Prosím o preventivní kontrolu (HJT)

quinter · Příspěvekod **quinter** » 25 srp 2009 17:35

Dobrý den, prosím o kontrolu logu z HJT, předem díky

____________________________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:50, on 25.8.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Nexus Radio\Nexus Radio.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\program files\steam-cs\steam.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Sukoku\sukoku113.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sukoku\sukoku.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ta/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Nexus Radio] C:\Program Files\Nexus Radio\Nexus Radio.exe -0
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam-cs\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{06A27AFE-CF59-4724-A195-D8C76C57AFCB}: NameServer = 213.180.32.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{06A27AFE-CF59-4724-A195-D8C76C57AFCB}: NameServer = 213.180.32.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{06A27AFE-CF59-4724-A195-D8C76C57AFCB}: NameServer = 213.180.32.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sukoku Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\Sukoku\sukoku113.exe

--
End of file - 6655 bytes

Reklama

pitimir · Příspěvekod **pitimir** » 25 srp 2009 17:47

A nevyskakuju ti nahodou v browseri nejake reklamne okna?

Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users" -> "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

quinter · Příspěvekod **quinter** » 25 srp 2009 18:14

Extras.txt
_______________________________

OTL Extras logfile created on: 25.8.2009 18:12:25 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Tony\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,49 Mb Total Physical Memory | 384,25 Mb Available Physical Memory | 50,07% Memory free
1,83 Gb Paging File | 1,42 Gb Available in Paging File | 77,49% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,30 Gb Total Space | 23,87 Gb Free Space | 64,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TONY-B8D3E6C7B8
Current User Name: Tony
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Steam\steamapps\quinterboomsta89\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\quinterboomsta89\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\QIP Infium JadrisPack\infium.exe" = C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files\DanzigPrefEngine\danzig15.exe" = C:\Program Files\DanzigPrefEngine\danzig15.exe:*:Enabled:Danzig Pref Engine -- File not found
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Steam-CS\steamapps\quinterboomsta89\counter-strike\hl.exe" = C:\Program Files\Steam-CS\steamapps\quinterboomsta89\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1" = Media Access Startup
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DE9E293-5D7B-4312-88C2-BDFAEC5310AE}" = Microsoft .NET Framework 3.0
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E1C51E3E-983C-4373-B740-177E28B4DFD0}" = Nexus Radio
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.8.3 (build 15638)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"avast!" = avast! Antivirus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"Clickster16342" = Clickster
"Counter-Strike: Source" = Counter-Strike: Source
"Crayon Physics Deluxe_is1" = Crayon Physics Deluxe - release 51
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EAX Unified" = EAX Unified
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"GameParkClient_is1" = GamePark
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.0 (Full)
"LimeWire" = LimeWire 5.2.10
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"QIP 2005_is1" = QIP 2005 8090
"QIP Infium JadrisPack 2.4.5 (9030)" = QIP Infium JadrisPack 2.4.5 (9030)
"RegScrubXP_is1" = RegScrubXP 3.25
"Smart Defrag_is1" = Smart Defrag 1.20
"Steam App 10" = Counter-Strike
"Sukoku" = Sukoku 1.0 build 113
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VobSub" = VobSub v2.23 (Remove Only)
"WIC" = Windows Imaging Component
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Professional V4.43
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 26.3.2009 14:58:33 | Computer Name = TONY-B8D3E6C7B8 | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu basEncodeFileToSubmit failed! , funkce
00000002.

Error - 12.7.2009 10:32:55 | Computer Name = TONY-B8D3E6C7B8 | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestOpenList Error 1753.

Error - 12.7.2009 10:32:55 | Computer Name = TONY-B8D3E6C7B8 | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybě: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.

Error - 12.7.2009 10:33:04 | Computer Name = TONY-B8D3E6C7B8 | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybě: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().

Error - 12.7.2009 10:34:43 | Computer Name = TONY-B8D3E6C7B8 | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

[ Application Events ]
Error - 30.5.2009 5:47:39 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.6.32, chybující modul kernel32.dll,
verze 5.1.2600.2180, adresa chyby 0x0001eb33.

