Prosím o kontrolu

Zpráva

Nedo · #1 Příspěvek od **Nedo** » 29 čer 2010 09:54

Dobrý den,

prosím o kontrolu logu, antivir mi smazal nějaký adware v podobe pdftoolbaru.

Logfile of random's system information tool 1.07 (written by random/random)
Run by nedopilek at 2010-06-29 10:41:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 188 GB (82%) free of 230 GB
Total RAM: 3061 MB (76% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141UA.job
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2200D421-F05D-4909-ACCD-D23269289ADF}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{92D79F06-83AE-4384-B17E-CA3E407C0F14}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-30 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ScreenManager Pro for LCD"=C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-12-17 1657448]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-12-17 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-12-17 14884864]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-11-12 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51fdb48d-d501-11de-bc0f-001cc092b74a}]
shell\AutoRun\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d841efff-04b1-11de-bb29-001cc092b74a}]
shell\AutoRun\command - F:\LaunchU3.exe -a

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-06-29 10:41:31 ----D---- C:\rsit
2010-06-29 10:38:21 ----D---- C:\Program Files\Trend Micro
2010-06-25 12:42:06 ----D---- C:\Program Files\Seznam.cz
2010-06-13 16:33:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-06-04 10:53:56 ----D---- C:\PS 12_etapa2010_schvaleno
2010-05-30 12:35:23 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2010-05-30 12:35:22 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2010-05-30 12:35:21 ----D---- C:\Program Files\PDFCreator

======List of files/folders modified in the last 1 months======

2010-06-29 10:41:32 ----D---- C:\WINDOWS\Temp
2010-06-29 10:38:53 ----D---- C:\WINDOWS\Prefetch
2010-06-29 10:38:22 ----SHD---- C:\WINDOWS\Installer
2010-06-29 10:38:21 ----RD---- C:\Program Files
2010-06-29 09:17:49 ----D---- C:\Program Files\Mozilla Firefox
2010-06-29 08:52:14 ----D---- C:\WINDOWS\security
2010-06-28 14:55:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-27 10:06:03 ----D---- C:\WINDOWS
2010-06-26 17:29:39 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-06-26 14:04:01 ----HD---- C:\WINDOWS\inf
2010-06-26 14:04:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-26 14:03:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-26 14:03:14 ----D---- C:\WINDOWS\system32
2010-06-26 14:03:04 ----D---- C:\WINDOWS\system32\drivers
2010-06-26 14:02:45 ----D---- C:\Program Files\PC Connectivity Solution
2010-06-26 14:02:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2010-06-26 14:02:03 ----D---- C:\Program Files\Common Files\Samsung
2010-06-25 15:19:43 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-25 15:19:38 ----RSD---- C:\WINDOWS\assembly
2010-06-25 15:01:01 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\vlc
2010-06-25 14:45:21 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-25 14:45:10 ----D---- C:\WINDOWS\WinSxS
2010-06-21 17:43:46 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla
2010-06-19 15:56:40 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\dvdcss
2010-06-14 18:55:37 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-14 18:55:13 ----SD---- C:\WINDOWS\Tasks
2010-06-10 14:46:46 ----D---- C:\WINDOWS\Debug
2010-06-10 13:38:04 ----D---- C:\Program Files\Internet Explorer
2010-06-10 13:34:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 13:34:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 13:29:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-08 11:52:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 15:55:43 ----D---- C:\Program Files\CCleaner
2010-06-04 15:55:23 ----D---- C:\Program Files\Defraggler
2010-06-04 10:55:21 ----AC---- C:\WINDOWS\wincmd.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 NTGDT;NTGDT; \??\C:\WINDOWS\system32\Drivers\NTGDT.SYS []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-02-12 43424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2010-02-04 18136]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-06-13 243856]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-12-18 7668608]
R3 pdiddcci;DDC/CI monitor; C:\WINDOWS\System32\DRIVERS\pdiddcci.sys [2007-06-12 11776]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-15 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-15 25512]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 dgdersvc;Device Error Recovery Service; C:\WINDOWS\system32\dgdersvc.exe [2010-02-04 95568]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-30 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MutGLSpool;MutGLSpool; C:\Program Files\Mutoh\RJ900\Program\srvany.exe [1998-11-22 8464]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 5241448]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-12-17 172100]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-30 651720]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe [2010-01-18 9201664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Děkuji

#2 Příspěvek od **vyosek** » 29 čer 2010 10:20

Zdravim a pekne dopoledne preji

Budeme opravu provadet jen v jednom topicu, v tom druhem(zrejme omylem zalozenem) jsem pozadal mody o lock

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Nedo · #3 Příspěvek od **Nedo** » 29 čer 2010 11:28

