Prosim o kontrolu logu+ Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod tomas_ch » 10 bře 2013 22:43

PC beha v pohode, internet jede jako vino, akorat cokoliv chci stahnout z netu,
tak se to stahne treba na plochu, ale po antivirove kontrole to zmizi. Napr. ATF cleaner, CCleaner, OTX, AVG Free,...
Je tu AVG8, ale nejde odinstalovat, muze to byt tim?

Diky :-)



Projel jsem to jeste MWAV:

10 III 2013 20:10:49 - **********************************************************
10 III 2013 20:10:49 - MWAV - eScanAV AntiVirus Toolkit.
10 III 2013 20:10:49 - Copyright © MicroWorld Technologies
10 III 2013 20:10:49 - **********************************************************
10 III 2013 20:10:49 - Source: C:\temp\vir\mwav.exe
10 III 2013 20:10:50 - Version 14.0.54 (C:\USERS\VERCIK\APPDATA\LOCAL\TEMP\MEXE.COM)
10 III 2013 20:10:50 - Log File: C:\Users\vercik\AppData\Local\Temp\MWAV.LOG
10 III 2013 20:10:50 - MWAV Registered: TRUE
10 III 2013 20:10:50 - User Account: vercik (Administrator Mode)
10 III 2013 20:10:50 - OS Type: Windows Workstation
10 III 2013 20:10:50 - OS: Windows Vista [OS Install Date: 28 Oct 2008 09:48:42]
10 III 2013 20:10:50 - Ver: Personal Service Pack 2 (Build 6002)
10 III 2013 20:10:50 - System Up Time: 1 Hour, 42 Minutes, 16 Seconds


10 III 2013 20:10:50 - Parent Process Name : C:\temp\vir\mwav.exe
10 III 2013 20:10:50 - Windows Root Folder: C:\Windows
10 III 2013 20:10:50 - Windows Sys32 Folder: C:\Windows\system32
10 III 2013 20:10:50 - DHCP NameServer: 10.0.0.138
10 III 2013 20:10:50 - Interface0 DHCPNameServer: 10.0.0.138
10 III 2013 20:10:50 - Interface1 DHCPNameServer: 10.0.0.138
10 III 2013 20:10:50 - Local Fixed Drives: c:\,d:\
10 III 2013 20:10:50 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)
10 III 2013 20:10:50 - [CREATED ZIP FILE: C:\Users\vercik\AppData\Local\Temp\pinfect.zip]

10 III 2013 20:10:50 - ****** Files/Folders created/modified during last fortnight in Windows and ROOT Folder ******
10 III 2013 20:10:54 - C:\Windows\MBR.exe (208896), 09-Mar-2013 [Added C:\Windows\MBR.exe to ZIP FILE]
10 III 2013 20:10:54 - C:\Windows\NIRCMD.exe (60416), 09-Mar-2013 [Added C:\Windows\NIRCMD.exe to ZIP FILE]
10 III 2013 20:10:54 - C:\Windows\SWREG.exe (518144), 09-Mar-2013 [Added C:\Windows\SWREG.exe to ZIP FILE]
10 III 2013 20:10:54 - C:\Windows\SWSC.exe (406528), 09-Mar-2013 [Added C:\Windows\SWSC.exe to ZIP FILE]
10 III 2013 20:10:54 - C:\Windows\system32\acovcnt.exe (45056), 10-Mar-2013 [Added C:\Windows\system32\acovcnt.exe to ZIP FILE]
10 III 2013 20:10:55 - C:\Windows\system32\FlashPlayerApp.exe (691568), 28-Feb-2013 [Added C:\Windows\system32\FlashPlayerApp.exe to ZIP FILE]
10 III 2013 20:10:55 - C:\Windows\system32\FlashPlayerCPLApp.cpl (71024), 28-Feb-2013 [Added C:\Windows\system32\FlashPlayerCPLApp.cpl to ZIP FILE]
10 III 2013 20:10:55 - C:\X51L.BIN (1048576), 27-Feb-2008 [HR] [Added C:\X51L.BIN to ZIP FILE]
10 III 2013 20:10:55 - C:\Windows\system32\drivers\mbam.sys (21104), 09-Mar-2013 [Added C:\Windows\system32\drivers\mbam.sys to ZIP FILE]
10 III 2013 20:10:55 - C:\Users\vercik\AppData\Local\Temp\bdc.exe (182792), 10-Mar-2013
10 III 2013 20:10:55 - C:\Users\vercik\AppData\Local\Temp\bdfltlib2k.dll (231944), 10-Mar-2013
10 III 2013 20:10:55 - C:\Users\vercik\AppData\Local\Temp\bdnimbus32.dll (85288), 10-Mar-2013
10 III 2013 20:10:55 - C:\Users\vercik\AppData\Local\Temp\bdnimbus64.dll (91944), 10-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\encdec.dll (256232), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\erootdrv.sys (22920), 10-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\mexe.com (777512), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\msvclnt.dll (201448), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\mwavdwnl.exe (990952), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\MWAVSCAN.COM (777512), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\red32.dll (11496), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\Reload.exe (153832), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\setpriv.exe (82152), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\unregx.exe (83176), 06-Mar-2013
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\viewtcp.exe (576744), 06-Mar-2013
10 III 2013 20:10:56 - C:\ProgramData\..\X51L.BIN (1048576), 27-Feb-2008 [HR] [Added C:\ProgramData\..\X51L.BIN to ZIP FILE]

