enabled:League of Legends Launcher
"6890:TCP" = 6890:TCP:*:Enabled:League of Legends Launcher
"6890:UDP" = 6890:UDP:*:Enabled:League of Legends Launcher
"6953:TCP" = 6953:TCP:*:Enabled:League of Legends Launcher
"6953:UDP" = 6953:UDP:*:Enabled:League of Legends Launcher
"6973:TCP" = 6973:TCP:*:Enabled:League of Legends Launcher
"6973:UDP" = 6973:UDP:*:Enabled:League of Legends Launcher
"6886:TCP" = 6886:TCP:*:Enabled:League of Legends Launcher
"6886:UDP" = 6886:UDP:*:Enabled:League of Legends Launcher
"6901:TCP" = 6901:TCP:*:Enabled:League of Legends Launcher
"6901:UDP" = 6901:UDP:*:Enabled:League of Legends Launcher
"6930:TCP" = 6930:TCP:*:Enabled:League of Legends Launcher
"6930:UDP" = 6930:UDP:*:Enabled:League of Legends Launcher
"6949:TCP" = 6949:TCP:*:Enabled:League of Legends Launcher
"6949:UDP" = 6949:UDP:*:Enabled:League of Legends Launcher
"6923:TCP" = 6923:TCP:*:Enabled:League of Legends Launcher
"6923:UDP" = 6923:UDP:*:Enabled:League of Legends Launcher
"6976:TCP" = 6976:TCP:*:Enabled:League of Legends Launcher
"6976:UDP" = 6976:UDP:*:Enabled:League of Legends Launcher
"6967:TCP" = 6967:TCP:*:Enabled:League of Legends Launcher
"6967:UDP" = 6967:UDP:*:Enabled:League of Legends Launcher
"6940:TCP" = 6940:TCP:*:Enabled:League of Legends Launcher
"6940:UDP" = 6940:UDP:*:Enabled:League of Legends Launcher
"6921:TCP" = 6921:TCP:*:Enabled:League of Legends Launcher
"6921:UDP" = 6921:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"6983:TCP" = 6983:TCP:*:Enabled:League of Legends Launcher
"6983:UDP" = 6983:UDP:*:Enabled:League of Legends Launcher
"6997:TCP" = 6997:TCP:*:Enabled:League of Legends Launcher
"6997:UDP" = 6997:UDP:*:Enabled:League of Legends Launcher
"6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher
"6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"57671:TCP" = 57671:TCP:*:Enabled:Pando Media Booster
"57671:UDP" = 57671:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Athlon\Plocha\Dan\Nová složka\Crack\WickedPatcher\WP669.exe" = C:\Documents and Settings\Athlon\Plocha\Dan\Nová složka\Crack\WickedPatcher\WP669.exe:*:Enabled:* WP Wicked Patcher * PPC Proxy Packet Converter * SE Server Emulator * -- (A.I. Sauron's Worlds)
"C:\Documents and Settings\Athlon\Plocha\Dan\utorrent-portable\utorrent.exe" = C:\Documents and Settings\Athlon\Plocha\Dan\utorrent-portable\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{519556CC-4382-4B35-80F5-DD8E9460EEAC}" = OpenOffice.org 2.3
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EB751B7-45F2-4DCF-9C91-DB996A05A626}" = NVIDIA PhysX
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5DD7359-5EB4-4D35-BBAF-E6A88269790B}" = League of Legends
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.51
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.51
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0203
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6ADA0E4-9451-43EB-B86E-878AD9E68D4F}" = LightScribe 1.6.45.1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = Realtek Card Reader
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}" = Nero 7 Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2012
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Delphi 7 Second Edition v7.2_is1" = Delphi 7 Second Edition
"DivX Setup" = DivX Setup
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"EAGLE 5.11.0" = EAGLE 5.11.0
"EAGLE 6.1.0" = EAGLE 6.1.0
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.81 Full
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Registrace uživatele zařízení Canon MG5100 series" = Registrace uživatele zařízení Canon MG5100 series
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Update Engine" = Sony Ericsson Update Engine
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Midgard" = Midgard
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.5.2012 7:09:29 | Computer Name = ATHLONX2 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 4.6.2012 8:46:40 | Computer Name = ATHLONX2 | Source = Application Error | ID = 1000
Description = Chybující aplikace divx plus player.exe, verze 10.2.1.23, chybující
modul qtcore4.dll, verze 4.5.0.0, adresa chyby 0x0005e942.