Omlouvám se za špatné vložení.
Tento příspěvek rozdělím na dva z důvodu překročení znaků (73 931 míst povolených 60 000)

Tady je log OTL.txt

OTL logfile created on: 29.6.2010 12:10:38 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Nedopilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224,61 Gb Total Space | 183,74 Gb Free Space | 81,81% Space Free | Partition Type: NTFS
Drive D: | 241,14 Gb Total Space | 172,37 Gb Free Space | 71,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 305,46 Gb Total Space | 123,88 Gb Free Space | 40,56% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive S: | 305,46 Gb Total Space | 123,88 Gb Free Space | 40,56% Space Free | Partition Type: NTFS

Computer Name: NEDOPILEKNN
Current User Name: nedopilek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.29 12:09:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nedopilek\Plocha\OTL.exe
PRC - [2010.06.28 08:47:00 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010.06.02 07:57:48 | 000,945,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.02.04 14:00:08 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe
PRC - [2009.12.22 04:31:26 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.12.08 08:14:28 | 005,241,448 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
PRC - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.11.16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 08:52:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007.08.30 06:47:38 | 010,937,640 | ---- | M] (EIZO NANAO CORPORATION) -- C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
PRC - [2006.06.19 17:01:00 | 000,053,248 | ---- | M] () -- C:\Program Files\Mutoh\RJ900\Program\MGLSpool.exe
PRC - [1998.11.22 00:09:18 | 000,008,464 | ---- | M] () -- C:\Program Files\Mutoh\RJ900\Program\srvany.exe

========== Modules (SafeList) ==========

MOD - [2010.06.29 12:09:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nedopilek\Plocha\OTL.exe
MOD - [2009.12.17 18:03:48 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2009.12.17 00:37:28 | 000,293,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSCS.dll
MOD - [2009.12.17 00:34:54 | 001,624,680 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.02.04 14:00:08 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc)
SRV - [2010.01.25 11:02:20 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010.01.18 06:35:02 | 009,201,664 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe -- (KiesAllShare)
SRV - [2009.12.22 04:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.12.08 08:14:28 | 005,241,448 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV - [2009.11.16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.10.30 12:57:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [1998.11.22 00:09:18 | 000,008,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Mutoh\RJ900\Program\srvany.exe -- (MutGLSpool)

========== Driver Services (SafeList) ==========

DRV - [2010.02.04 14:00:08 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.01.15 16:38:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.01.15 16:38:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.12.22 07:07:36 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.12.18 00:31:25 | 007,668,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.11.16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.11.16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.09.21 15:49:09 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.02.16 10:57:50 | 000,018,144 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NTGDT.SYS -- (NTGDT)
DRV - [2009.02.12 20:14:32 | 000,442,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009.02.12 20:14:32 | 000,043,424 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009.02.03 18:22:00 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.13 10:42:56 | 000,243,856 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2008.05.23 17:54:38 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.06.12 11:27:00 | 000,011,776 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pdiddcci.sys -- (pdiddcci)
DRV - [2007.04.11 16:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 16:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.04.11 16:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://projekce/
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.254:3128
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.1.254

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "192.168.1.254"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.1.254"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.1.254"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.1.254"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.1.254"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.21 17:43:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.21 17:43:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.21 12:48:51 | 000,000,000 | ---D | M]

[2010.06.21 17:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla\Extensions
[2010.06.21 17:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla\Firefox\Profiles\z0fjl4l2.default\extensions
[2010.06.21 17:50:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla\Firefox\Profiles\z0fjl4l2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.21 17:43:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2007.08.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O3 - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION)
O4 - HKU\S-1-5-21-688367311-446870061-51467919-1141..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-688367311-446870061-51467919-1141..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-688367311-446870061-51467919-1141\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 0615850393 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7787902974 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kpria.local
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.30 12:43:58 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.01.15 23:46:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{51fdb48d-d501-11de-bc0f-001cc092b74a}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{d841efff-04b1-11de-bb29-001cc092b74a}\Shell - "" = AutoRun
O33 - MountPoints2\{d841efff-04b1-11de-bb29-001cc092b74a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.01.16 00:05:19 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027075282206720)

