Prosím o kontrolu HiJacku Zeman

Příspěvekod **jaro3** » 06 črc 2012 10:49

stáhni SuperAntiSpyware
aktualizuj databázi , proveď sken a následně nákazy smaž

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

+

Reklama

majoropava · Příspěvekod **majoropava** » 06 črc 2012 21:43

OTL logfile created on: 6.7.2012 19:20:00 - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\MajorZ\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 50,62% Memory free
4,85 Gb Paging File | 4,11 Gb Available in Paging File | 84,83% Paging File free
Paging file location(s): C:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 233,75 Gb Total Space | 128,69 Gb Free Space | 55,05% Space Free | Partition Type: NTFS

Computer Name: MAJOR | User Name: Major | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\MajorZ\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\12070601\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\12070600\algo.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl ()
MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\Contexthandler.dll ()

========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (nlsX86cc) -- C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (DfSdkS) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\DfSdkS.exe (mst software GmbH, Germany)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SmartDefragDriver) -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtKHDMI.sys (Realtek Semiconductor Corp.)
DRV - (Juchin) -- C:\WINDOWS\system32\drivers\Juchin.sys ()
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (Amps2prt) -- C:\WINDOWS\system32\drivers\Amps2prt.sys ((Standard mouse types))
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {1658c6ee-ea41-4d16-b472-d5ece8668989}
IE - HKCU\..\SearchScopes,DefaultScope = Yahoo!
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..keyword.enabled: "true"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p="
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163&ilc=12"
FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522"
FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522"
FF - prefs.js..backup.old.browser.search.selectedEngine: "Search"
FF - prefs.js..backup.old.browser.search.defaultenginename: "Search"

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Google\Update\1.2.145.5\npGoogleOneClick8.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.02.13 22:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2012.06.26 07:03:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.06.26 07:26:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.08 07:54:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files\Seznam.cz\firefox [2012.07.06 07:58:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.19 06:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.13 13:56:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files\Seznam.cz\firefox [2012.07.06 07:58:05 | 000,000,000 | ---D | M]