Error - 7.6.2012 11:51:33 | Computer Name = ATHLONX2 | Source = Application Error | ID = 1000
Description = Chybující aplikace rads_user_kernel.exe, verze 0.0.0.0, chybující
modul rads_user_kernel.exe, verze 0.0.0.0, adresa chyby 0x000b8554.
Error - 14.6.2012 8:18:28 | Computer Name = ATHLONX2 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
[ System Events ]
Error - 22.6.2012 0:43:58 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 6:02:44 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 6:04:07 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 6:08:34 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 6:09:59 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby helpsvc
s argumenty za účelem spuštění serveru: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 23.6.2012 1:20:23 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 23.6.2012 1:21:48 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
< End of report >
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Documents and Settings\Athlon\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,07% Memory free
3,85 Gb Paging File | 3,29 Gb Available in Paging File | 85,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 372,60 Gb Total Space | 306,77 Gb Free Space | 82,33% Space Free | Partition Type: NTFS
Computer Name: ATHLONX2 | User Name: Athlon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"56668:TCP" = 56668:TCP:*:Enabled:Pando Media Booster
"56668:UDP" = 56668:UDP:*:Enabled:Pando Media Booster
"57847:TCP" = 57847:TCP:*:Enabled:Pando Media Booster
"57847:UDP" = 57847:UDP:*:Enabled:Pando Media Booster
"57671:TCP" = 57671:TCP:*:Enabled:Pando Media Booster
"57671:UDP" = 57671:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"56668:TCP" = 56668:TCP:*:Enabled:Pando Media Booster
"56668:UDP" = 56668:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"6910:TCP" = 6910:TCP:*:Enabled:League of Legends Launcher
"6910:UDP" = 6910:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"6969:TCP" = 6969:TCP:*:Enabled:League of Legends Launcher
"6969:UDP" = 6969:UDP:*:Enabled:League of Legends Launcher
"6939:TCP" = 6939:TCP:*:Enabled:League of Legends Launcher
"6939:UDP" = 6939:UDP:*:Enabled:League of Legends Launcher
"57847:TCP" = 57847:TCP:*:Enabled:Pando Media Booster
"57847:UDP" = 57847:UDP:*:Enabled:Pando Media Booster
"8381:TCP" = 8381:TCP:*:Enabled:League of Legends Launcher
"8381:UDP" = 8381:UDP:*:Enabled:League of Legends Launcher
"6975:TCP" = 6975:TCP:*:Enabled:League of Legends Launcher
"6975:UDP" = 6975:UDP:*:Enabled:League of Legends Launcher
"6890:TCP" = 6890:TCP:*:Enabled:League of Legends Launcher
"6890:UDP" = 6890:UDP:*:Enabled:League of Legends Launcher
"6953:TCP" = 6953:TCP:*:Enabled:League of Legends Launcher
"6953:UDP" = 6953:UDP:*:Enabled:League of Legends Launcher
"6973:TCP" = 6973:TCP:*:Enabled:League of Legends Launcher
"6973:UDP" = 6973:UDP:*:Enabled:League of Legends Launcher
"6886:TCP" = 6886:TCP:*:Enabled:League of Legends Launcher
"6886:UDP" = 6886:UDP:*:Enabled:League of Legends Launcher
"6901:TCP" = 6901:TCP:*:Enabled:League of Legends Launcher
"6901:UDP" = 6901:UDP:*:Enabled:League of Legends Launcher
"6930:TCP" = 6930:TCP:*:Enabled:League of Legends Launcher
"6930:UDP" = 6930:UDP:*:Enabled:League of Legends Launcher
"6949:TCP" = 6949:TCP:*:Enabled:League of Legends Launcher
"6949:UDP" = 6949:UDP:*:Enabled:League of Legends Launcher
"6923:TCP" = 6923:TCP:*:Enabled:League of Legends Launcher
"6923:UDP" = 6923:UDP:*:Enabled:League of Legends Launcher
"6976:TCP" = 6976:TCP:*:Enabled:League of Legends Launcher
"6976:UDP" = 6976:UDP:*:Enabled:League of Legends Launcher
"6967:TCP" = 6967:TCP:*:Enabled:League of Legends Launcher
"6967:UDP" = 6967:UDP:*:Enabled:League of Legends Launcher
"6940:TCP" = 6940:TCP:*:Enabled:League of Legends Launcher
"6940:UDP" = 6940:UDP:*:Enabled:League of Legends Launcher
"6921:TCP" = 6921:TCP:*:Enabled:League of Legends Launcher
"6921:UDP" = 6921:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"6983:TCP" = 6983:TCP:*:Enabled:League of Legends Launcher