10 III 2013 20:10:56 - C:\Windows\erdnt, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Windows\Fonts, 02-Nov-2006 [SR] [Folder]
10 III 2013 20:10:56 - C:\Windows\Media, 02-Nov-2006 [SR] [Folder]
10 III 2013 20:10:56 - C:\Windows\system32\CanonIJ Uninstaller Information, 27-Dec-2008 [H] [Folder]
10 III 2013 20:10:56 - C:\Windows\system32\Microsoft, 02-Nov-2006 [S] [Folder]
10 III 2013 20:10:56 - C:\ComboFix, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Config.Msi, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Documents and Settings, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\Qoobox, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\acro_rd_dir, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\Adobe, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\plugins, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\SUPERSetup, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Local\Temp\WPDNSE, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Roaming\Malwarebytes, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Roaming\Microsoft, 24-Nov-2008 [S] [Folder]
10 III 2013 20:10:56 - C:\Users\vercik\AppData\Roaming\SUPERAntiSpyware.com, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Application Data, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\CanonBJ, 27-Dec-2008 [H] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Common Files, 22-Feb-2013 [H] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Desktop, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Documents, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Malwarebytes, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Microsoft, 02-Nov-2006 [S] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\MicroWorld, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Start Menu, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\SUPERAntiSpyware.com, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\Templates, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\..\ComboFix, 10-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\..\Config.Msi, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\ProgramData\..\Documents and Settings, 24-Nov-2008 [HS] [Folder]
10 III 2013 20:10:56 - C:\ProgramData\..\Qoobox, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Program Files\CanonBJ, 27-Dec-2008 [H] [Folder]
10 III 2013 20:10:56 - C:\Program Files\CCleaner, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Program Files\Malwarebytes' Anti-Malware, 09-Mar-2013 [Folder]
10 III 2013 20:10:56 - C:\Program Files\Mozilla Firefox, 08-Mar-2013 [Folder]

10 III 2013 20:10:56 - *********************************************************************************************

10 III 2013 20:10:56 - Latest Date of files inside MWAV: Wed Mar 6 11:24:50 2013.
10 III 2013 20:10:56 - Sign Version: 7.45870
10 III 2013 20:10:59 - ** Changed Value of "HKEY_CLASSES_ROOT\.txt" from "bftxtfile" to "txtfile"
10 III 2013 20:10:59 - ** Changed Value of "HKEY_CLASSES_ROOT\.js" from "bfjsfile" to "jsfile"
10 III 2013 20:10:59 - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\Users\vercik\AppData\Local\Temp\ESCANDB.LOG]
10 III 2013 20:11:00 - Loaded/Created FileScan Cache Database...
10 III 2013 20:11:00 - Loading AV Library [DB]...
10 III 2013 20:12:47 - ArchiveScan: DISABLED
10 III 2013 20:12:59 - AV Library Loaded [DB-DIRECT].
10 III 2013 20:12:59 - MWAV doing self scanning...
10 III 2013 20:12:59 - MWAV files are clean.
10 III 2013 20:13:05 - ArchiveScan: DISABLED
10 III 2013 20:13:06 - Virus Database Date: 06 Mar 2013
10 III 2013 20:13:06 - Virus Database Count: 9222407
10 III 2013 20:13:59 - ArchiveScan: ENABLED
10 III 2013 20:14:14 - Downloading AntiVirus and Anti-Spyware Databases...
10 III 2013 20:17:36 - Update Successful...
10 III 2013 20:17:52 - Old Sign Version: 7.45870 New Sign Version: 7.45975
10 III 2013 20:19:55 - Reload of AntiVirus Signatures successfully done.
10 III 2013 20:19:55 - Virus Database Date: 10 Mar 2013
10 III 2013 20:19:55 - Virus Database Count: 9238961