Error - 2.6.2009 9:21:11 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace cod2mp_s.exe, verze 0.0.0.0, chybující modul gfx_d3d_mp_x86_s.dll,
verze 0.0.0.0, adresa chyby 0x0001eca2.

Error - 5.6.2009 8:01:38 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace cod2mp_s.exe, verze 0.0.0.0, chybující modul gfx_d3d_mp_x86_s.dll,
verze 0.0.0.0, adresa chyby 0x0005ef40.

Error - 8.6.2009 7:57:52 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace hl2.exe, verze 0.0.0.0, chybující modul datacache.dll,
verze 0.0.0.0, adresa chyby 0x0000b423.

Error - 8.6.2009 10:17:21 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.6.32, chybující modul teatimer.exe,
verze 1.6.6.32, adresa chyby 0x0006e66e.

Error - 11.6.2009 14:27:37 | Computer Name = TONY-B8D3E6C7B8 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 11.6.2009 17:07:37 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
dxtrans.dll, verze 6.3.2900.2180, adresa chyby 0x0000185f.

Error - 12.6.2009 6:38:27 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace oodtray.exe, verze 11.0.1.1302, chybující modul
oodtray.exe, verze 11.0.1.1302, adresa chyby 0x0003859d.

Error - 12.6.2009 12:16:40 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x00076fa1.

Error - 14.6.2009 10:42:58 | Computer Name = TONY-B8D3E6C7B8 | Source = Application Error | ID = 1000
Description = Chybující aplikace hl.exe, verze 1.1.1.1, chybující modul Steam.dll,
verze 2.0.0.0, adresa chyby 0x001e6566.

[ System Events ]
Error - 25.8.2009 10:30:02 | Computer Name = TONY-B8D3E6C7B8 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\DoubleD\GamingHarbor
Toolbar\4.2.3.22530\MFC80.DLL se nezdařila. Referenční chybová zpráva: Operace
byla dokončena úspěšně. .

Error - 25.8.2009 10:31:00 | Computer Name = TONY-B8D3E6C7B8 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.

Error - 25.8.2009 10:31:00 | Computer Name = TONY-B8D3E6C7B8 | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 25.8.2009 11:05:34 | Computer Name = TONY-B8D3E6C7B8 | Source = ACPI | ID = 327685
Description = AMLI: Systém ACPI BIOS se pokouší o zápis na nesprávnou adresu V/V
portu (0xcf8), která se nachází v chráněném rozsahu adres 0xcf8 - 0xcff. Následkem
toho může dojít k nestabilitě systému. Obraťte se na prodejce systému s žádostí
o odbornou pomoc.

Error - 25.8.2009 11:05:34 | Computer Name = TONY-B8D3E6C7B8 | Source = ACPI | ID = 327684
Description = AMLI: Systém ACPI BIOS se pokouší o čtení z nesprávné adresy V/V portu
(0xcfc), která se nachází v chráněném rozsahu adres 0xcf8 - 0xcff. Následkem toho
může dojít k nestabilitě systému. Obraťte se na prodejce systému s žádostí o odbornou
pomoc.

Error - 25.8.2009 11:05:34 | Computer Name = TONY-B8D3E6C7B8 | Source = ACPI | ID = 327684
Description = AMLI: Systém ACPI BIOS se pokouší o čtení z nesprávné adresy V/V portu
(0x4d1), která se nachází v chráněném rozsahu adres 0x4d0 - 0x4d1. Následkem toho
může dojít k nestabilitě systému. Obraťte se na prodejce systému s žádostí o odbornou
pomoc.

Error - 25.8.2009 11:05:34 | Computer Name = TONY-B8D3E6C7B8 | Source = ACPI | ID = 327685
Description = AMLI: Systém ACPI BIOS se pokouší o zápis na nesprávnou adresu V/V
portu (0x4d1), která se nachází v chráněném rozsahu adres 0x4d0 - 0x4d1. Následkem
toho může dojít k nestabilitě systému. Obraťte se na prodejce systému s žádostí
o odbornou pomoc.

Error - 25.8.2009 11:05:40 | Computer Name = TONY-B8D3E6C7B8 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.MFCLOC nebyla nalezena a
poslední chyba byla Sestavení určené odkazem není v systému nainstalováno. .

Error - 25.8.2009 11:05:41 | Computer Name = TONY-B8D3E6C7B8 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.MFCLOC se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 25.8.2009 11:05:41 | Computer Name = TONY-B8D3E6C7B8 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\DoubleD\GamingHarbor
Toolbar\4.2.3.22530\MFC80.DLL se nezdařila. Referenční chybová zpráva: Operace
byla dokončena úspěšně. .

[ TuneUp Events ]
Error - 1.7.2009 4:02:06 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:02:13 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:02:13 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:02:30 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:02:30 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:02:30 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 1.7.2009 4:56:17 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 2.7.2009 3:00:30 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 2.7.2009 11:35:44 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 9.7.2009 12:50:33 | Computer Name = TONY-B8D3E6C7B8 | Source = TuneUp Program Statistics | ID = 131840
Description =

< End of report >

quinter · Příspěvekod **quinter** » 25 srp 2009 18:16

OTL.txt
_____________________________________

OTL logfile created on: 25.8.2009 18:12:25 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Tony\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,49 Mb Total Physical Memory | 384,25 Mb Available Physical Memory | 50,07% Memory free
1,83 Gb Paging File | 1,42 Gb Available in Paging File | 77,49% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,30 Gb Total Space | 23,87 Gb Free Space | 64,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TONY-B8D3E6C7B8
Current User Name: Tony
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2004.08.17 15:49:24 | 01,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009.08.17 18:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2006.02.19 03:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2009.08.22 22:46:40 | 01,217,784 | ---- | M] (Valve Corporation) -- C:\program files\steam-cs\steam.exe
PRC - [2001.10.24 14:25:10 | 00,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\devldr32.exe
PRC - [2009.05.02 10:26:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006.10.22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006.03.03 22:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
PRC - [2009.03.26 11:56:50 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
PRC - [2009.08.13 21:43:00 | 00,049,152 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\Sukoku\sukoku113.exe
PRC - [2004.08.17 15:49:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2009.08.13 21:43:00 | 00,049,152 | ---- | M] () -- C:\Program Files\Sukoku\sukoku.exe
PRC - [2009.03.25 18:02:56 | 05,245,440 | ---- | M] (QIP) -- C:\QIP Infium JadrisPack\infium.exe
PRC - [2009.07.31 01:39:00 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.08.25 18:11:59 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tony\Dokumenty\Stažené soubory\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2005.09.23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009.08.17 17:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009.08.17 18:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009.08.17 18:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009.08.17 18:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2005.09.23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006.10.20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2004.08.17 15:49:16 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005.11.14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006.10.30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009.05.02 10:26:08 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006.10.30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006.10.22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006.03.03 22:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Unknown | Running])
SRV - [2009.03.26 11:56:50 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007.11.06 22:22:26 | 00,092,792 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2009.08.13 21:43:00 | 00,049,152 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\Sukoku\sukoku113.exe -- (Sukoku Service [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009.08.17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004.08.04 01:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2007.05.14 23:38:22 | 00,009,216 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\DRIVERS\Amfilter.sys -- (Amfilter [System | Running])
DRV - [2007.05.14 23:41:46 | 00,014,336 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\DRIVERS\Amusbprt.sys -- (Amusbprt [On_Demand | Stopped])
DRV - [2009.08.17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009.08.17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009.08.17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009.08.17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009.08.17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2001.08.17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running])
DRV - [2001.08.17 22:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Running])
DRV - [2001.08.17 22:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Running])
DRV - [2004.08.04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2006.04.12 12:04:39 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2006.04.12 12:04:39 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2006.04.12 12:04:39 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2004.08.03 22:59:52 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])
DRV - [2007.11.06 22:22:06 | 00,034,064 | ---- | M] (CACE Technologies) -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF [On_Demand | Stopped])
DRV - [2006.10.22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2001.10.25 16:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009.01.21 16:49:40 | 00,118,656 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Stopped])
DRV - [2004.08.04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2008.11.02 10:44:10 | 00,056,572 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [System | Running])
DRV - [2006.11.10 09:46:52 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Bbus.sys -- (SE2Bbus [On_Demand | Stopped])
DRV - [2006.11.10 09:46:58 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Bmdfl.sys -- (SE2Bmdfl [On_Demand | Stopped])
DRV - [2006.11.10 09:47:00 | 00,097,184 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Bmdm.sys -- (SE2Bmdm [On_Demand | Stopped])
DRV - [2006.11.10 09:47:06 | 00,088,688 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Bmgmt.sys -- (SE2Bmgmt [On_Demand | Stopped])
DRV - [2006.11.10 09:47:08 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se2Bnd5.sys -- (se2Bnd5 [On_Demand | Stopped])
DRV - [2006.11.10 09:47:10 | 00,086,560 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE2Bobex.sys -- (SE2Bobex [On_Demand | Stopped])
DRV - [2006.11.10 09:47:18 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se2Bunic.sys -- (se2Bunic [On_Demand | Stopped])
DRV - [2009.04.24 21:51:57 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2001.08.17 22:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\sfmanm.sys -- (sfman [On_Demand | Running])
DRV - [2009.03.14 23:41:07 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2004.08.04 00:32:32 | 00,084,480 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ac97via.sys -- (VIAudio [On_Demand | Running])
DRV - [2008.12.16 15:47:00 | 00,013,976 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32 [Boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ta/
IE - HKU\S-1-5-21-436374069-1957994488-854245398-1003\S-1-5-21-436374069-1957994488-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.05.02 10:26:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF [2009.08.25 11:19:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.6.910\FF [2009.08.25 11:19:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.08.23 21:06:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.08.23 21:06:39 | 00,000,000 | ---D | M]