"6983:UDP" = 6983:UDP:*:Enabled:League of Legends Launcher
"6997:TCP" = 6997:TCP:*:Enabled:League of Legends Launcher
"6997:UDP" = 6997:UDP:*:Enabled:League of Legends Launcher
"6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher
"6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"57671:TCP" = 57671:TCP:*:Enabled:Pando Media Booster
"57671:UDP" = 57671:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Athlon\Plocha\Dan\Nová složka\Crack\WickedPatcher\WP669.exe" = C:\Documents and Settings\Athlon\Plocha\Dan\Nová složka\Crack\WickedPatcher\WP669.exe:*:Enabled:* WP Wicked Patcher * PPC Proxy Packet Converter * SE Server Emulator * -- (A.I. Sauron's Worlds)
"C:\Documents and Settings\Athlon\Plocha\Dan\utorrent-portable\utorrent.exe" = C:\Documents and Settings\Athlon\Plocha\Dan\utorrent-portable\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{519556CC-4382-4B35-80F5-DD8E9460EEAC}" = OpenOffice.org 2.3
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EB751B7-45F2-4DCF-9C91-DB996A05A626}" = NVIDIA PhysX
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5DD7359-5EB4-4D35-BBAF-E6A88269790B}" = League of Legends
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.51
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.51
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0203
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6ADA0E4-9451-43EB-B86E-878AD9E68D4F}" = LightScribe 1.6.45.1
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = Realtek Card Reader
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}" = Nero 7 Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2012
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Delphi 7 Second Edition v7.2_is1" = Delphi 7 Second Edition
"DivX Setup" = DivX Setup
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"EAGLE 5.11.0" = EAGLE 5.11.0
"EAGLE 6.1.0" = EAGLE 6.1.0
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.81 Full
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Registrace uživatele zařízení Canon MG5100 series" = Registrace uživatele zařízení Canon MG5100 series
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Update Engine" = Sony Ericsson Update Engine
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Midgard" = Midgard
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.5.2012 7:09:29 | Computer Name = ATHLONX2 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 4.6.2012 8:46:40 | Computer Name = ATHLONX2 | Source = Application Error | ID = 1000
Description = Chybující aplikace divx plus player.exe, verze 10.2.1.23, chybující
modul qtcore4.dll, verze 4.5.0.0, adresa chyby 0x0005e942.
Error - 7.6.2012 11:51:33 | Computer Name = ATHLONX2 | Source = Application Error | ID = 1000
Description = Chybující aplikace rads_user_kernel.exe, verze 0.0.0.0, chybující
modul rads_user_kernel.exe, verze 0.0.0.0, adresa chyby 0x000b8554.
Error - 14.6.2012 8:18:28 | Computer Name = ATHLONX2 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
[ System Events ]
Error - 22.6.2012 0:43:58 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 6:02:44 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 6:04:07 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 6:08:34 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 6:09:59 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby helpsvc
s argumenty za účelem spuštění serveru: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 22.6.2012 14:19:55 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 23.6.2012 1:20:23 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7000
Description = Služba helpsvc neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 23.6.2012 1:21:48 | Computer Name = ATHLONX2 | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Tohle sis sám nastavoval? Ty porty?
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Documents and Settings\All Users\Data aplikací\hpe10.dll
C:\Documents and Settings\Athlon\s-1-5-21-1844237615-776561741-839522115-1004.rrr
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo:
http://www.virscan.org/
Co HDTune??