[2012.07.06 07:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Extensions
[2012.07.06 19:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Firefox\Profiles\7b3ij6lp.default\extensions
[2012.07.06 19:07:51 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Firefox\Profiles\7b3ij6lp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.06.20 07:25:57 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Firefox\Profiles\59be1pi0.default\searchplugins\Search.xml
[2011.11.09 07:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.11.09 07:38:22 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG
[2012.06.19 06:18:52 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.01.20 10:48:01 | 000,061,440 | ---- | M] () -- C:\Program Files\mozilla firefox\components\gemgecko.dll
[2008.11.11 07:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.08.02 12:53:56 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.19 06:18:50 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.19 06:18:50 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.19 06:18:50 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.19 06:18:50 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.19 06:18:50 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\MajorZ\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\MajorZ\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\MajorZ\Local Settings\Data aplikac\u00ED\Google\Update\1.2.145.5\npGoogleOneClick8.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.06 07:35:47 | 000,000,002 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7130325156 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.155.229.197 213.155.255.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94F60448-FE7D-4DC5-87B8-B70948C41F73}: DhcpNameServer = 213.155.229.197 213.155.255.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.07.06 19:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.07.06 19:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MajorZ\Data aplikací\SUPERAntiSpyware.com
[2012.07.06 19:12:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2012.07.06 19:11:55 | 018,279,752 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\MajorZ\Plocha\SUPERAntiSpyware.exe
[2012.07.06 07:35:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.05 11:51:56 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MajorZ\Plocha\OTL.exe
[2012.07.05 07:16:25 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.04 18:45:51 | 000,499,712 | ---- | C] (eSage Lab) -- C:\Documents and Settings\MajorZ\Plocha\remover.exe
[2012.07.03 04:32:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\MajorZ\Recent
[2012.06.27 16:21:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.06.27 16:12:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.06.26 20:38:11 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\MajorZ\Plocha\aswMBR.exe
[2012.06.26 10:24:23 | 002,128,984 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\MajorZ\Plocha\TDSSKiller.exe
[2012.06.26 07:31:38 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\MajorZ\Plocha\mbam-setup-1.61.0.1400.exe
[2012.06.25 10:14:43 | 002,018,520 | ---- | C] (Crawler, LLC. ) -- C:\Documents and Settings\MajorZ\Plocha\PCRxSetup.exe
[2012.06.20 10:31:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MajorZ\Data aplikací\Funmoods
[2012.06.20 07:27:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MajorZ\Data aplikací\YourFileDownloader
[2012.06.20 06:42:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MajorZ\Data aplikací\Media Finder
[2012.06.19 06:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.19 06:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.06.14 06:36:25 | 000,000,000 | ---D | C] -- C:\b2a212520773b099efd427
[2012.06.13 07:07:25 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2008.12.28 16:53:27 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\MajorZ\Data aplikací\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2012.07.06 19:25:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C39CC3E2-EC67-46BC-AAA5-3ECD0E7EE6D3}.job
[2012.07.06 19:13:36 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2012.07.06 19:12:01 | 018,279,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\MajorZ\Plocha\SUPERAntiSpyware.exe
[2012.07.06 18:43:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.06 07:39:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.06 07:35:47 | 000,000,002 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.07.05 14:34:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job
[2012.07.05 11:52:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MajorZ\Plocha\OTL.exe
[2012.07.05 07:16:03 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\RSIT.exe
[2012.07.01 13:27:54 | 000,000,053 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\fix.bat
[2012.07.01 09:37:41 | 000,002,649 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\GPSS World Student Version (2).lnk
[2012.06.29 13:30:57 | 000,478,730 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\bootkit_remover.rar
[2012.06.29 13:14:51 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\T-Cleaner.exe
[2012.06.27 16:41:59 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\MajorZ\Plocha\HiJackThis.lnk
[2012.06.26 20:38:19 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\MajorZ\Plocha\aswMBR.exe
[2012.06.26 07:32:09 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.06.26 07:31:43 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\MajorZ\Plocha\mbam-setup-1.61.0.1400.exe
[2012.06.26 06:22:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.06.25 21:19:12 | 002,128,984 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\MajorZ\Plocha\TDSSKiller.exe
[2012.06.25 10:14:50 | 002,018,520 | ---- | M] (Crawler, LLC. ) -- C:\Documents and Settings\MajorZ\Plocha\PCRxSetup.exe
[2012.06.23 08:39:27 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.23 08:39:27 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.22 17:51:31 | 000,182,167 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img055.pdf
[2012.06.22 17:50:37 | 000,228,106 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img054.pdf
[2012.06.22 17:49:42 | 000,294,842 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img053.pdf
[2012.06.22 17:48:39 | 000,311,674 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img052.pdf
[2012.06.21 16:25:09 | 000,115,865 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img051.pdf
[2012.06.21 16:24:01 | 000,250,336 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img050.pdf
[2012.06.21 16:22:57 | 000,278,750 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img049.pdf
[2012.06.21 16:21:39 | 000,237,646 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img048.pdf
[2012.06.21 16:20:00 | 000,214,601 | ---- | M] () -- C:\Documents and Settings\MajorZ\Dokumenty\img047.pdf
[2012.06.21 11:45:15 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.06.20 07:29:28 | 000,001,439 | ---- | M] () -- C:\user.js
[2012.06.20 07:25:52 | 000,031,470 | ---- | M] () -- C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\funmoods.crx
[2012.06.14 09:19:24 | 000,447,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.12 07:13:46 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2012.06.10 08:04:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

========== Files Created - No Company Name ==========

[2012.07.06 19:12:21 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2012.07.05 15:58:43 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.07.05 07:16:02 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\MajorZ\Plocha\RSIT.exe
[2012.07.01 13:27:53 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\MajorZ\Plocha\fix.bat
[2012.06.29 13:30:57 | 000,478,730 | ---- | C] () -- C:\Documents and Settings\MajorZ\Plocha\bootkit_remover.rar
[2012.06.29 13:14:50 | 000,100,864 | ---- | C] () -- C:\Documents and Settings\MajorZ\Plocha\T-Cleaner.exe
[2012.06.26 07:32:09 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.06.22 17:51:31 | 000,182,167 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img055.pdf
[2012.06.22 17:50:37 | 000,228,106 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img054.pdf
[2012.06.22 17:49:42 | 000,294,842 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img053.pdf
[2012.06.22 17:48:39 | 000,311,674 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img052.pdf
[2012.06.21 16:25:08 | 000,115,865 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img051.pdf
[2012.06.21 16:24:01 | 000,250,336 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img050.pdf
[2012.06.21 16:22:57 | 000,278,750 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img049.pdf
[2012.06.21 16:21:39 | 000,237,646 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img048.pdf
[2012.06.21 16:19:59 | 000,214,601 | ---- | C] () -- C:\Documents and Settings\MajorZ\Dokumenty\img047.pdf
[2012.06.20 06:42:56 | 000,031,470 | ---- | C] () -- C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\funmoods.crx
[2012.02.15 15:37:10 | 000,002,602 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.02.15 08:30:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.29 19:07:21 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\MajorZ\.recently-used.xbel
[2012.01.12 17:43:13 | 000,042,584 | ---- | C] () -- C:\WINDOWS\SETUPQSB.EXE
[2011.12.25 12:37:59 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\maplecompat.dll
[2011.12.25 12:37:58 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll
[2011.12.25 12:37:58 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll
[2011.12.25 11:49:14 | 000,023,239 | ---- | C] () -- C:\Documents and Settings\MajorZ\untitled2_MAS.bak
[2011.12.25 11:34:00 | 000,023,750 | ---- | C] () -- C:\Documents and Settings\MajorZ\untitled1_MAS.bak
[2011.12.15 11:39:32 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\img2pdf.ini
[2011.12.12 12:18:13 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pdfeditor.dat
[2011.12.12 11:48:27 | 000,075,776 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2011.09.30 08:32:54 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.03.15 16:31:07 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\MajorZ\.sim.lck
[2011.03.02 19:27:13 | 000,028,496 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011.03.02 19:27:13 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011.02.11 09:59:14 | 000,001,773 | ---- | C] () -- C:\WINDOWS\aopr.ini
[2011.02.08 13:05:38 | 000,000,065 | ---- | C] () -- C:\WINDOWS\minitab.ini
[2010.12.08 12:43:08 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2010.12.08 12:43:08 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010.12.08 11:00:21 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.08.09 08:36:59 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010.08.09 08:36:59 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010.03.17 08:12:08 | 000,002,346 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\mdbu.bin
[2009.10.17 16:07:18 | 000,003,242 | ---- | C] () -- C:\Documents and Settings\MajorZ\report.htm
[2009.06.30 17:40:13 | 000,000,068 | ---- | C] () -- C:\Documents and Settings\MajorZ\rescuepro.properties
[2009.06.07 23:49:06 | 000,000,528 | ---- | C] () -- C:\Documents and Settings\MajorZ\.xmaximarc
[2009.06.04 12:15:12 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\MajorZ\CommandDispatchers.xml
[2009.06.04 12:15:11 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\MajorZ\cleaner-config.xml
[2009.02.01 17:58:17 | 000,000,005 | ---- | C] () -- C:\Program Files\trl.trl
[2008.12.28 16:53:45 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\vso_ts_preview.xml
[2008.12.28 16:53:27 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\inst.exe
[2008.12.28 16:53:27 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\pcouffin.cat
[2008.12.28 16:53:27 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\pcouffin.inf
[2008.07.13 23:16:43 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\MajorZ\Data aplikací\WWB7_32.DAT
[2008.04.20 13:05:51 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.10 09:23:44 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\fusioncache.dat
[2008.03.26 23:31:29 | 000,008,967 | ---- | C] () -- C:\Documents and Settings\MajorZ\gsview32.ini
[2008.03.22 08:06:30 | 000,203,264 | ---- | C] () -- C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.03.17 20:21:17 | 000,000,998 | ---- | C] () -- C:\Documents and Settings\MajorZ\intlname.ols