10 III 2013 20:20:13 - **********************************************************
10 III 2013 20:20:13 - MWAV - eScanAV AntiVirus Toolkit.
10 III 2013 20:20:13 - Copyright © MicroWorld Technologies
10 III 2013 20:20:13 -
10 III 2013 20:20:13 - Support: support@escanav.com
10 III 2013 20:20:13 - Web: http://www.escanav.com
10 III 2013 20:20:13 - **********************************************************
10 III 2013 20:20:13 - Version 14.0.54[DB] (C:\USERS\VERCIK\APPDATA\LOCAL\TEMP\MEXE.COM)
10 III 2013 20:20:13 - Log File: C:\Users\vercik\AppData\Local\Temp\MWAV.LOG
10 III 2013 20:20:13 - User Account: vercik (Administrator Mode)
10 III 2013 20:20:13 - Parent Process Name : C:\temp\vir\mwav.exe
10 III 2013 20:20:13 - Windows Root Folder: C:\Windows
10 III 2013 20:20:13 - Windows Sys32 Folder: C:\Windows\system32
10 III 2013 20:20:13 - OS: Windows Vista [OS Install Date: 28 Oct 2008 09:48:42]
10 III 2013 20:20:13 - Ver: Personal Service Pack 2 (Build 6002)
10 III 2013 20:20:13 - Latest Date of files inside MWAV: Wed Mar 6 11:24:50 2013.
10 III 2013 20:20:13 - Sign Version: 7.45975

10 III 2013 20:20:13 - Options Selected by User:
10 III 2013 20:20:13 - Memory Check: Enabled
10 III 2013 20:20:13 - Registry Check: Enabled
10 III 2013 20:20:13 - StartUp Folder Check: Enabled
10 III 2013 20:20:13 - System Folder Check: Enabled
10 III 2013 20:20:13 - Services Check: Enabled
10 III 2013 20:20:13 - Scan Spyware: Enabled
10 III 2013 20:20:13 - Scan Archives: Enabled
10 III 2013 20:20:13 - Drive Check: Enabled
10 III 2013 20:20:13 - All Drive Check :Disabled
10 III 2013 20:20:13 - Drive Selected = C:\
10 III 2013 20:20:13 - Folder Check: Disabled
10 III 2013 20:20:13 - SCAN: All_Files
10 III 2013 20:20:13 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

10 III 2013 20:20:13 - Scanning DNS Records...
10 III 2013 20:20:14 - Scanning Master Boot Record (Kernel)...
10 III 2013 20:20:17 - Scanning Logical Boot Records...
10 III 2013 20:20:22 - ***** Scanning For Hidden Rootkit Processes *****
10 III 2013 20:20:23 - ***** Scanning For Hidden Rootkit Services *****

10 III 2013 20:20:37 - ***** Scanning Memory Files *****

10 III 2013 20:21:06 - ***** Scanning Registry Files *****
10 III 2013 20:21:15 - ERROR(3)!!! Invalid Entry msacm.vorbis = Vorbis.acm (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

10 III 2013 20:21:16 - ***** Scanning StartUp Folders *****

10 III 2013 20:25:51 - ***** Scanning Service Files *****
10 III 2013 20:25:57 - ERROR(2)!!! Invalid Entry %SystemRoot%\System32\appmgmts.dll. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt.
10 III 2013 20:26:04 - ERROR(2)!!! Invalid Entry \??\C:\ComboFix\catchme.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\catchme.
10 III 2013 20:26:10 - ERROR(2)!!! Invalid Entry \??\C:\Windows\system32\Drivers\DgiVecp.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\DgiVecp.

10 III 2013 20:27:45 - ***** Scanning Registry and File system for Adware/Spyware *****
10 III 2013 20:27:47 - Loading Spyware Signatures from new External Database [Name: C:\Users\vercik\AppData\Local\Temp\spydb.avs, Size: 463768]...
10 III 2013 20:27:47 - Indexed Spyware Databases Successfully Created...

10 III 2013 20:27:48 - Offending Key found: HKCU\Software\FLT !!!
10 III 2013 20:27:48 - Deleting Registry Key: HKCU\Software\FLT
10 III 2013 20:30:27 - Object "FlashTrack Spyware/Adware" found in File System! Action Taken: Entries Removed.

10 III 2013 20:30:30 - Offending Folder found: C:\Users\vercik\AppData\Local\FLT
10 III 2013 20:30:30 - Deltree of Folder C:\Users\vercik\AppData\Local\FLT...
10 III 2013 20:30:30 - Object "FlashTrack Spyware/Adware" found in File System! Action Taken: Entries Removed.

10 III 2013 20:30:44 - Offending file found: C:\Users\vercik\Desktop\Verunka\Prezentace atd\cassetup.exe
10 III 2013 20:30:44 - System found infected with CasinoClient Spyware/Adware (cassetup.exe)! Action taken: File Deleted.
10 III 2013 20:30:44 - Object "CasinoClient Spyware/Adware" found in File System! Action Taken: File Deleted.

