Prosím o kontrolu logu

T0m1k · Příspěvekod **T0m1k** » 13 kvě 2012 09:12

+ 2012-03-20 10:41 . 2012-01-12 17:20 1859968 c:\windows\$NtUninstallKB2641653$\win32k.sys
+ 2011-12-19 12:10 . 2011-09-06 14:10 1858944 c:\windows\$NtUninstallKB2639417$\win32k.sys
+ 2011-12-16 13:46 . 2010-12-09 15:14 2150912 c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
+ 2011-12-16 13:46 . 2010-12-09 15:14 2029056 c:\windows\$NtUninstallKB2633171$\ntkrpamp.exe
+ 2011-12-16 13:46 . 2010-12-09 15:14 2029056 c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
+ 2011-12-16 13:46 . 2010-12-09 15:14 2150912 c:\windows\$NtUninstallKB2633171$\ntkrnlmp.exe
+ 2012-01-11 19:56 . 2010-02-05 18:27 1294336 c:\windows\$NtUninstallKB2631813$\quartz.dll
+ 2011-12-19 12:09 . 2010-07-16 12:00 1287680 c:\windows\$NtUninstallKB2624667$\ole32.dll
+ 2011-10-17 04:30 . 2011-06-06 11:35 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
+ 2012-01-12 17:21 . 2012-01-12 17:21 1869056 c:\windows\$hf_mig$\KB2660465\SP3QFE\win32k.sys
+ 2012-02-15 11:56 . 2011-12-17 19:41 1214464 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll
+ 2012-02-15 11:56 . 2011-12-17 19:41 5980160 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
+ 2012-02-15 11:56 . 2011-12-17 19:41 2001408 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll
+ 2012-03-18 16:46 . 2012-02-03 09:56 1869184 c:\windows\$hf_mig$\KB2641653\SP3QFE\win32k.sys
+ 2011-11-23 14:39 . 2011-11-23 14:39 1868544 c:\windows\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-26 10:49 . 2011-10-26 10:49 2194944 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-26 10:49 . 2011-10-26 10:49 2029056 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-26 10:49 . 2011-10-26 10:49 2071552 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-26 10:49 . 2011-10-26 10:49 2150912 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-11-03 15:27 . 2011-11-03 15:27 1294848 c:\windows\$hf_mig$\KB2631813\SP3QFE\quartz.dll
+ 2011-11-01 16:05 . 2011-11-01 16:05 1288704 c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-15 12:24 . 2011-11-04 19:12 1214464 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-15 12:24 . 2011-11-04 19:12 5978624 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-15 12:24 . 2011-11-04 19:12 2001408 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2011-10-13 13:55 . 2011-08-22 23:40 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-13 13:55 . 2011-10-03 08:30 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-13 13:55 . 2011-08-22 23:40 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 14:08 . 2011-09-06 14:08 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2012-04-01 15:56 . 2011-08-03 11:49 16191488 c:\windows\system32\ReinstallBackups\0001\DriverFiles\nvoglnt.dll
+ 2012-04-01 15:56 . 2011-08-03 11:49 17186816 c:\windows\system32\ReinstallBackups\0001\DriverFiles\nvcompiler.dll
+ 2012-04-01 15:56 . 2011-08-03 11:49 12542592 c:\windows\system32\ReinstallBackups\0001\DriverFiles\nv4_mini.sys
+ 2011-05-13 10:06 . 2012-05-09 12:56 55656824 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2012-03-02 03:59 11082752 c:\windows\system32\ieframe.dll
+ 2006-08-30 12:03 . 2012-02-29 23:58 13417632 c:\windows\system32\dllcache\nv4_mini.sys
+ 2011-05-13 10:08 . 2012-03-02 03:59 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-04-06 00:12 . 2012-04-06 00:12 15709696 c:\windows\Installer\f98697.msp
+ 2012-01-04 00:25 . 2012-01-04 00:25 17751552 c:\windows\Installer\f98689.msp
+ 2012-04-06 01:13 . 2012-04-06 01:13 16527872 c:\windows\Installer\f98639.msp
+ 2009-04-04 16:09 . 2009-04-04 16:09 10874880 c:\windows\Installer\a82638.msp
+ 2009-04-04 14:50 . 2009-04-04 14:50 20277760 c:\windows\Installer\a824a5.msp
+ 2009-04-04 14:49 . 2009-04-04 14:49 14030336 c:\windows\Installer\a82498.msp
+ 2011-09-15 16:38 . 2011-09-15 16:38 10838528 c:\windows\Installer\69e8a.msp
+ 2011-09-15 16:37 . 2011-09-15 16:37 14140416 c:\windows\Installer\69e80.msp
+ 2011-09-15 17:26 . 2011-09-15 17:26 32752640 c:\windows\Installer\69c97.msp
+ 2011-09-15 17:25 . 2011-09-15 17:25 14962688 c:\windows\Installer\69c8b.msp
+ 2011-09-05 22:01 . 2011-09-05 22:01 13135872 c:\windows\Installer\45ac5c.msp
+ 2011-07-27 06:37 . 2011-07-27 06:37 11592192 c:\windows\Installer\3cc14.msp
+ 2010-07-23 00:04 . 2010-07-23 00:04 11395072 c:\windows\Installer\3cbae.msp
+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\36640.msp
+ 2012-01-18 17:07 . 2012-01-18 17:07 18181632 c:\windows\Installer\2ad37.msi
+ 2011-07-11 18:43 . 2011-07-11 18:43 11641344 c:\windows\Installer\2270e.msp
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\1bb90.msp
+ 2011-06-06 10:55 . 2011-06-06 10:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B744AA0100000010\10.1.0\AcroRd32.dll
+ 2011-09-15 18:42 . 2011-09-15 18:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WWLIB.DLL
+ 2006-10-26 20:13 . 2006-10-26 20:13 14674216 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-27 14:23 . 2006-10-27 14:23 17483560 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-27 14:16 . 2006-10-27 14:16 12813096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 14:14 . 2006-10-27 14:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 14:26 . 2006-10-27 14:26 16870712 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 14:01 . 2006-10-27 14:01 10371880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-27 14:07 . 2006-10-27 14:07 17891112 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2012-04-14 09:41 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-02-21 08:16 . 2011-11-05 13:13 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2011-12-19 12:09 . 2011-08-23 15:41 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-10-14 12:16 . 2011-06-23 18:31 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2012-05-09 13:04 . 2012-05-09 13:04 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