========== Files/Folders - Created Within 7 Days ==========

[2010.06.29 12:09:08 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nedopilek\Plocha\OTL.exe
[2010.06.29 10:41:31 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.29 10:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.29 10:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\ESET
[2010.06.25 15:10:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nedopilek\Recent
[2010.06.25 12:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.06.29 12:10:00 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2200D421-F05D-4909-ACCD-D23269289ADF}.job
[2010.06.29 12:09:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nedopilek\Plocha\OTL.exe
[2010.06.29 11:52:00 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141UA.job
[2010.06.29 11:24:51 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{92D79F06-83AE-4384-B17E-CA3E407C0F14}.job
[2010.06.29 10:52:23 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Nedopilek\NTUSER.DAT
[2010.06.29 08:52:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141Core.job
[2010.06.29 08:46:46 | 000,070,140 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010.06.29 08:46:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.29 08:46:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.29 08:46:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.26 17:29:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.26 17:24:59 | 000,222,720 | ---- | M] () -- C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.26 14:02:00 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010.06.25 18:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010.06.25 14:45:22 | 000,444,144 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.25 14:45:22 | 000,441,010 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.25 14:45:22 | 000,084,252 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.25 14:45:22 | 000,072,402 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.25 14:45:21 | 001,013,894 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.26 14:02:00 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010.06.25 14:54:52 | 000,819,672 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.05.30 12:35:23 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010.05.03 16:18:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.05.03 16:18:34 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.11.16 04:00:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\MAMACExtract.dll
[2009.11.09 04:55:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2009.11.09 04:55:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2009.11.09 04:55:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2009.11.09 04:55:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009.03.24 18:14:44 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.03.16 16:32:57 | 000,000,351 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2009.02.19 13:57:32 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\eST3snm.dll
[2009.02.18 17:56:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.16 10:57:50 | 000,018,144 | R--- | C] () -- C:\WINDOWS\System32\drivers\NTGDT.SYS
[2009.02.12 18:27:38 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.02.11 13:23:40 | 000,002,552 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.07.21 02:57:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2000.10.20 14:25:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll

========== LOP Check ==========

[2009.02.12 20:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2009.10.30 13:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.01.06 18:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2009.05.18 16:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cached Installations
[2010.04.21 12:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.02.18 10:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2009.03.25 10:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Mutoh
[2009.02.12 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.05.11 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.26 14:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2009.02.12 20:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Acronis
[2009.02.13 10:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Xerox
[2009.12.08 17:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Autodesk
[2010.01.12 10:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\CAD-Partner
[2009.02.25 10:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Chinaweal Longteng
[2009.02.12 20:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.03.24 18:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools
[2009.09.21 15:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools Lite
[2009.03.24 18:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools Pro
[2009.04.20 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DisplayTune
[2009.07.28 09:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\esmska
[2010.05.11 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\PC Suite
[2009.04.24 12:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\pdfforge
[2009.09.03 13:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\QIP
[2010.05.11 11:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Samsung
[2009.04.24 12:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Search Settings
[2009.09.21 16:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Sports Interactive
[2009.03.24 19:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\The Creative Assembly
[2009.02.13 10:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Unigraphics Solutions
[2009.12.08 14:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\XANADU
[2009.02.13 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Xerox
[2010.04.02 16:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\XnView
[2010.01.11 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\seadmin\Data aplikací\CAD-Partner
[2009.02.13 13:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\seadmin\Data aplikací\Unigraphics Solutions
[2009.02.11 12:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Data aplikací\Xerox
[2010.06.25 18:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2010.06.29 12:10:00 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2200D421-F05D-4909-ACCD-D23269289ADF}.job
[2010.06.29 11:24:51 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{92D79F06-83AE-4384-B17E-CA3E407C0F14}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 09:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"Google Update" = "C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2009.11.12 10:47:17 | 000,135,664 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.04.02 12:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alias

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.02.12 20:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Adobe
[2009.02.18 10:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Ahead
[2009.12.08 17:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Autodesk
[2009.11.15 17:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\AVS4YOU
[2010.01.12 10:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\CAD-Partner
[2009.02.25 10:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Chinaweal Longteng
[2009.02.12 20:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.03.24 18:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools
[2009.09.21 15:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools Lite
[2009.03.24 18:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DAEMON Tools Pro
[2009.04.20 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\DisplayTune
[2010.06.19 15:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\dvdcss
[2009.07.28 09:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\esmska
[2009.02.12 15:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Identities
[2009.02.12 20:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\InstallShield
[2009.02.12 15:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Logitech
[2009.02.12 15:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Macromedia
[2009.06.04 13:24:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Microsoft
[2010.06.21 17:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla
[2010.05.11 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\PC Suite
[2009.04.24 12:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\pdfforge
[2009.09.03 13:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\QIP
[2010.05.11 11:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Samsung
[2009.04.24 12:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Search Settings
[2009.09.21 16:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Sports Interactive
[2009.02.12 17:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Sun
[2009.02.12 20:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Symantec
[2009.03.24 19:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\The Creative Assembly
[2009.06.16 19:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\U3
[2009.02.13 10:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Unigraphics Solutions
[2010.06.25 15:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\vlc
[2009.02.12 16:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\WinRAR
[2009.12.08 14:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\XANADU
[2009.02.13 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\Xerox
[2010.04.02 16:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nedopilek\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2009.06.20 15:47:14 | 001,878,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Nedopilek\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2010.06.29 10:38:23 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Nedopilek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2009.10.30 12:59:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Nedopilek\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.10.30 13:00:03 | 000,411,136 | R--- | M] () -- C:\Documents and Settings\Nedopilek\Data aplikací\Microsoft\Installer\{F06578CA-84BE-4a9e-902D-17A0867FBE69}\InvIcon9.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Nedopilek\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Nedopilek\Data aplikací\U3\temp\Launchpad Removal.exe

< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.09.21 15:49:09 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.01.16 00:09:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.01.16 00:09:15 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.01.16 00:09:14 | 000,516,096 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.29 08:46:46 | 000,070,140 | ---- | M] () -- C:\WINDOWS\system32\NvwsApps.xml
[2010.06.29 08:46:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< End of report >

Nedo · #4 Příspěvek od **Nedo** » 29 čer 2010 11:29

extras.txt

OTL Extras logfile created on: 29.6.2010 12:10:38 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Nedopilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224,61 Gb Total Space | 183,74 Gb Free Space | 81,81% Space Free | Partition Type: NTFS
Drive D: | 241,14 Gb Total Space | 172,37 Gb Free Space | 71,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 305,46 Gb Total Space | 123,88 Gb Free Space | 40,56% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive S: | 305,46 Gb Total Space | 123,88 Gb Free Space | 40,56% Space Free | Partition Type: NTFS

Computer Name: NEDOPILEKNN
Current User Name: nedopilek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-688367311-446870061-51467919-1141\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{1727CD47-A408-11d2-AFAD-00C04F72FB3E}" = VBA (2720)
"{1BF66D77-6604-4f3f-B3AE-D640AFB58A88}" = Autodesk Vault 2010 (Client)
"{1ECD6EC8-7BB2-4CD5-A384-BAA371BC4D21}" = Volo View Express
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BDEE284-1516-40E8-B784-00FEBE1B1029}" = Nero 7 Essentials
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5783F2D6-7028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2009
"{5783F2D7-8005-0405-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2010
"{5783F2D7-8005-0405-1002-0060B0CE6BBA}" = Jazykový balíček AutoCAD Mechanical 2010 – čeština

"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{621EB5F7-B871-47C0-AB53-E1376E71D858}" = ESET NOD32 Antivirus
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723D0010-CA4C-4248-B206-10B80B1EDBCC}" = Jazykový balíček Autodesk Vault 2010 (Client) – čeština
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{748D0E38-EEF0-441B-9546-7969B590118A}" = Intel(R) Desktop Control Center
"{76D6189D-0004-1400-0001-DFC2EE337EAC}" = Autodesk Inventor View 2010
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.1 - Czech
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC0B4ED2-2AA0-4200-84E8-F1A23173384A}" = Smap3D V9.0
"{CC185D10-5C0E-40C3-91F2-63314BB365AF}" = Solid Edge ST2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}" = ScreenManager Pro for LCD
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel(R) Network Connections 13.1.33.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4280946-3773-490C-9A7B-1FCD0E6CB0CF}" = Intel(R) Integrator Assistant
"{F06578CA-84BE-4a9e-902D-17A0867FBE69}" = Jazykový balíček Autodesk Inventor View 2010 – čeština
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AccXES" = AccXES
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"AutoCAD Mechanical 2010" = AutoCAD Mechanical 2010
"AutoCAD Mechanical 2010 Version 3" = AutoCAD Mechanical 2010 Version 3
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"Autodesk Inventor View 2010" = Autodesk Inventor View 2010
"Autodesk Vault 2010 (Client)" = Autodesk Vault 2010 (Client)
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DWG TrueView 2009" = DWG TrueView 2009
"DWG TrueView 2010" = DWG TrueView 2010
"EasyCapture_is1" = EasyCapture 1.2.0.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"iso.EDGE_is1" = iso.EDGE
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Autodesk AutoCAD Mechanical 2010 Performance Driver" = NVIDIA Performance Driver for Autodesk AutoCAD Mechanical 2010
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROHYBRIDR" = 2007 Microsoft Office system
"Revo Uninstaller" = Revo Uninstaller 1.85
"RocketDock_is1" = RocketDock 1.3.5
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-688367311-446870061-51467919-1141\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.6.2010 10:27:20 | Computer Name = NEDOPILEKNN | Source = Userenv | ID = 1053
Description = Systém Windows nemůže určit jméno uživatele nebo název počítače. (Server
RPC není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 17.6.2010 10:31:41 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 407 (Stav odpovědi HTTP)

Error - 17.6.2010 10:55:06 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 407 (Stav odpovědi HTTP)

Error - 23.6.2010 10:55:24 | Computer Name = NEDOPILEKNN | Source = Userenv | ID = 1053
Description = Systém Windows nemůže určit jméno uživatele nebo název počítače. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 25.6.2010 6:41:58 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 407 (Stav odpovědi HTTP)