10 III 2013 20:30:46 - Offending Registry Entry found: HKCU\SOFTWARE\Wget
10 III 2013 20:30:46 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\SOFTWARE\Wget)! Action taken: Entries Removed.
10 III 2013 20:30:46 - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

10 III 2013 20:30:46 - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
10 III 2013 20:30:46 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
10 III 2013 20:30:46 - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

10 III 2013 20:30:47 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
10 III 2013 20:30:47 - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
10 III 2013 20:30:47 - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.


10 III 2013 20:30:48 - ***** Scanning Registry Files *****
10 III 2013 20:30:55 - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
10 III 2013 20:30:55 - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.seznam.cz/
10 III 2013 20:30:55 - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome

10 III 2013 20:30:55 - ***** Scanning System32 Folders *****


10 III 2013 20:34:19 - ***** Scanning Drive C:\ *****
10 III 2013 20:50:42 - ScanFile (C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe) took 28345 ms
10 III 2013 20:50:42 - Scanning of C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe Timed out!!!
10 III 2013 20:50:42 - ERROR(3)!!! ScanFile fails for C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe
10 III 2013 20:54:54 - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:54 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - Scanning File C:\System Volume Information\{5252c29b-88d3-11e2-8146-fa7fc13cab5b}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{5252c29b-88d3-11e2-8146-fa7fc13cab5b}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - Scanning File C:\System Volume Information\{d2d2ec76-88ee-11e2-922d-edf3698c9707}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{d2d2ec76-88ee-11e2-922d-edf3698c9707}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - Scanning File C:\System Volume Information\{d2d2ec84-88ee-11e2-922d-edf3698c9707}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{d2d2ec84-88ee-11e2-922d-edf3698c9707}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - Scanning File C:\System Volume Information\{f886b5d6-8992-11e2-bb9e-d880c2ef5a96}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 20:54:55 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{f886b5d6-8992-11e2-bb9e-d880c2ef5a96}{3808876b-c176-4e48-b7ae-04046e6cc752}
10 III 2013 21:00:07 - ScanFile (C:\Users\vercik\Desktop\Verunka\ccsetup304.exe) took 5023 ms
10 III 2013 21:02:23 - Scanning File C:\Users\vercik\Downloads\MO+11+-+Krysarˇ+-+Vitor+Dyk.doc
10 III 2013 21:02:23 - ERROR(3)!!! ScanFile fails for C:\Users\vercik\Downloads\MO+11+-+Krysarˇ+-+Vitor+Dyk.doc

10 III 2013 22:01:23 - ***** Checking for specific ITW Viruses *****

10 III 2013 22:01:23 - ***** Scanning complete. *****

10 III 2013 22:01:23 - Total Objects Scanned: 196983
10 III 2013 22:01:23 - Total Critical Objects: 6
10 III 2013 22:01:23 - Total Disinfected Objects: 0
10 III 2013 22:01:23 - Total Objects Renamed: 0
10 III 2013 22:01:23 - Total Deleted Objects: 6
10 III 2013 22:01:23 - Total Errors: 4
10 III 2013 22:01:23 - Time Elapsed: 01:39:45
10 III 2013 22:01:23 - Virus Database Date: 10 Mar 2013
10 III 2013 22:01:23 - Virus Database Count: 9238961

10 III 2013 22:01:23 - Scan Completed.

--------------------------------------------------------------------------------------------------------------------------------------------------------------

Prikladam log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:41, on 10.3.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\vercik\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 5590 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod memphisto » 11 bře 2013 08:18

Vyzkoušej AVG Remover verze pro 32 bit OS ZDE a 64 bit OS ZDE
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod tomas_ch » 11 bře 2013 17:38

Zdravim,
dnes odpoledne jsem zapnul pocitac.
Je svizny, akorat nejde surfovat ve Firefoxu ani v IE.
Ping na seznam.cz funguje.

Ve spravci zarizeni mam konflikt na:

radici pametovych zarizeni "AYKPQ6MP IDE controller"
sitovych adapterech "6TO4 adapter"
sitovych adapterech "isatap.{D3BCD841-2966-4C66-A947-9ABB8457E5B5}

Avg8 jsem uspesne odebral.

dekuji za vasi pomoc :-)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod jaro3 » 11 bře 2013 18:52

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod tomas_ch » 11 bře 2013 19:27

Nechal jsem v Menu "stari souboru" nastaveno 30 dni....

OTL logfile created on: 11.3.2013 18:59:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vercik\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,02% Memory free
4,21 Gb Paging File | 3,34 Gb Available in Paging File | 79,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 21,72 Gb Free Space | 29,15% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 17,96 Gb Free Space | 27,73% Space Free | Partition Type: NTFS

Computer Name: VERCIK-ASUS | User Name: vercik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\vercik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (a80ik5un) -- File not found
DRV - (a4dj4ixx) -- File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (vwmfmdm) -- C:\Windows\System32\drivers\vwmfmdm.sys (MCCI Corporation)
DRV - (vwmfserd) -- C:\Windows\System32\drivers\vwmfserd.sys (MCCI Corporation)
DRV - (vwmfdiag) -- C:\Windows\System32\drivers\vwmfdiag.sys (MCCI Corporation)
DRV - (vwmfbus) -- C:\Windows\System32\drivers\vwmfbus.sys (MCCI Corporation)
DRV - (vwmfmdfl) -- C:\Windows\System32\drivers\vwmfmdfl.sys (MCCI Corporation)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (Axtmvmdm) -- C:\Windows\System32\drivers\Axtmvmdm.sys (Axesstel)
DRV - (Axtmvprt) -- C:\Windows\System32\drivers\Axtmvprt.sys (Axesstel)
DRV - (Axtmvflt) -- C:\Windows\System32\drivers\Axtmvflt.sys (Axesstel)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2A344854-4CEB-4DE3-9C6E-ABFB37E88AF7}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AB55450C-0ED7-45FB-B2B7-CFA5685A5F7C}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_5
IE - HKCU\..\SearchScopes\{C135B757-70DD-4914-AFB2-04552ADFE8BF}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=D4829FDF-6C49-4441-9574-F64D98F2E080&apn_sauid=BCEDAD85-4798-4043-82C8-1A33DCEDBF89
IE - HKCU\..\SearchScopes\{DA85FDDC-70ED-47BA-9B6F-3C66843BB95F}: "URL" = http://search.yahoo.com/search?ei=utf-8 ... e=vdio2&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 12:13:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 15:13:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 15:13:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 15:13:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.08 15:13:20 | 000,000,000 | ---D | M]

[2010.01.16 16:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions
[2010.01.16 16:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.03.09 20:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions
[2012.02.21 21:47:13 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.03.09 18:36:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.09 19:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.08 15:13:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.03.08 15:13:49 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.12.18 15:28:14 | 000,186,584 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2013.01.12 13:59:05 | 000,002,669 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2013.02.20 15:46:19 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.20 15:46:19 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.07 16:44:41 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2013.02.20 15:46:19 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.20 15:46:19 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.20 15:46:19 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========


O1 HOSTS File: ([2013.03.10 15:40:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{361F0B07-6DA7-49D9-B073-475EA1937563}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B0AD7D7-21FC-4955-B3CB-C8772B428CB0}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\vercik\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\vercik\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.03.11 18:58:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\vercik\Desktop\OTL.exe
[2013.03.11 16:56:03 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.03.11 16:56:03 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.03.11 16:23:46 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.03.10 22:20:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.10 22:15:32 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013.03.10 20:27:46 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2013.03.10 20:27:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\runouce.exe
[2013.03.10 20:27:46 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2013.03.10 20:27:46 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2013.03.10 20:11:12 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013.03.10 20:11:06 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013.03.10 20:11:05 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013.03.10 20:11:04 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp90.dll
[2013.03.10 20:11:03 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr90.dll
[2013.03.10 20:11:01 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2013.03.10 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2013.03.10 20:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2013.03.10 19:54:25 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Roaming\SUPERAntiSpyware.com
[2013.03.10 15:47:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.10 15:47:52 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Local\temp
[2013.03.09 21:38:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.09 21:05:21 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.03.09 19:34:49 | 000,000,000 | ---D | C] -- C:\Users\vercik\Desktop\backups
[2013.03.09 19:04:49 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\vercik\Desktop\TFC.exe
[2013.03.09 18:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.03.09 18:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.09 17:29:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\vercik\Desktop\HiJackThis.exe
[2013.03.09 16:50:28 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Roaming\Malwarebytes
[2013.03.09 16:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.09 16:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.09 16:50:04 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.03.09 16:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.03.08 15:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.06 20:16:19 | 000,000,000 | ---D | C] -- C:\Users\vercik\Desktop\niky
[2013.03.03 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\vercik\Desktop\mobil
[2013.02.22 16:20:55 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Roaming\TuneUp Software
[2013.02.22 16:16:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.02.22 16:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG8UPG
[2013.02.14 15:24:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.14 15:24:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.14 15:24:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.14 15:24:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.14 15:24:10 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.14 15:24:08 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.14 15:24:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.14 15:24:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.13 13:00:22 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.13 13:00:20 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.13 12:56:28 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.13 12:56:27 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

========== Files - Modified Within 30 Days ==========

[2013.03.11 19:04:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.11 19:04:00 | 000,000,484 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{308C1B8A-0EFD-474F-8A6B-6F01DD370226}.job
[2013.03.11 18:58:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vercik\Desktop\OTL.exe
[2013.03.11 18:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.11 18:00:31 | 000,005,145 | ---- | M] () -- C:\Users\vercik\Desktop\hijackthis3
[2013.03.11 18:00:05 | 000,005,017 | ---- | M] () -- C:\Users\vercik\Desktop\Verunka\Documents\hijackthis3
[2013.03.11 17:34:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.11 17:34:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.11 17:23:44 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.11 17:22:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.11 17:22:25 | 2138,300,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.11 17:13:49 | 002,443,111 | ---- | M] () -- C:\Users\vercik\Desktop\Verunka\Documents\pinfect.zip
[2013.03.11 16:42:24 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.03.11 16:23:46 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.03.10 22:39:41 | 000,005,591 | ---- | M] () -- C:\Users\vercik\Desktop\hijackthis2
[2013.03.10 22:24:18 | 000,390,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.10 22:19:53 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.10 20:30:27 | 005,522,080 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2013.03.10 20:30:22 | 202,867,114 | ---- | M] () -- C:\Windows\hklmSW.reg
[2013.03.10 20:11:11 | 000,343,456 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013.03.10 20:11:05 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013.03.10 20:11:04 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013.03.10 20:11:03 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp90.dll
[2013.03.10 20:11:02 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr90.dll
[2013.03.10 20:11:00 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2013.03.10 20:10:47 | 000,000,859 | ---- | M] () -- C:\Users\vercik\Desktop\MWAVSCAN.lnk
[2013.03.10 19:55:21 | 000,607,714 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.10 19:55:21 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.10 19:55:21 | 000,118,346 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.10 19:55:21 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.10 15:40:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.03.10 11:54:31 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.03.10 09:45:34 | 000,035,764 | ---- | M] () -- C:\Users\vercik\Desktop\hlaska.jpg
[2013.03.10 09:44:57 | 000,002,627 | ---- | M] () -- C:\Users\vercik\Desktop\Microsoft Office Word 2007.lnk
[2013.03.09 19:05:03 | 000,597,667 | ---- | M] () -- C:\Users\vercik\Desktop\adwcleaner.exe
[2013.03.09 19:04:46 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\vercik\Desktop\TFC.exe
[2013.03.09 17:29:40 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\vercik\Desktop\HiJackThis.exe
[2013.03.09 16:50:09 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.28 20:58:31 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.28 20:58:31 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.24 16:59:37 | 000,157,184 | ---- | M] () -- C:\Users\vercik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2013.03.11 18:00:31 | 000,005,145 | ---- | C] () -- C:\Users\vercik\Desktop\hijackthis3
[2013.03.11 18:00:05 | 000,005,017 | ---- | C] () -- C:\Users\vercik\Desktop\Verunka\Documents\hijackthis3
[2013.03.10 22:39:41 | 000,005,591 | ---- | C] () -- C:\Users\vercik\Desktop\hijackthis2
[2013.03.10 22:03:02 | 002,443,111 | ---- | C] () -- C:\Users\vercik\Desktop\Verunka\Documents\pinfect.zip
[2013.03.10 20:28:43 | 202,867,114 | ---- | C] () -- C:\Windows\hklmSW.reg
[2013.03.10 20:27:48 | 005,522,080 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2013.03.10 20:13:05 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2013.03.10 20:10:47 | 000,000,859 | ---- | C] () -- C:\Users\vercik\Desktop\MWAVSCAN.lnk
[2013.03.10 15:58:45 | 2138,300,416 | -HS- | C] () -- C:\hiberfil.sys
[2013.03.10 09:45:34 | 000,035,764 | ---- | C] () -- C:\Users\vercik\Desktop\hlaska.jpg
[2013.03.09 19:05:05 | 000,597,667 | ---- | C] () -- C:\Users\vercik\Desktop\adwcleaner.exe
[2013.03.09 18:57:18 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.09 16:50:09 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.02 12:00:34 | 000,000,218 | ---- | C] () -- C:\Users\vercik\.recently-used.xbel
[2011.10.09 14:30:26 | 000,000,499 | ---- | C] () -- C:\Windows\eReg.dat
[2011.06.11 16:08:08 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.06.11 15:20:46 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.06.11 15:20:46 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.06.11 15:20:45 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.05.03 20:03:02 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.05.03 20:01:58 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe
[2011.05.03 20:01:07 | 000,090,112 | R--- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2011.05.03 20:01:06 | 000,274,432 | R--- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2011.05.03 20:01:06 | 000,106,496 | R--- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2011.05.03 20:01:06 | 000,061,440 | R--- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2011.05.03 19:58:57 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssb3ml3.dll
[2010.11.03 16:12:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.11.24 12:01:25 | 000,157,184 | ---- | C] () -- C:\Users\vercik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.31 04:05:26 | 000,000,670 | ---- | C] () -- C:\Program Files\formats.dat

========== ZeroAccess Check ==========

[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.12.27 12:32:46 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Ashampoo
[2012.02.29 21:41:54 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Audacity
[2011.01.13 16:24:41 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\BSplayer
[2008.11.24 11:43:38 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\BSplayer Pro
[2009.01.09 20:44:51 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Canon
[2011.06.11 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools
[2013.03.09 18:59:07 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools Lite
[2011.06.11 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools Pro
[2012.01.02 11:29:53 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\enchant
[2012.03.31 15:10:27 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Flood Light Games
[2010.02.15 06:58:37 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\GHISLER
[2012.01.02 11:48:30 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\gtk-2.0
[2010.02.24 17:24:23 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\OpenOffice.org
[2013.01.19 11:05:24 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Rovio
[2012.01.14 20:47:06 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\runic games
[2008.12.27 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\ScanSoft
[2013.03.09 19:05:43 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Seznam.cz
[2013.02.22 16:20:55 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\TuneUp Software
[2013.03.09 18:59:07 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\uTorrent
[2012.09.29 20:08:39 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Wilkanoid 2 Free
[2012.11.29 17:19:08 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\XnView

========== Purity Check ==========



< End of report >

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod tomas_ch » 11 bře 2013 19:27

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 11.3.2013 18:59:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vercik\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,02% Memory free
4,21 Gb Paging File | 3,34 Gb Available in Paging File | 79,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 21,72 Gb Free Space | 29,15% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 17,96 Gb Free Space | 27,73% Space Free | Partition Type: NTFS

Computer Name: VERCIK-ASUS | User Name: vercik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22989149-DAE5-4833-B664-AA4D37A86017}" = rport=445 | protocol=6 | dir=out | app=system |
"{43B44748-6AD5-44E5-9DF2-D7D618CA75C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{7EE75DDA-F2D0-4C7E-AFEA-67D0B20A7215}" = rport=137 | protocol=17 | dir=out | app=system |
"{81B92D5D-1A8B-4A9D-A70C-370A5C0E424A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{850DB717-6B5E-413B-A31E-C9BE6009A669}" = lport=445 | protocol=6 | dir=in | app=system |
"{8E2AD2D2-246C-4E2E-9FF9-63B9FDDB4BEA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C1AB88AC-0771-46FC-8BE8-952D61D04D08}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D86C367D-6559-48A2-9328-D38E22BD94FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{D8EE5DA3-214E-4233-8AEB-4F59D7282852}" = lport=137 | protocol=17 | dir=in | app=system |
"{DD724C08-84F1-4CF1-A0EE-3A872D007985}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF2166B0-E8C8-4176-958B-EE12F86E6D2A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{413606C3-7BD9-499C-9682-81C95FD5946B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{45CE9B2F-A700-41F1-B5C3-48A6735C982E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{55A31357-A377-4DC0-86D3-9EA7478FAE0B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7969F53B-9AFC-4EF0-9ACD-014785CCB207}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{85BA2696-D707-4866-9436-98CEB6F6D0A1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9A1B2D7A-0EDB-4C71-A801-82B62CEE2BA4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF838753-DFBF-4D23-9A67-8A686F9789A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B44444D6-22DB-417A-8B8E-24D94F626E9B}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{BB86C38A-E92F-486D-85E3-1BF31F5E45E5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C053EFDD-5548-450C-8A82-19434769E584}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{D36D2B51-BB04-4C54-AFA4-04978AA4221F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{EF9D71E5-F46D-4FEE-A75C-9ADE7E5A7E33}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{F8941B31-6AFC-43B9-8427-728334B9E725}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{F9494824-37D1-4078-84D2-C4A6B3B7006F}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"%Product_Name% 4.2.5F " = Faktury 4.2.5F
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81D200BA-8BC6-46D1-974D-FCC87ECCB2F8}" = Icewind Dale II
"{82FF9CEB-A50B-45A4-B6B1-7BF8C585D8CA}" = Heroes of Might and Magic V - Tribes of the East
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8dae4336-2b71-11d4-9a6c-006067325e47}" = Baldur's Gate(TM) II - Shadows of Amn(TM)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROHYBRIDR_{DB0C1C5A-7998-4B95-8BD5-ACACD18B0B53}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_PROHYBRIDR_{58D10C7E-20DE-47F0-BAFA-37A870A625F9}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B22D57A-5338-49A5-AC08-70FE3E8B878B}" = Heroes of Might and Magic V
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1E4213E-06AD-4C58-8315-92F11531D960}" = SweetIM for Messenger 2.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{BF6CF460-40C3-49BA-800A-4B934B6498B1}" = Scan Assistant
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D7B3493D-766C-40AA-9AA9-053B896D76DE}" = Angry Birds Rio
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EEF7568A-BD2C-42B7-A22E-6D55EA287C34}" = Heroes of Might and Magic V - Hammers of Fate
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AcroPDF_is1" = AcroPDF 6.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Audacity_is1" = Audacity 1.2.2
"BShooter4_is1" = Bubble Shooter v4.01
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Farm Frenzy Pizza Party1.0" = Farm Frenzy Pizza Party
"Free Easy Burner_is1" = Free Easy Burner V 3.8
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Google Desktop" = Google Desktop
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (odstranit)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{81D200BA-8BC6-46D1-974D-FCC87ECCB2F8}" = Icewind Dale II
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Corporate)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Polda II_is1" = Polda II
"Polda III_is1" = Polda III
"Polda IV_is1" = Polda IV
"PROHYBRIDR" = 2007 Microsoft Office system
"Registrace uživatele zařízení Canon MP160" = Registrace uživatele zařízení Canon MP160
"Samsung SCX-3200 Series" = Samsung SCX-3200 Series
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"U:fonův průvodce připojením1.0 (WinXP/LGE LSP40)" = U:fonův průvodce připojením
"U:fonův průvodce připojením2.2 (WinXP/LGE LSP40)" = U:fonův průvodce připojením
"uTorrent" = µTorrent
"VorbisCodec" = Ogg Vorbis ACM Codec
"VW100 Connection Manager" = Odinstalovat U:fonův 3G mobilní internet
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"XnView_is1" = XnView 1.95.4