+ 2012-05-09 13:32 . 2012-05-09 13:32 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\408a14028cdc4c24dfb8f241da428142\System.Web.ni.dll
+ 2012-05-09 13:29 . 2012-05-09 13:29 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-05-09 13:02 . 2012-05-09 13:02 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7dc928136c57efafae0845b7e8a83f45\System.Design.ni.dll
+ 2012-05-09 12:59 . 2012-05-09 12:59 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b44d2b225cf6b7861e85b2e915db1f93\PresentationFramework.ni.dll
+ 2012-05-09 12:58 . 2012-05-09 12:58 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f4f33d28527d761c7483d6960862684\PresentationCore.ni.dll
+ 2012-05-09 12:57 . 2012-05-09 12:57 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
+ 2012-02-15 11:56 . 2011-12-17 19:41 11085312 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll
+ 2011-12-15 12:24 . 2011-11-04 19:12 11083776 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
+ 2011-10-13 13:55 . 2011-08-22 23:40 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
+ 2009-04-04 16:08 . 2009-04-04 16:08 343058432 c:\windows\Installer\a82626.msp
+ 2011-09-15 16:34 . 2011-09-15 16:34 428804608 c:\windows\Installer\69e6f.msp
+ 2012-02-10 17:42 . 2012-02-10 17:42 950764032 c:\windows\Installer\18d5ebe.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-02 16269312]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-29 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-29 1634112]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-04-04 05:53 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-13 13:57 136176 ----atw- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-02-29 20:30 15494464 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-02-29 20:30 108352 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2012-02-29 23:58 1634112 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-06-15 06:19 307200 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 06:55 17148552 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\amcap.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\OGPlanet\\LostSagaEU\\autoupgrade.exe"=
"c:\\Program Files\\OGPlanet\\LostSagaEU\\lostsaga.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56187:TCP"= 56187:TCP:Pando Media Booster
"56187:UDP"= 56187:UDP:Pando Media Booster
"56598:TCP"= 56598:TCP:Pando Media Booster
"56598:UDP"= 56598:UDP:Pando Media Booster
"58387:TCP"= 58387:TCP:Pando Media Booster
"58387:UDP"= 58387:UDP:Pando Media Booster
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9.5.2012 9:59 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.9.2011 22:26 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.9.2011 22:26 20696]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1.4.2012 17:57 2348352]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.5.2011 15:13 136176]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [27.11.2010 0:55 398176]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 8:50 158856]
S3 1394hub;1394 Enabled Hub;c:\windows\system32\svchost.exe -k netsvcs [14.4.2008 14:00 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.4.2012 20:25 253088]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.5.2011 15:13 136176]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [23.7.2011 18:10 133632]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [23.7.2011 18:10 79360]
S3 XDva346;XDva346;\??\c:\windows\system32\XDva346.sys --> c:\windows\system32\XDva346.sys [?]
S3 XDva387;XDva387;\??\c:\windows\system32\XDva387.sys --> c:\windows\system32\XDva387.sys [?]
S3 XDva389;XDva389;\??\c:\windows\system32\XDva389.sys --> c:\windows\system32\XDva389.sys [?]
S3 XDva390;XDva390;\??\c:\windows\system32\XDva390.sys --> c:\windows\system32\XDva390.sys [?]
S3 XDva391;XDva391;\??\c:\windows\system32\XDva391.sys --> c:\windows\system32\XDva391.sys [?]
S3 XDva392;XDva392;\??\c:\windows\system32\XDva392.sys --> c:\windows\system32\XDva392.sys [?]
S3 XDva393;XDva393;\??\c:\windows\system32\XDva393.sys --> c:\windows\system32\XDva393.sys [?]
S3 XDva394;XDva394;\??\c:\windows\system32\XDva394.sys --> c:\windows\system32\XDva394.sys [?]
S3 XDva396;XDva396;\??\c:\windows\system32\XDva396.sys --> c:\windows\system32\XDva396.sys [?]
S3 XDva397;XDva397;\??\c:\windows\system32\XDva397.sys --> c:\windows\system32\XDva397.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 12:36]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-22 13:13]
.
2012-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-22 13:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.2.0.1 10.0.0.1
FF - ProfilePath - c:\documents and settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\6y4wqtal.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Akamai NetSession Interface - c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
MSConfigStartUp-BCSSync - c:\program files\Microsoft Office\Office14\BCSSync.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-13 08:58
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-602162358-515967899-1004\Software\SecuROM\License information*]
"datasecu"=hex:19,cd,76,ca,30,6b,da,12,64,0b,d6,06,16,cf,70,ae,12,6a,d7,ba,30,
7b,cb,b3,99,18,20,2a,7a,87,2f,cb,e1,92,df,b1,e9,69,25,9c,a8,28,1d,7f,a1,46,\
"rkeysecu"=hex:33,45,8e,a0,52,76,91,1f,87,08,8a,63,70,6c,3c,f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3480)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-05-13 09:02:10
ComboFix-quarantined-files.txt 2012-05-13 07:02
.
Před spuštěním: Volných bajtů: 189 256 896 512
Po spuštění: Volných bajtů: 189 432 827 904
.
- - End Of File - - 2A6DFD5D2DA0869054F88215626311B6