Error - 25.6.2010 6:41:58 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 26.6.2010 7:09:09 | Computer Name = NEDOPILEKNN | Source = Userenv | ID = 1053
Description = Systém Windows nemůže určit jméno uživatele nebo název počítače. (Server
RPC není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 26.6.2010 8:59:54 | Computer Name = NEDOPILEKNN | Source = Userenv | ID = 1053
Description = Systém Windows nemůže určit jméno uživatele nebo název počítače. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 26.6.2010 10:33:39 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 407 (Stav odpovědi HTTP)

Error - 26.6.2010 10:33:40 | Computer Name = NEDOPILEKNN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ OSession Events ]
Error - 9.7.2009 10:33:17 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.7.2009 10:33:35 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.7.2009 10:33:42 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.12.2009 4:03:04 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3.5.2010 10:19:32 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 13543
seconds with 240 seconds of active time. This session ended with a crash.

Error - 4.5.2010 4:53:36 | Computer Name = NEDOPILEKNN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2490
seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25.6.2010 8:41:31 | Computer Name = NEDOPILEKNN | Source = DCOM | ID = 10000
Description = Nelze spustit server DCOM: {2F0E2680-9FF5-43C0-B76E-114A56E93598}.
Došlo
k chybě: %3 při provádění příkazu: "C:\Documents and Settings\Nedopilek\Local Settings\Data
aplikací\Google\Update\GoogleUpdate.exe\1.2.183.13" -Embedding

Error - 26.6.2010 4:55:15 | Computer Name = NEDOPILEKNN | Source = NETLOGON | ID = 5719
Description = V doméně KPRIA není k dispozici žádný řadič domény z důvodu: %%1311.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

Error - 26.6.2010 5:54:40 | Computer Name = NEDOPILEKNN | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 26.6.2010 7:00:00 | Computer Name = NEDOPILEKNN | Source = NETLOGON | ID = 5719
Description = V doméně KPRIA není k dispozici žádný řadič domény z důvodu: %%1722.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

Error - 28.6.2010 2:45:51 | Computer Name = NEDOPILEKNN | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby SSDPSRV jako uživatel NT AUTHORITY\LocalService
se se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 28.6.2010 2:45:51 | Computer Name = NEDOPILEKNN | Source = Service Control Manager | ID = 7000
Description = Služba Služba rozpoznávání pomocí protokolu SSDP neuspěla při spuštění
v důsledku následující chyby: %%1069

Error - 28.6.2010 4:50:15 | Computer Name = NEDOPILEKNN | Source = NETLOGON | ID = 5719
Description = V doméně KPRIA není k dispozici žádný řadič domény z důvodu: %%1311.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

Error - 28.6.2010 5:00:00 | Computer Name = NEDOPILEKNN | Source = NETLOGON | ID = 5719
Description = V doméně KPRIA není k dispozici žádný řadič domény z důvodu: %%1722.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

Error - 28.6.2010 5:54:41 | Computer Name = NEDOPILEKNN | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 29.6.2010 2:50:14 | Computer Name = NEDOPILEKNN | Source = NETLOGON | ID = 5719
Description = V doméně KPRIA není k dispozici žádný řadič domény z důvodu: %%1311.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

< End of report >

#5 Příspěvek od **vyosek** » 29 čer 2010 12:03

Rozdeleni v poradku, jinak by to ani neslo

Trochu vic dotazu bude nez se dame do mazani

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

C:\WINDOWS\system32\drivers\dgderdrv.sys
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
Kliknete na Otestovat soubor
Vysledek analyzy sem vlozte (jako odkaz)

Tohle znate:

C:\Program Files\Mutoh\RJ900\Program\MGLSpool.exe
C:\Program Files\Mutoh\RJ900\Program\srvany.exe
Pokud ne, tak sup s tim na VirusTotal a vysledek sem

Tahle proxy "ProxyServer" = 192.168.1.254:3128 a jeste tohle "AutoConfigURL" = 192.168.1.254 a tohle Domain = kpria.local znate a je nastaveno umyslne

Nedo · #6 Příspěvek od **Nedo** » 29 čer 2010 12:33

Tohle znate:
C:\Program Files\Mutoh\RJ900\Program\MGLSpool.exe jedna se o barevny plotter
C:\Program Files\Mutoh\RJ900\Program\srvany.exe jedna se o barevny plotter
Pokud ne, tak sup s tim na VirusTotal a vysledek sem

Tahle proxy "ProxyServer" = 192.168.1.254:3128 a jeste tohle "AutoConfigURL" = 192.168.1.254 a tohle Domain = kpria.local znate a je nastaveno umyslne