[2009.07.10 17:24:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tony\Data aplikací\mozilla\Extensions
[2009.07.10 17:24:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tony\Data aplikací\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.18 22:22:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tony\Data aplikací\mozilla\Firefox\Profiles\cqpzq5o4.default\extensions
[2009.08.25 17:16:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.08.25 12:06:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{7AB6D133-2A14-4C11-B3AD-35B1548D38F9}
[2009.08.23 21:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.07.10 17:24:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\stahuj@centrum.cz
[2009.07.31 01:39:00 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.07.31 01:39:00 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.07.31 01:39:00 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.02.27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009.07.31 01:38:59 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.07.31 00:15:16 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.07.31 00:15:16 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.07.31 00:15:16 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.07.31 00:15:16 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.08.25 12:06:15 | 00,002,381 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\sukoku113.xml
[2009.07.31 00:15:16 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll ()
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nexus Radio] C:\Program Files\Nexus Radio\Nexus Radio.exe (Egisca Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMCTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKU\S-1-5-21-436374069-1957994488-854245398-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-436374069-1957994488-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-436374069-1957994488-854245398-1003..\Run: [Steam] c:\program files\steam-cs\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-436374069-1957994488-854245398-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download Using &BitSpirit - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B) - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Value error.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.08.25 11:24:24 | 00,000,841 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\FLV CAP 1.5.lnk
[2009.08.25 11:24:24 | 00,000,816 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\Media Converter.lnk
[2009.08.25 11:24:24 | 00,000,777 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\FLV Player.lnk
[2009.08.25 11:23:17 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2009.08.25 11:23:08 | 00,000,000 | ---D | C] -- C:\Program Files\Sector69
[2009.08.25 11:20:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Local Settings\Data aplikací\Internet Saving Optimizer
[2009.08.25 11:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\Sukoku
[2009.08.25 11:19:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sukoku
[2009.08.25 11:19:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Local Settings\Data aplikací\Media Access Startup
[2009.08.25 11:19:45 | 00,000,000 | ---D | C] -- C:\Program Files\Media Access Startup
[2009.08.25 11:19:41 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Saving Optimizer
[2009.08.25 11:19:37 | 00,000,000 | ---D | C] -- C:\Program Files\System Search Dispatcher
[2009.08.25 11:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\DoubleD
[2009.08.25 11:18:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\~0
[2009.08.25 11:18:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Local Settings\Data aplikací\DoubleD
[2009.08.24 10:29:02 | 22,157,634 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\Sweden_vs_Germany_ENC2009-0908221925-de_inferno.dem
[2009.08.24 10:28:59 | 16,716,247 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\Sweden_vs_Germany_ENC2009-0908221837-de_dust2.dem
[2009.08.23 21:39:54 | 00,921,654 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\de_dust20016.bmp
[2009.08.23 21:06:46 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2009.08.23 15:07:24 | 12,084,5104 | ---- | C] () -- C:\Documents and Settings\Tony\Plocha\4_vs_col_col_frod_a.dem
[2009.08.23 10:39:41 | 00,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009.08.23 10:38:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.08.22 22:45:44 | 00,000,000 | ---D | C] -- C:\Program Files\Steam-CS
[2009.08.22 22:14:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
[2009.08.22 22:11:16 | 80,483,9424 | -HS- | C] () -- C:\hiberfil.sys
[2009.08.22 22:09:29 | 00,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009.08.22 22:09:29 | 00,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009.08.22 22:09:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009.08.22 22:09:28 | 00,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2009.08.22 22:08:45 | 00,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2009.08.22 22:08:21 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009.08.19 10:45:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Nexus Radio
[2009.08.19 10:45:54 | 00,000,000 | ---D | C] -- C:\Program Files\Nexus Radio
[2009.08.19 10:45:54 | 00,000,000 | ---D | C] -- C:\My Saved Files
[2009.08.19 10:45:54 | 00,000,000 | ---D | C] -- C:\My Recorded Files
[2009.08.18 21:42:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Plocha\filmy
[2009.08.18 21:41:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Plocha\Hry
[2009.08.18 16:27:02 | 00,000,000 | ---D | C] -- C:\Program Files\Gabest
[2009.07.30 21:21:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Data aplikací\Crayon Physics Deluxe
[2009.07.30 21:20:33 | 00,000,000 | ---D | C] -- C:\Program Files\Crayon Physics Deluxe
[2009.07.29 21:05:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Dokumenty\LimeWire
[2009.07.29 21:04:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tony\Data aplikací\LimeWire
[2009.07.29 21:04:02 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2009.07.29 20:41:49 | 00,000,000 | ---D | C] -- C:\Program Files\Clickster
[2009.06.12 08:35:08 | 00,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2009.03.26 18:37:25 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.03.26 14:36:55 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.03.26 14:36:55 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.26 14:36:53 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.03.26 14:36:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.03.26 14:36:51 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.03.23 13:04:33 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.03.21 09:20:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2009.03.15 02:10:49 | 00,137,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.03.14 23:41:06 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.03.14 23:03:50 | 00,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2007.11.06 22:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006.10.22 12:22:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 12:22:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 12:22:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 12:22:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 12:22:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 12:22:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 12:22:00 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004.08.17 15:49:10 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002.10.16 00:54:04 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001.10.25 16:00:00 | 00,000,684 | ---- | C] () -- C:\WINDOWS\win.ini
[2001.10.25 16:00:00 | 00,000,277 | ---- | C] () -- C:\WINDOWS\system.ini
[2001.07.07 04:00:00 | 00,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== Files - Modified Within 30 Days ==========