Reklama

Příspěvekod **jaro3** » 13 kvě 2012 10:10

Odinstaloval si SpywareTerminator?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\sp_rsdrv2.sys
c:\windows\system32\REND0.tmp
c:\windows\system32\RENC2.tmp
c:\windows\system32\RENA3.tmp
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\issacapi_se-2.3.dll
c:\windows\system32\issacapi_pe-2.3.dll
c:\windows\system32\issacapi_bs-2.3.dll
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
gupdate
SkypeUpdate
EagleXNt
gupdatem
XDva346
XDva387
XDva389
XDva390
XDva391
XDva392
XDva393
XDva394
XDva396
XDva397

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

T0m1k · Příspěvekod **T0m1k** » 13 kvě 2012 11:39

Ano odinstaloval

ComboFix 12-05-13.02 - Uzivatel 13.05.2012 11:22:50.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.611 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uzivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uzivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\program files\Google\Update\GoogleUpdate.exe"
"c:\program files\Skype\Updater\Updater.exe"
"c:\windows\system32\drivers\sp_rsdrv2.sys"
"c:\windows\system32\issacapi_bs-2.3.dll"
"c:\windows\system32\issacapi_pe-2.3.dll"
"c:\windows\system32\issacapi_se-2.3.dll"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
"c:\windows\system32\RENA3.tmp"
"c:\windows\system32\RENC2.tmp"
"c:\windows\system32\REND0.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEXNT
-------\Legacy_GUPDATE
-------\Legacy_SKYPEUPDATE
-------\Legacy_XDVA346
-------\Legacy_XDVA387
-------\Legacy_XDVA389
-------\Legacy_XDVA390
-------\Legacy_XDVA391
-------\Legacy_XDVA392
-------\Legacy_XDVA393
-------\Legacy_XDVA394
-------\Legacy_XDVA396
-------\Legacy_XDVA397
-------\Service_EagleXNt
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
-------\Service_XDva346
-------\Service_XDva387
-------\Service_XDva389
-------\Service_XDva390
-------\Service_XDva391
-------\Service_XDva392
-------\Service_XDva393
-------\Service_XDva394
-------\Service_XDva396
-------\Service_XDva397
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-13 do 2012-05-13 )))))))))))))))))))))))))))))))
.
.
2012-05-12 09:19 . 2012-05-12 09:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-12 09:19 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-11 16:13 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-05-10 15:31 . 2012-05-10 15:31 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS
2012-05-09 07:59 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-05-08 07:14 . 2008-04-14 12:00 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2012-05-08 07:09 . 2011-12-23 18:58 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-05-08 07:07 . 2012-05-08 07:07 -------- d-----w- c:\program files\MarkAny
2012-05-08 07:07 . 2011-12-23 18:58 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-05-08 07:07 . 2011-12-23 18:58 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2012-05-08 07:07 . 2011-12-23 18:58 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2012-05-08 07:06 . 2012-05-08 07:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2012-05-08 07:06 . 2012-05-08 07:11 -------- d-----w- c:\program files\Samsung
2012-05-08 07:05 . 2012-05-08 07:05 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Downloaded Installations
2012-04-30 19:11 . 2012-04-30 19:50 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\PMB Files
2012-04-30 19:11 . 2012-04-30 19:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PMB Files
2012-04-30 19:10 . 2012-04-30 19:10 -------- d-----w- c:\program files\Pando Networks
2012-04-30 19:04 . 2012-04-30 19:04 -------- d-----w- c:\documents and settings\Uzivatel\SpawnApps
2012-04-27 13:47 . 2012-04-27 13:47 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\PSpad
2012-04-27 13:25 . 2012-04-27 13:25 -------- d-----w- c:\program files\PSPad editor
2012-04-23 14:14 . 2003-10-27 16:04 73728 ----a-w- c:\windows\system32\GkSui18.EXE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-30 12:36 . 2012-04-07 18:25 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-30 12:36 . 2011-05-22 06:15 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:55 . 2008-04-14 08:06 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2008-04-14 12:00 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-01 15:58 . 2012-03-22 16:49 141312 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-01 15:58 . 2012-04-01 15:58 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-01 15:58 . 2011-05-14 13:26 567696 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-22 16:46 . 2012-03-22 16:46 0 ----a-w- c:\windows\system32\REND0.tmp
2012-03-22 16:41 . 2012-03-22 16:41 0 ----a-w- c:\windows\system32\RENC2.tmp
2012-03-22 16:41 . 2012-03-22 16:41 0 ----a-w- c:\windows\system32\RENA3.tmp