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\..\SearchScopes,DefaultScope = {F65B1374-BE35-4299-8D94-AE92EA6D19D5}
IE - HKCU\..\SearchScopes\{F65B1374-BE35-4299-8D94-AE92EA6D19D5}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=NY&apn_dtid=YYYYYYYYCZ&apn_uid=95D71F36-2BF4-4672-BF6C-5369BDDE430E&apn_sauid=82C61005-7976-4EE4-A437-90DE624DE3C6&
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
[2012.03.30 15:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Extensions
[2011.11.17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Firefox\Profiles\9ldgupk0.default\searchplugins\askcom.xml
[2012.04.15 16:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.06.20 10:10:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O18 - Protocol\Handler\msdaipp - No CLSID value found
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:66BB1E73
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\NIRCMD.exe
C:\Documents and Settings\Athlon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\PEV.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\grep.exe
C:\WINDOWS\zip.exe
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Kód: Vybrat vše
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 4
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..network.proxy.http: "195.70.145.15"
FF - prefs.js..network.proxy.http_port: 8080
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Documents and Settings\All Users\Data aplikací\hpe10.dll
C:\Documents and Settings\Athlon\s-1-5-21-1844237615-776561741-839522115-1004.rrr
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo:
http://www.virscan.org/
Co HDTune??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim kontrolu logu
Ty porty jsem si nenastavoval nevim co to je..
HDTune zatim běži je to velkej disk jinak zatim je vše ok.
https://www.virustotal.com/file/45a2f8f ... 340459885/
https://www.virustotal.com/file/7678a25 ... 340460359/
Tu opravu v OTL udelam na vecer az se dodela sken toho HDD jinak zatim dekuji.
HDTune zatim běži je to velkej disk jinak zatim je vše ok.
https://www.virustotal.com/file/45a2f8f ... 340459885/
https://www.virustotal.com/file/7678a25 ... 340460359/
Tu opravu v OTL udelam na vecer az se dodela sken toho HDD jinak zatim dekuji.
Re: Prosim kontrolu logu
HDTune doněhl a bylo vše zeleny takže žádný problem.
Problem pořád je.
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Page_Transitions| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Page_Transitions| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F65B1374-BE35-4299-8D94-AE92EA6D19D5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F65B1374-BE35-4299-8D94-AE92EA6D19D5}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Firefox\Profiles\9ldgupk0.default\searchplugins\askcom.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:66BB1E73 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\SWREG.exe moved successfully.
C:\WINDOWS\SWSC.exe moved successfully.
C:\WINDOWS\SWXCACLS.exe moved successfully.
C:\WINDOWS\NIRCMD.exe moved successfully.
C:\Documents and Settings\Athlon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 957344 bytes
->Temporary Internet Files folder emptied: 5151759 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55339357 bytes
->Google Chrome cache emptied: 473026254 bytes
->Flash cache emptied: 3470 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 204226 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 510,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_085643
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Problem pořád je.
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Page_Transitions| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Page_Transitions| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F65B1374-BE35-4299-8D94-AE92EA6D19D5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F65B1374-BE35-4299-8D94-AE92EA6D19D5}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Athlon\Data aplikací\Mozilla\Firefox\Profiles\9ldgupk0.default\searchplugins\askcom.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:66BB1E73 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\SWREG.exe moved successfully.
C:\WINDOWS\SWSC.exe moved successfully.
C:\WINDOWS\SWXCACLS.exe moved successfully.
C:\WINDOWS\NIRCMD.exe moved successfully.
C:\Documents and Settings\Athlon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 957344 bytes
->Temporary Internet Files folder emptied: 5151759 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55339357 bytes
->Google Chrome cache emptied: 473026254 bytes
->Flash cache emptied: 3470 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 204226 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 510,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_085643
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Vypni rez.ochrany a firewall.
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 4
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..network.proxy.http: "195.70.145.15"
FF - prefs.js..network.proxy.http_port: 8080
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
ipconfig /all /c
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Vypni rez.ochrany a firewall.