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.3.2013 13:30:34 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 10.3.2013 17:08:04 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 10.3.2013 17:16:54 | Computer Name = vercik-ASUS | Source = Windows Search Service | ID = 3013
Description =

Error - 10.3.2013 17:17:09 | Computer Name = vercik-ASUS | Source = Windows Search Service | ID = 3013
Description =

Error - 10.3.2013 17:25:10 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 10.3.2013 17:46:30 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 11.3.2013 11:06:20 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 11.3.2013 11:21:17 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 11.3.2013 11:28:12 | Computer Name = vercik-ASUS | Source = Application Hang | ID = 1002
Description = Program mbam.exe verze 1.70.0.9 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: c18 Čas zahájení: 01ce1e6c6b13d412 Čas ukončení: 16

Error - 11.3.2013 12:24:42 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 30.1.2011 7:32:52 | Computer Name = vercik-ASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.3.2012 16:01:40 | Computer Name = vercik-ASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11.3.2013 11:04:45 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.3.2013 11:04:52 | Computer Name = vercik-ASUS | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0023546A93E5
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 11.3.2013 11:05:08 | Computer Name = vercik-ASUS | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{361F0B07-6DA7-49D9-B073-475EA1937563},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 11.3.2013 11:08:10 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 11.3.2013 11:19:29 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.3.2013 11:19:41 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.3.2013 11:23:07 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 11.3.2013 12:22:17 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.3.2013 12:22:28 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.3.2013 12:25:54 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod tomas_ch » 11 bře 2013 21:40

Uz mi funguje surfovani....
najednou se to probudilo...
jdu zkusit stahnout AVG FREE 2013 :-)

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod tomas_ch » 11 bře 2013 22:11

Tak stahovani souboru funguje... nainstalovat jsem AVG.... na ty konflikty ve spravci kaslu, neni to muj comp...
Vypada to OK.

Dekuji za vasi pomoc, moc si toho vazim, jste fakt borci :-)

T.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod jaro3 » 11 bře 2013 23:37

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (a80ik5un) -- File not found
DRV - (a4dj4ixx) -- File not found
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2A344854-4CEB-4DE3-9C6E-ABFB37E88AF7}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AB55450C-0ED7-45FB-B2B7-CFA5685A5F7C}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_5
IE - HKCU\..\SearchScopes\{C135B757-70DD-4914-AFB2-04552ADFE8BF}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=D4829FDF-6C49-4441-9574-F64D98F2E080&apn_sauid=BCEDAD85-4798-4043-82C8-1A33DCEDBF89
IE - HKCU\..\SearchScopes\{DA85FDDC-70ED-47BA-9B6F-3C66843BB95F}: "URL" = http://search.yahoo.com/search?ei=utf-8 ... e=vdio2&p={searchTerms}
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
[2010.01.16 16:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions
[2010.01.16 16:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.03.09 20:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions
[2012.02.21 21:47:13 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.03.09 18:36:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.09 19:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
[2013.03.10 19:55:21 | 000,607,714 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.10 19:55:21 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.10 19:55:21 | 000,118,346 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.10 19:55:21 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\32788R22FWJFW
C:\Windows\System32\drivers\trufos.sys
C:\Windows\REGBK00.ZIP
C:\Windows\hklmSW.reg
C:\Users\vercik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\ezsidmv.dat

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

tomas_ch
Level 2.5
Level 2.5
Příspěvky: 353
Registrován: srpen 07
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod tomas_ch » 12 bře 2013 18:49

Pocitac jsem musel vratit majiteli, o vikendu budu pokracovat s OTL ... Diky

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu+

Příspěvekod jaro3 » 12 bře 2013 19:15

Nemáš zač.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 102 hostů