[2009.08.25 17:06:09 | 00,000,684 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.08.25 17:05:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.08.25 17:05:39 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.08.25 17:05:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.08.25 17:05:29 | 80,483,9424 | -HS- | M] () -- C:\hiberfil.sys
[2009.08.25 12:12:08 | 04,820,108 | -H-- | M] () -- C:\Documents and Settings\Tony\Local Settings\Data aplikací\IconCache.db
[2009.08.25 11:24:24 | 00,000,841 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\FLV CAP 1.5.lnk
[2009.08.25 11:24:24 | 00,000,816 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\Media Converter.lnk
[2009.08.25 11:24:24 | 00,000,777 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\FLV Player.lnk
[2009.08.23 22:19:45 | 00,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2009.08.23 21:39:54 | 00,921,654 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\de_dust20016.bmp
[2009.08.23 21:06:46 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2009.08.23 16:33:36 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Tony\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.23 15:11:30 | 22,157,634 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\Sweden_vs_Germany_ENC2009-0908221925-de_inferno.dem
[2009.08.23 15:11:30 | 16,716,247 | ---- | M] () -- C:\Documents and Settings\Tony\Plocha\Sweden_vs_Germany_ENC2009-0908221837-de_dust2.dem
[2009.08.23 10:39:41 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009.08.22 21:46:49 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009.08.22 21:46:49 | 00,000,277 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.08.20 16:46:23 | 00,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009.08.17 18:10:20 | 01,279,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009.08.17 18:06:54 | 00,093,392 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009.08.17 18:06:43 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009.08.17 18:05:52 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009.08.17 18:05:37 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009.08.17 18:04:40 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009.08.17 18:04:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009.08.17 18:03:21 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009.08.17 18:02:50 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009.08.13 09:56:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
< End of report >

pitimir · Příspěvekod **pitimir** » 26 srp 2009 10:07

1) Otestuj subor(y) na VIRUSTOTALe:

Kód: Vybrat vše

C:\Program Files\Sukoku\sukoku.exe

Ak vypise, ze subor uz bol testovany, daj ho otestovat znovu. Vysledok posli ako LINK.

2) Skopiruj do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
FF - HKLM\software\mozilla\Firefox\extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF [2009.08.25 11:19:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.6.910\FF [2009.08.25 11:19:46 | 00,000,000 | ---D | M]
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll ()
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll ()
O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll ()
O3 - HKU\S-1-5-21-436374069-1957994488-854245398-1003\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O8 - Extra context menu item: Download Using &BitSpirit - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B) - Reg Error: Value error. File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Value error.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found

:files
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Internet Saving Optimizer
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Media Access Startup
C:\Program Files\Media Access Startup
C:\Program Files\Internet Saving Optimizer
C:\Program Files\System Search Dispatcher
C:\Program Files\DoubleD
C:\Documents and Settings\Tony\Local Settings\Data aplikací\DoubleD

:commands
[purity]
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.

boomsta89 · Příspěvekod **boomsta89** » 26 srp 2009 10:26

Děkuji za pomoc, zde je ten log
______________________________________

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2224E955-00E9-4613-A844-CE69FCCAAE91}\ not found.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\components moved successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content moved successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF\chrome moved successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\FF moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}\ not found.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
LoadLibrary failed for C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll
C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll NOT unregistered.
C:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
LoadLibrary failed for C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll NOT unregistered.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ deleted successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll unregistered successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-1957994488-854245398-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download Using &BitSpirit\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B)\ deleted successfully.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
========== FILES ==========
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Internet Saving Optimizer\3.7.0.4550 moved successfully.
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Internet Saving Optimizer moved successfully.
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Media Access Startup\1.5.6.910 moved successfully.
C:\Documents and Settings\Tony\Local Settings\Data aplikací\Media Access Startup moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\Data moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910 moved successfully.
C:\Program Files\Media Access Startup moved successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550\Data moved successfully.
C:\Program Files\Internet Saving Optimizer\3.7.0.4550 moved successfully.
C:\Program Files\Internet Saving Optimizer moved successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data moved successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970 moved successfully.
C:\Program Files\System Search Dispatcher moved successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar moved successfully.
C:\Program Files\DoubleD moved successfully.
C:\Documents and Settings\Tony\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar moved successfully.
C:\Documents and Settings\Tony\Local Settings\Data aplikací\DoubleD moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 692346 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Tony
->Temp folder emptied: 117272 bytes
->Temporary Internet Files folder emptied: 23616093 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 82178619 bytes
->Opera cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 815696 bytes
RecycleBin emptied: 5190 bytes

Total Files Cleaned = 102,45 mb

OTL by OldTimer - Version 3.0.10.7 log created on 08262009_101737

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5c8.dat moved successfully.

Registry entries deleted on Reboot...

boomsta89 · Příspěvekod **boomsta89** » 26 srp 2009 10:28

výsledek po skanu sukoku.exe

http://www.virustotal.com/cs/analisis/1 ... 1251274327

zkoušel jsem smazat celou složku, ale píše mi to, že soubor se právě používá

pitimir · Příspěvekod **pitimir** » 28 srp 2009 19:15

Pardon za zdrzanie. Mohol by si prosim otestovat ten subor este raz? Link ma urcitu zivotnost a ta uz bola presvihnuta... :(

Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.

Prosím o preventivní kontrolu (HJT)

Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Re: Prosím o preventivní kontrolu (HJT)

Kdo je online