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2005.01.29 19:52:10 | 003,956,165 | ---- | M] () -- C:\AviSynth.exe
[2005.01.29 19:52:16 | 000,288,640 | ---- | M] (Microsoft Corporation) -- C:\DirectX Setup.exe

< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 07:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 07:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\High Precision Event Timer#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\High Precision Event Timer#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\High Precision Event Timer#3\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\High Precision Event Timer#4\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\High Precision Event Timer\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) 82801 PCI Bridge - 244E#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) 82801 PCI Bridge - 244E#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) 82801 PCI Bridge - 244E\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset PCI Express Root Port - 29C1#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset PCI Express Root Port - 29C1#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset PCI Express Root Port - 29C1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset Processor to I O Controller - 29C0#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset Processor to I O Controller - 29C0#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) G33 G31 P35 Express Chipset Processor to I O Controller - 29C0\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 1 - 2940#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 1 - 2940#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 1 - 2940\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 4 - 2946#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 4 - 2946#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 4 - 2946\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 5 - 2948#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 5 - 2948#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family PCI Express Root Port 5 - 2948\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family SMBus Controller - 2930#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family SMBus Controller - 2930#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 Family SMBus Controller - 2930\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 LPC Interface Controller - 2918#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 LPC Interface Controller - 2918#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Intel(R) ICH9 LPC Interface Controller - 2918\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio#1\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio#2\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio#3\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio#4\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio#5\agp440.sys
[2008.04.13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Záloha\Ovladač Microsoft UAA pro sběrnici High Definition Audio\agp440.sys
[2004.08.03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 07:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 07:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2002.08.29 00:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 03:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2007.01.23 16:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Program Files\MATLAB\R2009a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 03:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 03:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\MajorZ\Dokumenty\U kalicha recepty.pdf:SummaryInformation

< End of report >

Příspěvekod **jaro3** » 06 črc 2012 22:15

Odinstaluj:
SUPERAntiSpyware

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
(Je třeba zkopírovat celý script , je tam posuvník!!!!!)

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {1658c6ee-ea41-4d16-b472-d5ece8668989}
IE - HKCU\..\SearchScopes,DefaultScope = Yahoo!
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms}
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..keyword.enabled: "true"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p="
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163&ilc=12"
FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522"
FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522"
FF - prefs.js..backup.old.browser.search.selectedEngine: "Search"
FF - prefs.js..backup.old.browser.search.defaultenginename: "Search"
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
[2012.07.06 07:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Extensions
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\MajorZ\Plocha\remover.exe
C:\Documents and Settings\MajorZ\Plocha\aswMBR.exe
C:\Documents and Settings\MajorZ\Plocha\TDSSKiller.exe
C:\Documents and Settings\MajorZ\Data aplikací\Funmoods
C:\Documents and Settings\MajorZ\Data aplikací\Media Finder
C:\Documents and Settings\MajorZ\Plocha\fix.bat
C:\Documents and Settings\MajorZ\Plocha\bootkit_remover.rar
C:\Documents and Settings\MajorZ\Plocha\T-Cleaner.exe
C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\funmoods.crx
C:\Documents and Settings\MajorZ\Plocha\RSIT.exe
C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

majoropava · Příspěvekod **majoropava** » 07 črc 2012 13:15

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Prefs.js: "Search" removed from browser.search.selectedEngine
Prefs.js: "true" removed from keyword.enabled
Prefs.js: "Search" removed from browser.search.defaultenginename
Prefs.js: "Search" removed from browser.search.selectedEngine
Prefs.js: "Search" removed from browser.search.defaultenginename
Prefs.js: "Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p=" removed from keyword.URL
Prefs.js: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=971163&p=" removed from keyword.URL
Prefs.js: "chr-greentree_ff&type=971163&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522" removed from browser.startup.homepage
Prefs.js: "http://start.funmoods.com/?f=1&a=irtest1&chnl=irtest1&cd=2XzutAtN2Y1L1QzutDtDtC0DyB0D0AzytDtCtD0CzytByCyDtN0D0TzutBtDtCtBtDyCtBtD&cr=1336386522" removed from browser.startup.homepage
Prefs.js: "Search" removed from backup.old.browser.search.selectedEngine
Prefs.js: "Search" removed from backup.old.browser.search.defaultenginename
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully.
C:\Documents and Settings\MajorZ\Data aplikací\Mozilla\Extensions folder moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Starting removal of ActiveX control DirectAnimation Java Classes Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes Reg Error: Value error.\ not found.
Starting removal of ActiveX control Microsoft XML Parser for Java Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
File EY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] not found.
File sethosts] not found.
File rity] not found.
File ptytemp] not found.
File PTYFLASH] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.53.1 log created on 07072012_111159

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 07 črc 2012 19:46

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\MajorZ\Plocha\remover.exe
C:\Documents and Settings\MajorZ\Plocha\aswMBR.exe
C:\Documents and Settings\MajorZ\Plocha\TDSSKiller.exe
C:\Documents and Settings\MajorZ\Data aplikací\Funmoods
C:\Documents and Settings\MajorZ\Data aplikací\Media Finder
C:\Documents and Settings\MajorZ\Plocha\fix.bat
C:\Documents and Settings\MajorZ\Plocha\bootkit_remover.rar
C:\Documents and Settings\MajorZ\Plocha\T-Cleaner.exe
C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\funmoods.crx
C:\Documents and Settings\MajorZ\Plocha\RSIT.exe
C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
C:\Documents and Settings\MajorZ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

majoropava · Příspěvekod **majoropava** » 08 črc 2012 09:05

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.53.1 log created on 07082012_070204

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 08 črc 2012 10:25

Jak to vypadá?

majoropava · Příspěvekod **majoropava** » 08 črc 2012 11:09

Zdravím - tedy jak to vypadá.
Rychlost najíždění OS Windows XP je stále stejně ne(rychlá) a pak i načtení nastavení.
Rychlost otevírání prvků Microsoft Office 2010 je asi též stejná, komunikace se mírně zrychlily.
Mám dotaz - a to nevím proč. Včera jsem musel spouštět PC asi 10 krát - mrzlo to na načtení nastavení. Musel jsem to vypínat - na tvrdo.
Nefunguje mi F8 a to nevím proč. Co s tím?
Zatím s pozdravem a díky za pomoc - Zeman.

Příspěvekod **jaro3** » 08 črc 2012 22:39

Tak to vidím nejpíš na zdroj..Půjč si odněkoho dobrý a silnější zdroj a vyzkoušej ho ve svém.

majoropava · Příspěvekod **majoropava** » 10 črc 2012 07:03

Zdravím a děkuji za radu. Dával bych to i za vinu teplotě - v Opavě bylu tepla "neúrekom".
Ochladilo se a jde vše při startu normálně.
nemám ječtě poslat ke kontrole soubor z HijackThis, nebo i něco jiného?
S pozdravem Zeman

Příspěvekod **jaro3** » 10 črc 2012 08:44

Nemusíš.

Spusť OTL a klikni na Vyčisti.

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím o kontrolu HiJacku Zeman Vyřešeno

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman

Re: Prosím o kontrolu HiJacku Zeman Vyřešeno

Kdo je online