Ano, to je nastaveni site. Firma Kp Ria

A test souboru:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.03 -
AhnLab-V3 5.0.0.2 2010.03.03 -
AntiVir 8.2.1.180 2010.03.03 -
Antiy-AVL 2.0.3.7 2010.03.03 -
Authentium 5.2.0.5 2010.03.03 -
Avast 4.8.1351.0 2010.03.03 -
Avast5 5.0.332.0 2010.03.03 -
AVG 9.0.0.730 2010.03.03 -
BitDefender 7.2 2010.03.03 -
CAT-QuickHeal 10.00 2010.03.03 -
ClamAV 0.96.0.0-git 2010.03.03 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.03 -
eSafe 7.0.17.0 2010.03.03 -
eTrust-Vet 35.2.7338 2010.03.03 -
F-Prot 4.5.1.85 2010.03.03 -
F-Secure 9.0.15370.0 2010.03.03 -
Fortinet 4.0.14.0 2010.02.28 -
GData 19 2010.03.03 -
Ikarus T3.1.1.80.0 2010.03.03 -
Jiangmin 13.0.900 2010.03.03 -
K7AntiVirus 7.10.989 2010.03.03 -
Kaspersky 7.0.0.125 2010.03.03 -
McAfee 5909 2010.03.03 -
McAfee+Artemis 5909 2010.03.03 -
McAfee-GW-Edition 6.8.5 2010.03.03 -
Microsoft 1.5502 2010.03.03 -
NOD32 4913 2010.03.03 -
Norman 6.04.08 2010.03.03 -
nProtect 2009.1.8.0 2010.03.03 -
Panda 10.0.2.2 2010.03.03 -
PCTools 7.0.3.5 2010.03.03 -
Prevx 3.0 2010.03.03 -
Rising 22.37.02.04 2010.03.03 -
Sophos 4.51.0 2010.03.03 -
Sunbelt 5742 2010.03.03 -
Symantec 20091.2.0.41 2010.03.03 -
TheHacker 6.5.1.7.220 2010.03.03 -
TrendMicro 9.120.0.1004 2010.03.03 -
VBA32 3.12.12.2 2010.03.02 -
ViRobot 2010.3.3.2210 2010.03.03 -
VirusBuster 5.0.27.0 2010.03.03 -
Rozšiřující informace
File size: 18136 bytes
MD5 : eed8d83636551cfb8151f87020feb368
SHA1 : 09ec2725e0a45a746d8e81806e9d5687d811eeb2
SHA256: 421010fe58a9a3d9554c372bdb5843e7e5f6995419d3f9028aa8a1b4eef2898e
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2105
timedatestamp.....: 0x4B56BBA4 (Wed Jan 20 09:15:32 2010)
machinetype.......: 0x14C (Intel I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x181E 0x1880 6.30 3a3ce774f7a148736a9cf073f99426a4
.rdata 0x1D00 0x214 0x280 3.64 c71c399c8a605520a78241bacf5956ed
.data 0x1F80 0x5C 0x80 1.19 163c833698aeabf57c10c3383c40a264
.edata 0x2000 0x8D 0x100 2.94 deec386b45db1caa5e89adc2f197256f
INIT 0x2100 0x4F4 0x500 5.39 65645d4648cff122f10fdaee06327be7
.rsrc 0x2600 0x370 0x380 3.27 f0964058d240f576437d85faaf79c8aa
.reloc 0x2980 0x2F6 0x300 3.74 cf6cdf9fc286b20e413d7631e9167630

( 2 imports )

> hal.dll: KeGetCurrentIrql
> ntoskrnl.exe: IoDeleteSymbolicLink, RtlInitUnicodeString, KeDelayExecutionThread, ObfDereferenceObject, ObfReferenceObject, memset, IoRegisterShutdownNotification, IoCreateSymbolicLink, IoCreateDevice, RtlCopyUnicodeString, ExAllocatePoolWithTag, KeWaitForSingleObject, KeInitializeEvent, sprintf, RtlTimeToTimeFields, ExSystemTimeToLocalTime, IoUnregisterShutdownNotification, ZwClose, ZwWriteFile, RtlFreeUnicodeString, ZwCreateFile, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ObReferenceObjectByName, IoDriverObjectType, IofCallDriver, IoGetAttachedDeviceReference, ObReferenceObjectByHandle, IoFileObjectType, ZwOpenFile, IoBuildSynchronousFsdRequest, ObQueryNameString, IoOpenDeviceRegistryKey, ZwQueryValueKey, ZwOpenKey, KeTickCount, KeBugCheckEx, IoDeleteDevice, ExFreePoolWithTag, ZwUnloadDriver, KeQuerySystemTime, IofCompleteRequest, RtlUnwind

( 1 exports )