2012-03-06 23:15 . 2011-09-29 20:25 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2011-09-29 20:25 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:03 . 2011-09-29 20:26 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2011-09-29 20:26 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-06 23:01 . 2011-09-29 20:26 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2011-09-29 20:26 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-06 23:01 . 2011-09-29 20:26 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-06 23:01 . 2011-09-29 20:26 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 22:58 . 2011-09-29 20:26 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 10:59 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 23:58 . 2012-04-01 15:55 17534976 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-29 23:58 . 2011-08-25 09:46 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-29 23:58 . 2011-08-25 09:46 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-29 23:58 . 2011-08-25 09:46 5918720 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-29 23:58 . 2011-08-25 09:46 2522944 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-29 23:58 . 2011-08-25 09:46 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-29 23:58 . 2011-08-25 09:46 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-29 23:58 . 2006-08-30 12:03 4309760 ----a-w- c:\windows\system32\nv4_disp.dll
2012-02-29 23:58 . 2006-08-30 12:03 2291712 ----a-w- c:\windows\system32\nvapi.dll
2012-02-29 23:58 . 2006-08-30 12:03 18624512 ----a-w- c:\windows\system32\nvoglnt.dll
2012-02-29 23:58 . 2006-08-30 12:03 13417632 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-02-29 20:30 . 2006-08-30 12:03 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-02-29 20:30 . 2011-08-25 09:47 143680 ----a-w- c:\windows\system32\nvcolor.exe
2012-02-29 20:30 . 2006-08-30 12:03 15494464 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:30 . 2006-08-30 12:03 164160 ----a-w- c:\windows\system32\nvsvc32.exe
2012-02-29 20:30 . 2006-08-30 12:03 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 14:10 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-14 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2012-02-01 04:37 . 2011-10-08 16:25 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-02 16269312]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-29 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-29 1634112]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-04-04 05:53 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-13 13:57 136176 ----atw- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-02-29 20:30 15494464 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-02-29 20:30 108352 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2012-02-29 23:58 1634112 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-06-15 06:19 307200 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 06:55 17148552 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\amcap.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonUS\\NGM\\NGM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\OGPlanet\\LostSagaEU\\autoupgrade.exe"=
"c:\\Program Files\\OGPlanet\\LostSagaEU\\lostsaga.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56187:TCP"= 56187:TCP:Pando Media Booster
"56187:UDP"= 56187:UDP:Pando Media Booster
"56598:TCP"= 56598:TCP:Pando Media Booster
"56598:UDP"= 56598:UDP:Pando Media Booster
"58387:TCP"= 58387:TCP:Pando Media Booster
"58387:UDP"= 58387:UDP:Pando Media Booster
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.9.2011 22:26 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.9.2011 22:26 20696]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1.4.2012 17:57 2348352]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [27.11.2010 0:55 398176]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9.5.2012 9:59 612184]
S3 1394hub;1394 Enabled Hub;c:\windows\system32\svchost.exe -k netsvcs [14.4.2008 14:00 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.4.2012 20:25 253088]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [23.7.2011 18:10 133632]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [23.7.2011 18:10 79360]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 12:36]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-22 13:13]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-22 13:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.2.0.1 10.0.0.1
FF - ProfilePath - c:\documents and settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\6y4wqtal.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-13 11:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-602162358-515967899-1004\Software\SecuROM\License information*]
"datasecu"=hex:19,cd,76,ca,30,6b,da,12,64,0b,d6,06,16,cf,70,ae,12,6a,d7,ba,30,
7b,cb,b3,99,18,20,2a,7a,87,2f,cb,e1,92,df,b1,e9,69,25,9c,a8,28,1d,7f,a1,46,\
"rkeysecu"=hex:33,45,8e,a0,52,76,91,1f,87,08,8a,63,70,6c,3c,f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(676)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-05-13 11:36:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-13 09:36
ComboFix2.txt 2012-05-13 07:02
.
Před spuštěním: Volných bajtů: 209 606 225 920
Po spuštění: Volných bajtů: 209 450 098 688
.
- - End Of File - - 2D2825877664C9F73046E4ADB5A39126