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim kontrolu logu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.disabled.network.proxy.http
Prefs.js: 8888 removed from extensions.charles.settings.disabled.network.proxy.http_port
Prefs.js: "" removed from extensions.charles.settings.disabled.network.proxy.no_proxies_on
Prefs.js: false removed from extensions.charles.settings.disabled.network.proxy.share_proxy_settings
Prefs.js: "" removed from extensions.charles.settings.disabled.network.proxy.socks
Prefs.js: 0 removed from extensions.charles.settings.disabled.network.proxy.socks_port
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.disabled.network.proxy.ssl
Prefs.js: 8888 removed from extensions.charles.settings.disabled.network.proxy.ssl_port
Prefs.js: 4 removed from extensions.charles.settings.disabled.network.proxy.type
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.http
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.http_port
Prefs.js: "" removed from extensions.charles.settings.enabled.network.proxy.no_proxies_on
Prefs.js: false removed from extensions.charles.settings.enabled.network.proxy.share_proxy_settings
Prefs.js: "" removed from extensions.charles.settings.enabled.network.proxy.socks
Prefs.js: 0 removed from extensions.charles.settings.enabled.network.proxy.socks_port
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.ssl
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.ssl_port
Prefs.js: 1 removed from extensions.charles.settings.enabled.network.proxy.type
Prefs.js: "195.70.145.15" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
< ipconfig /all /c >
Konfigurace protokolu IP systému Windows
Název hostitele . . . . . . . . . : athlonx2
Primární přípona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : neznámý
Povoleno směrování IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Adaptér sítě Ethernet Připojení k místní síti:
Přípona DNS podle připojení . . . :
Popis . . . . . . . . . . . . . . : NVIDIA nForce Networking Controller
Fyzická Adresa. . . . . . . . . . : 00-1A-4D-9E-73-A3
Protokol DHCP povolen . . . . . . : Ne
Adresa IP . . . . . . . . . . . . : 10.100.11.19
Maska podsítě . . . . . . . . . . : 255.255.255.0
Výchozí brána . . . . . . . . . . : 10.100.11.1
Servery DNS . . . . . . . . . . . : 89.235.6.106
212.80.66.7
C:\Documents and Settings\Athlon\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Athlon\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 1767503 bytes
->Temporary Internet Files folder emptied: 4948213 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 25312766 bytes
->Flash cache emptied: 932 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39872 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 31,00 mb
[EMPTYFLASH]
User: All Users
User: Athlon
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_101324
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.disabled.network.proxy.http
Prefs.js: 8888 removed from extensions.charles.settings.disabled.network.proxy.http_port
Prefs.js: "" removed from extensions.charles.settings.disabled.network.proxy.no_proxies_on
Prefs.js: false removed from extensions.charles.settings.disabled.network.proxy.share_proxy_settings
Prefs.js: "" removed from extensions.charles.settings.disabled.network.proxy.socks
Prefs.js: 0 removed from extensions.charles.settings.disabled.network.proxy.socks_port
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.disabled.network.proxy.ssl
Prefs.js: 8888 removed from extensions.charles.settings.disabled.network.proxy.ssl_port
Prefs.js: 4 removed from extensions.charles.settings.disabled.network.proxy.type
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.http
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.http_port
Prefs.js: "" removed from extensions.charles.settings.enabled.network.proxy.no_proxies_on
Prefs.js: false removed from extensions.charles.settings.enabled.network.proxy.share_proxy_settings
Prefs.js: "" removed from extensions.charles.settings.enabled.network.proxy.socks
Prefs.js: 0 removed from extensions.charles.settings.enabled.network.proxy.socks_port
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.ssl
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.ssl_port
Prefs.js: 1 removed from extensions.charles.settings.enabled.network.proxy.type
Prefs.js: "195.70.145.15" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
< ipconfig /all /c >
Konfigurace protokolu IP systému Windows
Název hostitele . . . . . . . . . : athlonx2
Primární přípona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : neznámý
Povoleno směrování IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Adaptér sítě Ethernet Připojení k místní síti:
Přípona DNS podle připojení . . . :
Popis . . . . . . . . . . . . . . : NVIDIA nForce Networking Controller
Fyzická Adresa. . . . . . . . . . : 00-1A-4D-9E-73-A3
Protokol DHCP povolen . . . . . . : Ne
Adresa IP . . . . . . . . . . . . : 10.100.11.19
Maska podsítě . . . . . . . . . . : 255.255.255.0
Výchozí brána . . . . . . . . . . : 10.100.11.1
Servery DNS . . . . . . . . . . . : 89.235.6.106
212.80.66.7
C:\Documents and Settings\Athlon\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Athlon\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 1767503 bytes
->Temporary Internet Files folder emptied: 4948213 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 25312766 bytes
->Flash cache emptied: 932 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39872 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 31,00 mb
[EMPTYFLASH]
User: All Users
User: Athlon
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_101324
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: Prosim kontrolu logu
Hlášení kontroly
Neděle, Červen 24, 2012 11:00:19 - 12:23:19
Název počítače: ATHLONX2
Typ kontroly: Kontrolovat systém na přítomnost malwaru, spywaru a programů rootkit
Cíl: C:\
Nalezený malware: 16
Suspicious:W32/Malware!Gemini (virus)
C:\WINDOWS\VBOX\COMMON\VBOXM430.DLL (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138321.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138327.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138325.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138323.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138329.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138331.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138396.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138400.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138398.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138402.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138169.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138171.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138173.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138175.EXE (Nevyčištěno)
Gen:Variant.Graftor.Elzob.3159 (virus)
C:\DOCUMENTS AND SETTINGS\ATHLON\PLOCHA\DAN\SKOLA\PROGRAMOVANI\VSECHNO\7\PROJECT2.EXE (Přejmenováno)
Statistika
Kontrolováno:
Soubory: 64857
Systém: 4511
Nekontrolováno: 15
Akce:
Vyléčeno: 0
Přejmenováno: 1
Odstraněno: 0
Nevyčištěno: 15
Odesláno: 0
Nekontrolované soubory:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_IUJKIGFJ9FEAELF
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_J2JUEQB5EESWN28
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_NBKQMAEZOC9PPUS
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_ET8PGE0JMQRWCO2
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_0
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_1
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_3
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_2
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\INDEX
Neděle, Červen 24, 2012 11:00:19 - 12:23:19
Název počítače: ATHLONX2
Typ kontroly: Kontrolovat systém na přítomnost malwaru, spywaru a programů rootkit
Cíl: C:\
Nalezený malware: 16
Suspicious:W32/Malware!Gemini (virus)
C:\WINDOWS\VBOX\COMMON\VBOXM430.DLL (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138321.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138327.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138325.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138323.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138329.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138331.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138396.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138400.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138398.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP263\A0138402.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138169.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138171.EXE (Nevyčištěno)
Virtool.WWHacker.A (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138173.EXE (Nevyčištěno)
Trojan.Generic.2101447 (virus)
C:\SYSTEM VOLUME INFORMATION\_RESTORE{647EFB46-8122-472C-92AC-8073FB5C1D35}\RP262\A0138175.EXE (Nevyčištěno)
Gen:Variant.Graftor.Elzob.3159 (virus)
C:\DOCUMENTS AND SETTINGS\ATHLON\PLOCHA\DAN\SKOLA\PROGRAMOVANI\VSECHNO\7\PROJECT2.EXE (Přejmenováno)
Statistika
Kontrolováno:
Soubory: 64857
Systém: 4511
Nekontrolováno: 15
Akce:
Vyléčeno: 0
Přejmenováno: 1
Odstraněno: 0
Nevyčištěno: 15
Odesláno: 0
Nekontrolované soubory:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_IUJKIGFJ9FEAELF
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_J2JUEQB5EESWN28
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_NBKQMAEZOC9PPUS
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\TEMP\ETILQS_ET8PGE0JMQRWCO2
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_0
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_1
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_3
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_2
C:\DOCUMENTS AND SETTINGS\ATHLON\LOCAL SETTINGS\DATA APLIKACÍ\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\INDEX
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
PC je viry čisté , problém bude jinde.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
:Files
C:\WINDOWS\VBOX\COMMON\VBOXM430.DLL
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
PC je viry čisté , problém bude jinde.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim kontrolu logu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\WINDOWS\VBOX\COMMON\vboxm430.dll moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 514208623 bytes
->Temporary Internet Files folder emptied: 4127134 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50311985 bytes
->Google Chrome cache emptied: 310415081 bytes
->Flash cache emptied: 2145 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80465 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 20349025 bytes
Total Files Cleaned = 858,00 mb
Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.52.0 log created on 06252012_144251
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\WINDOWS\VBOX\COMMON\vboxm430.dll moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Athlon
->Temp folder emptied: 514208623 bytes
->Temporary Internet Files folder emptied: 4127134 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50311985 bytes
->Google Chrome cache emptied: 310415081 bytes
->Flash cache emptied: 2145 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80465 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 20349025 bytes
Total Files Cleaned = 858,00 mb
Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.52.0 log created on 06252012_144251
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim kontrolu logu
Spusť OTL a klikni na Vyčisti.
HD Tune na všechny disky jsi dělal?
HD Tune na všechny disky jsi dělal?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosim kontrolu logu
Hotovo. Mam jen jeden disk.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 47 hostů