> _GetDriverObject@4, _MakeHextoString@16, _WriteLogToFile@12
TrID : File type identification
Clipper DOS Executable (33.3%)
Generic Win/DOS Executable (33.0%)
DOS Executable Generic (33.0%)
VXD Driver (0.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ssdeep: 384:OkvGJUDlLE73yUReqJfezOTyZxvTxsk5cYJL/GoXbCq1M6jra:OJslsTyHTx9RL5bCCMm2
sigcheck: publisher....: Devguru Co., Ltd
copyright....: Devguru Co., Ltd. All rights reserved.
product......: Device Error Recovery SDK
description..: Device Error Recovery SDK(x86)
original name: dgderdrv.sys
internal name: n/a
file version.: 1, 2, 950, 0
comments.....: n/a
signers......: DEVGURU CO LTD
VeriSign Class 3 Code Signing 2009-2 CA
Class 3 Public Primary Certification Authority
signing date.: 9:15 AM 1/20/2010
verified.....: -
PEiD : -
RDS : NSRL Reference Data Set
-

#7 Příspěvek od **vyosek** » 29 čer 2010 12:46

Ok, dekuji za vycerpavajici odpoved, chtel jsem se jen ujistit ze to tam mate umyslne at Vam to neodstrelim

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O3 - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-688367311-446870061-51467919-1141\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51fdb48d-d501-11de-bc0f-001cc092b74a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d841efff-04b1-11de-bb29-001cc092b74a}]

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Nedo · #8 Příspěvek od **Nedo** » 29 čer 2010 13:06

Tady je log po restartu pc:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry value HKEY_USERS\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-688367311-446870061-51467919-1141\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\WINDOWS\NV9762680.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV9762680.TMP folder deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP149.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18B0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP192A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP399.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP488.tmp folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51fdb48d-d501-11de-bc0f-001cc092b74a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51fdb48d-d501-11de-bc0f-001cc092b74a}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d841efff-04b1-11de-bb29-001cc092b74a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d841efff-04b1-11de-bb29-001cc092b74a}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Nedopilek
->Temp folder emptied: 445349011 bytes
->Temporary Internet Files folder emptied: 5277329 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42365552 bytes
->Google Chrome cache emptied: 353005657 bytes
->Flash cache emptied: 1884733 bytes

User: NetworkService
->Temp folder emptied: 13704 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: seadmin
->Temp folder emptied: 5429662 bytes
->Temporary Internet Files folder emptied: 8876540 bytes
->Java cache emptied: 0 bytes

User: Uzivatel
->Temp folder emptied: 196707253 bytes
->Temporary Internet Files folder emptied: 79375758 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 18965076 bytes
->Flash cache emptied: 405 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19233 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12625448 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 116,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Nedopilek
->Flash cache emptied: 0 bytes

User: NetworkService

User: seadmin

User: Uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.7.0 log created on 06292010_135217

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 29 čer 2010 13:09

Na disku najdete pres giga noveho mista

hodne nepotrebneho balastu tam bylo

Jak se chova PC

Nedo · #10 Příspěvek od **Nedo** » 29 čer 2010 13:17

Děkuji

PC se chová v pořádku, jen jsem se obával, když Eset něco dneska našel, aby tam toho nebylo více.

Takže Vám moc děkuji!

#11 Příspěvek od **vyosek** » 29 čer 2010 13:20

Jeste tedy udelame kontrolu mbam, pro sichr

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Po mbam nas pak ceka jeste par drobnosti (pokud bude mbam v cajku) jako je uklid a zaverecna kontrola

ale nebudu predbihat a pockam co ukaze log z mbam

Nedo · #12 Příspěvek od **Nedo** » 29 čer 2010 13:59

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4253

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29.6.2010 14:47:35
mbam-log-2010-06-29 (14-47-35).txt

Typ skenu: Rychlý sken
Skenované objekty: 152434
Uplynulý čas: 3 minuta(y), 43 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#13 Příspěvek od **vyosek** » 29 čer 2010 14:11

Takze mbam by byl lepsi nez nejlepsi

Neboli v poradku

Takze jdem na uklid a kontrolku

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Poprosim o novy log ze RSITu - budte prosim pripojen k internetu, at probehne i HJT

Nedo · #14 Příspěvek od **Nedo** » 29 čer 2010 14:22

Tak jsem to udělal postupně, jak radíte. CCleaner je po mém boku už pár let, ty zbylé dva programy neznám, je dobré to projet i tímhle čas od času?

Na internet jsem připojený stále, problém je v proxy adrese, u některých programů to nelze nastavit a proto se nedostanou na internet.