Příspěvekod **Žbeky** » 13 kvě 2012 13:26

Ještě ten aswMBR +

Toto otestuj na Virustotal
c:\windows\system32\GkSui18.EXE

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

T0m1k · Příspěvekod **T0m1k** » 13 kvě 2012 14:18

VirusTotal mi napise Analysis failed!

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-13 14:01:51
-----------------------------
14:01:51.531 OS Version: Windows 5.1.2600 Service Pack 3
14:01:51.531 Number of processors: 2 586 0x407
14:01:51.531 ComputerName: GH UserName:
14:01:51.984 Initialize success
14:01:52.078 AVAST engine defs: 12051300
14:02:32.828 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10
14:02:32.828 Disk 0 Vendor: ST3250820AS 3.AAC Size: 238475MB BusType: 3
14:02:32.843 Disk 0 MBR read successfully
14:02:32.843 Disk 0 MBR scan
14:02:32.906 Disk 0 Windows XP default MBR code
14:02:32.906 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
14:02:32.906 Disk 0 scanning sectors +488376000
14:02:33.000 Disk 0 scanning C:\WINDOWS\system32\drivers
14:02:44.125 Service scanning
14:02:58.015 Modules scanning
14:03:09.015 Disk 0 trace - called modules:
14:03:09.031 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:03:09.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8674bab8]
14:03:09.031 3 CLASSPNP.SYS[f78c3fd7] -> nt!IofCallDriver -> \Device\00000070[0x8674f968]
14:03:09.046 5 ACPI.sys[f781a620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-10[0x8674dd98]
14:03:09.531 AVAST engine scan C:\WINDOWS
14:03:14.234 AVAST engine scan C:\WINDOWS\system32
14:05:41.968 AVAST engine scan C:\WINDOWS\system32\drivers
14:06:07.687 AVAST engine scan C:\Documents and Settings\Uzivatel
14:15:03.312 AVAST engine scan C:\Documents and Settings\All Users
14:15:57.375 Scan finished successfully
14:17:01.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Uzivatel\Plocha\MBR.dat"
14:17:01.437 The log file has been saved successfully to "C:\Documents and Settings\Uzivatel\Plocha\aswMBR.txt"

T0m1k · Příspěvekod **T0m1k** » 13 kvě 2012 14:22

Zapomněl jsem na crystaldisk

----------------------------------------------------------------------------
CrystalDiskInfo 4.6.2 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/05/13 14:21:14

-- Controller Map ----------------------------------------------------------
+ Řadič SiS rozhraní IDE ke sběrnici PCI [ATA]
+ Primární kanál IDE (0)
- Optiarc DVD RW AD-7170A
- Sekundární kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- ST3250820AS

-- Disk List ---------------------------------------------------------------
(1) ST3250820AS : 250.0 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) ST3250820AS
----------------------------------------------------------------------------
Model : ST3250820AS
Firmware : 3.AAC
Serial Number : 9QE078L2
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 16198 hod.
Power On Count : 3608 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _94 __6 000000000000 Počet chyb čtení
03 _93 _90 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000E33 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _87 _60 _30 0000242E951D Počet chybných hledání
09 _82 _82 __0 000000003F46 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000E18 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _57 _49 _45 00002C2A002B Teplota toku vzduchu
C2 _43 _51 __0 00130000002B Teplota
C3 _69 _58 __0 00000001F2AA Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3951 3951 4530 3738 4C32
020: 0000 4000 0004 332E 4141 2020 2020 5354 3332 3530
030: 3832 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 017F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1200 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DFA5

Příspěvekod **jaro3** » 14 kvě 2012 09:15

Zkopíruj soubor do jiného umístění a zkus virus total znovu.

Jelikož to nemaže:

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

T0m1k · Příspěvekod **T0m1k** » 14 kvě 2012 16:53

Extras.txt

OTL Extras logfile created on: 14.5.2012 16:41:45 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\Uzivatel\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,54 Mb Total Physical Memory | 671,11 Mb Available Physical Memory | 65,63% Memory free
2,40 Gb Paging File | 2,13 Gb Available in Paging File | 88,61% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 190,69 Gb Free Space | 81,88% Space Free | Partition Type: NTFS

Computer Name: GH | User Name: Uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56080:TCP" = 56080:TCP:*:Enabled:Pando Media Booster
"56080:UDP" = 56080:UDP:*:Enabled:Pando Media Booster
"56359:TCP" = 56359:TCP:*:Enabled:Pando Media Booster
"56359:UDP" = 56359:UDP:*:Enabled:Pando Media Booster
"59113:TCP" = 59113:TCP:*:Enabled:Pando Media Booster
"59113:UDP" = 59113:UDP:*:Enabled:Pando Media Booster
"57141:TCP" = 57141:TCP:*:Enabled:Pando Media Booster
"57141:UDP" = 57141:UDP:*:Enabled:Pando Media Booster
"59133:TCP" = 59133:TCP:*:Enabled:Pando Media Booster
"59133:UDP" = 59133:UDP:*:Enabled:Pando Media Booster
"56771:TCP" = 56771:TCP:*:Enabled:Pando Media Booster
"56771:UDP" = 56771:UDP:*:Enabled:Pando Media Booster
"56187:TCP" = 56187:TCP:*:Enabled:Pando Media Booster
"56187:UDP" = 56187:UDP:*:Enabled:Pando Media Booster
"56598:TCP" = 56598:TCP:*:Enabled:Pando Media Booster
"56598:UDP" = 56598:UDP:*:Enabled:Pando Media Booster
"58387:TCP" = 58387:TCP:*:Enabled:Pando Media Booster
"58387:UDP" = 58387:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"56187:TCP" = 56187:TCP:*:Enabled:Pando Media Booster
"56187:UDP" = 56187:UDP:*:Enabled:Pando Media Booster
"56598:TCP" = 56598:TCP:*:Enabled:Pando Media Booster
"56598:UDP" = 56598:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"58387:TCP" = 58387:TCP:*:Enabled:Pando Media Booster
"58387:UDP" = 58387:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\amcap.exe" = C:\WINDOWS\amcap.exe:*:Enabled:AMCap -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\OGPlanet\LostSagaEU\autoupgrade.exe" = C:\Program Files\OGPlanet\LostSagaEU\autoupgrade.exe:*:Enabled:Lost Saga -- (IO Entertainment Co., Ltd.)
"C:\Program Files\OGPlanet\LostSagaEU\lostsaga.exe" = C:\Program Files\OGPlanet\LostSagaEU\lostsaga.exe:*:Enabled:LostSaga(client) -- (IO Entertainment Co., Ltd.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1236C08B-FD22-4F7A-9184-34D46884EAA5}" = Fiesta
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E127B28D-1A2A-45C4-A74E-C817E0A74E3E}" = Fiesta
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.6.2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster
"ie8" = Windows Internet Explorer 8
"LostSagaEU" = Lost Saga EU
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OGPlanet Game Launcher US" = OGPlanet Game Launcher
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"PowerISO" = PowerISO
"PSPad editor_is1" = PSPad editor
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.1.2012 12:24:25 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:25 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:26 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:26 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:27 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:27 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:28 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:28 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:29 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 27.1.2012 12:24:29 | Computer Name = UZIVATEL-BB7B16 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

[ System Events ]
Error - 13.5.2012 5:29:33 | Computer Name = GH | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_XDVA396\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 13.5.2012 5:29:33 | Computer Name = GH | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_XDVA397\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 13.5.2012 5:31:11 | Computer Name = GH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswSnx

Error - 13.5.2012 6:01:33 | Computer Name = GH | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%1811

Error - 13.5.2012 23:23:12 | Computer Name = GH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswSnx

Error - 13.5.2012 23:23:58 | Computer Name = GH | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%1811

Error - 14.5.2012 1:02:57 | Computer Name = GH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswSnx

Error - 14.5.2012 1:04:56 | Computer Name = GH | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%1811

Error - 14.5.2012 10:25:09 | Computer Name = GH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswSnx

Error - 14.5.2012 10:25:55 | Computer Name = GH | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%1811

< End of report >

T0m1k · Příspěvekod **T0m1k** » 14 kvě 2012 16:54

OTL.txt

OTL logfile created on: 14.5.2012 16:41:45 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\Uzivatel\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,54 Mb Total Physical Memory | 671,11 Mb Available Physical Memory | 65,63% Memory free
2,40 Gb Paging File | 2,13 Gb Available in Paging File | 88,61% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 190,69 Gb Free Space | 81,88% Space Free | Partition Type: NTFS

Computer Name: GH | User Name: Uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Uzivatel\Dokumenty\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\IObit\Game Booster\gbtray.exe (IObit)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Alwil Software\Avast5\defs\12051400\algo.dll ()
MOD - C:\Program Files\Alwil Software\Avast5\defs\12051301\algo.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\IObit\Game Booster\sqlite3.dll ()
MOD - C:\Program Files\IObit\Game Booster\madexcept_.bpl ()
MOD - C:\Program Files\IObit\Game Booster\madbasic_.bpl ()
MOD - C:\Program Files\IObit\Game Booster\maddisAsm_.bpl ()

========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (XDva397) -- C:\WINDOWS\system32\XDva397.sys File not found
DRV - (XDva396) -- C:\WINDOWS\system32\XDva396.sys File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (Mkd2kfNt) -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys (AhnLab, Inc.)
DRV - (Mkd2Nadr) -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys (AhnLab, Inc.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SiSGbeXP) -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys (Silicon Integrated Systems Corp.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{ABB99A2C-F7D4-49C6-950F-DF39324E5C10}: "URL" = http://search.avg.com/route/?d=4dcd079a ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\WINDOWS\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.05.25 09:48:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.05.09 09:59:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.01 06:37:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.10.08 18:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Extensions
[2012.04.01 18:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.03.30 16:06:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.01 06:37:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.05.25 09:48:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.02.01 06:37:33 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 02:48:01 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.09.29 03:30:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.29 03:30:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.29 03:30:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.29 03:30:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.29 03:30:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - Extension: Angry Birds = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Prvky a fyziky = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fdcpedjbhjpalhdjkbchahkcceaikoda\1.2.0_0\
CHR - Extension: Chain Reaction = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa\1.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.32_0\
CHR - Extension: Isoball 3 = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2012.05.13 11:30:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.1 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{960D41F3-0142-4F6D-A6CC-1BA8A4662591}: DhcpNameServer = 10.2.0.1 10.0.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.05.14 16:30:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Uzivatel\Recent
[2012.05.13 14:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2012.05.13 14:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.05.13 12:02:03 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.05.13 11:29:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.05.13 09:53:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.05.12 11:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2012.05.12 11:19:23 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.12 11:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.09 09:59:05 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.05.08 09:09:36 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2012.05.08 09:07:48 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012.05.08 09:07:48 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2012.05.08 09:07:48 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2012.05.08 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012.05.08 09:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2012.05.08 09:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2012.05.08 09:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Downloaded Installations
[2012.05.01 09:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Outspark
[2012.04.30 21:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\PMB Files
[2012.04.30 21:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2012.04.30 21:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2012.04.30 21:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\SpawnApps
[2012.04.27 15:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\Data aplikací\PSpad
[2012.04.27 15:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PSPad editor
[2012.04.27 15:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\PSPad editor
[2012.04.26 16:37:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.05.14 16:24:38 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job
[2012.05.14 16:24:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.13 14:20:53 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\CrystalDiskInfo.lnk
[2012.05.13 11:35:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.13 11:30:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.05.13 09:53:46 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.05.13 09:53:45 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.05.13 09:15:19 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.05.12 11:19:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.05.10 17:41:27 | 000,319,934 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120510_174040.reg
[2012.05.10 17:31:33 | 000,003,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\NTHANDLE.SYS
[2012.05.10 16:26:30 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.09 15:07:43 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.09 14:56:33 | 000,437,096 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.09 14:56:33 | 000,433,316 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.05.09 14:56:33 | 000,080,318 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.05.09 14:56:33 | 000,069,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.09 09:55:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.02 09:47:23 | 000,295,524 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.05.02 09:47:23 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.05.02 09:47:22 | 000,295,524 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.05.01 11:10:48 | 000,002,840 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120501_111045.reg
[2012.05.01 09:01:22 | 000,001,571 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Fiesta.lnk
[2012.04.30 14:36:54 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.04.30 14:36:54 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.04.29 15:12:20 | 000,001,314 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120429_151218.reg
[2012.04.29 15:11:36 | 000,022,308 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120429_151133.reg
[2012.04.27 15:25:17 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Plocha\PSPad.lnk
[2012.04.26 16:37:07 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.04.17 13:12:33 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.05.13 14:20:53 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Plocha\CrystalDiskInfo.lnk
[2012.05.12 11:19:27 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.05.11 18:13:35 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.05.10 17:40:50 | 000,319,934 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120510_174040.reg
[2012.05.10 17:31:33 | 000,003,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\NTHANDLE.SYS
[2012.05.01 11:10:47 | 000,002,840 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120501_111045.reg
[2012.05.01 09:01:22 | 000,001,571 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Fiesta.lnk
[2012.04.29 15:12:19 | 000,001,314 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120429_151218.reg
[2012.04.29 15:11:35 | 000,022,308 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Dokumenty\cc_20120429_151133.reg
[2012.04.27 15:25:17 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Plocha\PSPad.lnk
[2012.04.26 16:37:07 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.04.23 16:14:25 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2012.02.15 13:55:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.11.27 17:44:47 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011.09.17 22:38:16 | 000,000,307 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.08.26 15:11:36 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011.08.25 11:47:01 | 000,295,524 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.08.25 11:47:01 | 000,295,524 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.08.25 11:47:01 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.08.25 11:46:38 | 002,784,050 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.17 11:28:25 | 000,000,020 | ---- | C] () -- C:\WINDOWS\GKLauncherInfo.ini
[2011.06.18 10:29:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2011.06.13 16:24:05 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.15 13:17:28 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2011.05.15 13:17:27 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2011.05.13 16:08:40 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2011.05.13 15:39:25 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\vsnpstd3.dll
[2011.05.13 13:27:59 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.13 13:26:29 | 000,303,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.05.13 11:40:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.13 11:35:35 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2011.09.29 22:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2012.05.13 09:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.08.19 18:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.05.30 16:17:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.05.13 12:27:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.06.30 15:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.02 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.05.13 16:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.08.19 18:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.07.27 11:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nexon
[2011.11.19 19:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NexonUS
[2011.07.02 21:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.04.30 21:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2012.05.08 09:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.05.13 16:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2011.11.13 16:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
[2011.08.20 14:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2011.08.10 14:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TechSmith
[2011.07.16 21:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2012.02.21 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.05.07 14:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\.minecraft
[2011.05.13 12:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\AVG10
[2011.05.30 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Canon
[2011.06.30 15:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\DAEMON Tools Lite
[2011.07.17 19:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\DataCast
[2012.03.01 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\gtk-2.0
[2011.05.30 15:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\OpenOffice.org
[2011.08.22 10:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Opera
[2011.05.15 13:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\PriceGong
[2011.08.20 14:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Publish Providers
[2011.05.13 16:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\ScanSoft
[2011.08.20 14:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Sony
[2011.06.06 18:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Stu Bedore
[2011.07.16 21:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Uniblue
[2012.05.14 16:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\uTorrent

========== Purity Check ==========

< End of report >

T0m1k · Příspěvekod **T0m1k** » 14 kvě 2012 16:56

Když chci stáhnout aswMBR tak mi avast ohlásí vir.

Příspěvekod **jaro3** » 14 kvě 2012 20:17

Napřed si Avast deaktivuj , nákaza to není..

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
DRV - (XDva397) -- C:\WINDOWS\system32\XDva397.sys File not found
DRV - (XDva396) -- C:\WINDOWS\system32\XDva396.sys File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{ABB99A2C-F7D4-49C6-950F-DF39324E5C10}: "URL" = http://search.avg.com/route/?d=4dcd079a ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
[2011.10.08 18:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Extensions
[2012.04.01 18:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.05.13 11:30:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
[2012.05.09 14:56:33 | 000,437,096 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.09 14:56:33 | 000,433,316 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.05.09 14:56:33 | 000,080,318 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.05.09 14:56:33 | 000,069,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
C:\WINDOWS\System32\cis-2.4.dll
C:\WINDOWS\System32\issacapi_bs-2.3.dll
C:\WINDOWS\System32\issacapi_pe-2.3.dll
C:\WINDOWS\System32\issacapi_se-2.3.dll
C:\Documents and Settings\All Users\Data aplikací\AVG10
C:\Documents and Settings\Uzivatel\Data aplikací\AVG10

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

T0m1k · Příspěvekod **T0m1k** » 15 kvě 2012 16:29

https://www.virustotal.com/file/df73d5b ... 337006211/

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll File not found not found.
Service XDva397 stopped successfully!
Service XDva397 deleted successfully!
File C:\WINDOWS\system32\XDva397.sys File not found not found.
Error: Unable to stop service XDva396!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\XDva396 deleted successfully.
File C:\WINDOWS\system32\XDva396.sys File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ABB99A2C-F7D4-49C6-950F-DF39324E5C10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB99A2C-F7D4-49C6-950F-DF39324E5C10}\ not found.
C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\RENA3.tmp moved successfully.
C:\WINDOWS\System32\RENC2.tmp moved successfully.
C:\WINDOWS\System32\REND0.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc923f8e4bdd05.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] not found.
File\Folder [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] not found.
C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\drivers\sp_rsdrv2.sys moved successfully.
C:\WINDOWS\System32\cis-2.4.dll moved successfully.
C:\WINDOWS\System32\issacapi_bs-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_pe-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_se-2.3.dll moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10\scanlogs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10\log\IDP\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10\log\IDP folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10 folder moved successfully.
C:\Documents and Settings\Uzivatel\Data aplikací\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\Uzivatel\Data aplikací\AVG10 folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Uzivatel
->Temp folder emptied: 587542 bytes
->Temporary Internet Files folder emptied: 8362757 bytes
->Java cache emptied: 2102729 bytes
->FireFox cache emptied: 102353247 bytes
->Google Chrome cache emptied: 177173754 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 10135 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 277,00 mb

OTL by OldTimer - Version 3.2.43.0 log created on 05152012_160716

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online