Tady je nový log:

Logfile of random's system information tool 1.07 (written by random/random)
Run by nedopilek at 2010-06-29 15:10:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 196 GB (85%) free of 230 GB
Total RAM: 3061 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-688367311-446870061-51467919-1141UA.job
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2200D421-F05D-4909-ACCD-D23269289ADF}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{92D79F06-83AE-4384-B17E-CA3E407C0F14}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-30 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ScreenManager Pro for LCD"=C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-12-17 1657448]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-12-17 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-12-17 14884864]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Nedopilek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-11-12 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-06-29 14:38:11 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\Malwarebytes
2010-06-29 14:38:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-29 14:38:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-06-29 13:52:17 ----D---- C:\_OTL
2010-06-29 10:41:31 ----D---- C:\rsit
2010-06-29 10:38:21 ----D---- C:\Program Files\Trend Micro
2010-06-25 12:42:06 ----D---- C:\Program Files\Seznam.cz
2010-06-13 16:33:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-06-04 10:53:56 ----D---- C:\PS 12_etapa2010_schvaleno
2010-05-30 12:35:23 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2010-05-30 12:35:22 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2010-05-30 12:35:21 ----D---- C:\Program Files\PDFCreator

======List of files/folders modified in the last 1 months======

2010-06-29 15:10:04 ----D---- C:\WINDOWS\Temp
2010-06-29 15:07:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-29 15:04:26 ----D---- C:\WINDOWS\system32
2010-06-29 15:04:25 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-29 14:42:25 ----D---- C:\WINDOWS\Prefetch
2010-06-29 14:38:04 ----D---- C:\WINDOWS\system32\drivers
2010-06-29 14:38:03 ----RD---- C:\Program Files
2010-06-29 13:54:52 ----D---- C:\WINDOWS
2010-06-29 13:52:18 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-29 10:38:26 ----SHD---- C:\WINDOWS\Installer
2010-06-29 09:17:49 ----D---- C:\Program Files\Mozilla Firefox
2010-06-29 08:52:14 ----D---- C:\WINDOWS\security
2010-06-26 17:29:39 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-06-26 14:04:01 ----HD---- C:\WINDOWS\inf
2010-06-26 14:04:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-26 14:03:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-26 14:02:45 ----D---- C:\Program Files\PC Connectivity Solution
2010-06-26 14:02:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2010-06-26 14:02:03 ----D---- C:\Program Files\Common Files\Samsung
2010-06-25 15:19:43 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-25 15:19:38 ----RSD---- C:\WINDOWS\assembly
2010-06-25 15:01:01 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\vlc
2010-06-25 14:45:10 ----D---- C:\WINDOWS\WinSxS
2010-06-21 17:43:46 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\Mozilla
2010-06-19 15:56:40 ----D---- C:\Documents and Settings\Nedopilek\Data aplikací\dvdcss
2010-06-14 18:55:37 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-14 18:55:13 ----SD---- C:\WINDOWS\Tasks
2010-06-10 14:46:46 ----D---- C:\WINDOWS\Debug
2010-06-10 13:38:04 ----D---- C:\Program Files\Internet Explorer
2010-06-10 13:34:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 13:34:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 13:29:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-08 11:52:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 15:55:43 ----D---- C:\Program Files\CCleaner
2010-06-04 15:55:23 ----D---- C:\Program Files\Defraggler
2010-06-04 10:55:21 ----AC---- C:\WINDOWS\wincmd.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 NTGDT;NTGDT; \??\C:\WINDOWS\system32\Drivers\NTGDT.SYS []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-02-12 43424]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2010-02-04 18136]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINDOWS\system32\DRIVERS\e1y5132.sys [2008-06-13 243856]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-12-18 7668608]
R3 pdiddcci;DDC/CI monitor; C:\WINDOWS\System32\DRIVERS\pdiddcci.sys [2007-06-12 11776]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-15 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-15 25512]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 dgdersvc;Device Error Recovery Service; C:\WINDOWS\system32\dgdersvc.exe [2010-02-04 95568]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-30 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MutGLSpool;MutGLSpool; C:\Program Files\Mutoh\RJ900\Program\srvany.exe [1998-11-22 8464]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 5241448]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-12-17 172100]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-30 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe [2010-01-18 9201664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-07-04 779560]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#15 Příspěvek od **vyosek** » 29 čer 2010 14:28

CCleaner je vyborne udelatko

OTC a TFC jsou jen programky na uklid po utilitach pouzivanych pri likvidaci (jejich pouzivani je tudiz v bezne cinnosti bezcenne

a muzete je smazat (OTC se tusim smaze i samo po pouziti))

Stahnete HJT odsud http://www.trendmicro.com/ftp/products/ ... ckThis.exe a dejte log jeste z nej...prave diky proxy se RSITu nepodarilo HJT natahnout

Spustit, dat "Main menu" (dole) a pak "Do a system scan and save logfile", obsah logu sem

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu