Prosím o preventivmí kontrolu.Děkuji

Zpráva

Fidolfo · #1 Příspěvek od **Fidolfo** » 15 led 2012 18:07

Poslán nový:

Logfile of random's system information tool 1.09 (written by random/random)
Run by NoNaMe at 2012-01-15 18:23:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (29%) free of 50 GB
Total RAM: 1023 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:24:35, on 15.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\NoNaMe\Plocha\RSIT.exe
C:\Program Files\trend micro\NoNaMe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Maple_S2P] C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Port pro program Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6877196687
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9014805-19FA-4703-B3AB-7CB84E6FFF22}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2

--
End of file - 8245 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13, {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.69"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\
engine@conduit.com
temp
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Maple_S2P"=C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe [2007-01-16 253952]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2008-06-05 536576]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-03-24 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-04 1632360]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2011-12-20 2696512]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-07-20 399736]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Port pro program Symantec Fax Starter Edition.lnk - C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Microsoft Office\Office\1029\WFXMSRVR.EXE"="C:\Program Files\Microsoft Office\Office\1029\WFXMSRVR.EXE:*:Disabled:WFXMSRVR"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\WINDOWS\network diagnostic\xpnetdiag.exe"="C:\WINDOWS\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP"
"C:\Program Files\MapView\WEB\www.ms.mff.cuni.cz\Ceska Republika\CR-SR-Cykloserver\LocalIndirectServer.exe"="C:\Program Files\MapView\WEB\www.ms.mff.cuni.cz\Ceska Republika\CR-SR-Cykloserver\LocalIndirectServer.exe:*:Enabled:LIS_Cykloserver"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Emergency 4\Em4.exe"="C:\Program Files\Emergency 4\Em4.exe:*:Enabled:Em4"
"C:\Program Files\Sports Interactive\Football Manager 2011\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-01-15 18:12:30 ----A---- C:\WINDOWS\isRS-000.tmp
2012-01-15 18:05:42 ----D---- C:\rsit
2012-01-15 17:39:21 ----D---- C:\Documents and Settings\NoNaMe\Data aplikací\Nero
2012-01-15 17:38:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2012-01-15 17:28:50 ----D---- C:\Program Files\Ask.com
2012-01-15 17:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-01-15 17:21:02 ----D---- C:\Program Files\Ashampoo
2012-01-11 19:46:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 19:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 19:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 19:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-11 19:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 19:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-06 17:05:47 ----D---- C:\Program Files\ESET
2011-12-16 21:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$

======List of files/folders modified in the last 1 month======

2012-01-15 18:24:27 ----D---- C:\Documents and Settings\NoNaMe\Data aplikací\uTorrent
2012-01-15 18:24:02 ----D---- C:\Program Files\trend micro
2012-01-15 18:22:36 ----D---- C:\WINDOWS\temp
2012-01-15 18:22:18 ----D---- C:\WINDOWS\Prefetch
2012-01-15 18:22:08 ----D---- C:\WINDOWS
2012-01-15 18:22:04 ----D---- C:\WINDOWS\SoftwareDistribution
2012-01-15 18:21:14 ----RD---- C:\Program Files
2012-01-15 18:18:55 ----D---- C:\WINDOWS\system32\drivers
2012-01-15 18:18:22 ----SHD---- C:\WINDOWS\Installer
2012-01-15 17:44:25 ----D---- C:\Config.Msi
2012-01-15 17:44:20 ----D---- C:\Program Files\Common Files
2012-01-15 17:32:38 ----D---- C:\WINDOWS\system32
2012-01-15 17:29:18 ----SD---- C:\WINDOWS\Tasks
2012-01-15 17:27:59 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-15 17:27:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-15 17:27:19 ----HD---- C:\WINDOWS\inf
2012-01-15 17:26:42 ----D---- C:\WINDOWS\WinSxS
2012-01-15 15:59:16 ----D---- C:\Documents and Settings\NoNaMe\Data aplikací\DAEMON Tools Lite
2012-01-15 15:58:00 ----D---- C:\Program Files\Ahead
2012-01-15 10:17:07 ----D---- C:\Program Files\Mozilla Firefox
2012-01-14 01:44:53 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-01-11 22:42:35 ----D---- C:\WINDOWS\Debug
2012-01-11 20:24:38 ----D---- C:\Program Files\Common Files\Adobe
2012-01-11 20:24:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-01-11 20:24:33 ----D---- C:\Program Files\Adobe
2012-01-11 19:46:19 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 19:45:43 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-10 19:12:20 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-09 12:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2012-01-09 12:31:30 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-07 10:01:27 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-07 10:01:06 ----RSD---- C:\WINDOWS\assembly
2012-01-06 18:32:09 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-06 17:09:59 ----D---- C:\Program Files\CCleaner
2011-12-16 21:12:31 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2006-01-24 81088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-13 691696]
R0 timounter;Acronis TrueImage Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2006-01-24 208640]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 81920]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-10 278984]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-10 25416]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-01-24 28096]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-01-13 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-01-13 12928]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-14 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-01-24 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-04 47230]
S0 ElbyVCD;ElbyVCD; C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 asplizo8;asplizo8; C:\WINDOWS\system32\drivers\asplizo8.sys []
S3 b57w2k;BCM5701 Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-24 97120]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ET5Drv;ET5Drv; \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 MarkFun_NT;MarkFun_NT; \??\C:\Program Files\Gigabyte\ET5\markfun.w32 []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-02-01 98560]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-15 50048]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-15 50048]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-01-24 122880]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [2005-12-19 1368064]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-03-28 66872]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-12-12 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-12 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 led 2012 09:02

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Fidolfo · #3 Příspěvek od **Fidolfo** » 16 led 2012 16:09

Přeji hezký den a zde jsou logy:

info.txt logfile of random's system information tool 1.09 2012-01-15 18:06:09

======Uninstall list======

@BIOS-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\BIOS\Uninst.isu"
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ACDSee 6.0 PowerPack Trial-->MsiExec.exe /I{5BFEB2DF-D80D-48B9-A95B-8C3E70DEA49F}
Acronis True Image-->C:\Program Files\Acronis\TrueImage\MediaBuilder.exe -uninstall
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Media Player-->MsiExec.exe /X{95264530-5A22-8E7E-FE9D-D63A927BCAEA}
Adobe Reader 9.5.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace NVIDIA 1.3.5-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Update
Aktualizace systému Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB982632)-->"C:\WINDOWS\ie8updates\KB982632-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
AnalogX NetStat Live-->C:\Program Files\AnalogX\NetStat Live\nslu.exe
Any Video Converter 2.7.6-->"C:\Program Files\Any Video Converter\unins000.exe"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ConvertXtoDVD 2.1.14.223-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
ConvertXtoDVD 3.2.1.55b-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EasyTune5-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Gigabyte\ET5\Uninst.isu" -c"C:\Program Files\Gigabyte\ET5\uninstdrv.dll"
Emergency 4-->"C:\Program Files\Emergency 4\unins000.exe"
FinWin 1.0-->"C:\Program Files\FinWin 1.0\RemoveIt.exe" "C:\Program Files\FinWin 1.0\SETUP.LOG"
Football Manager 2011-->"C:\Program Files\Sports Interactive\Football Manager 2011\Uninstall_Football Manager 2011\Uninstall Football Manager 2011.exe"
Free CD to MP3 Converter-->C:\PROGRA~1\CDTOMP~1\UNWISE.EXE C:\PROGRA~1\CDTOMP~1\INSTALL.LOG
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
InterVideo WinDVD Platinum-->"C:\Program Files\InstallShield Installation Information\{8DC9BEFF-07FC-4631-BBF4-8F00F74953C2}\setup.exe" REMOVEALL
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
K-Lite Mega Codec Pack 5.7.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Czech Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Czech Language Pack\setup.exe
Microsoft .NET Framework 3.0 Czech Language Pack-->MsiExec.exe /X{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010405-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mozilla Firefox 5.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView 135.85-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.NView
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA Ovladače grafiky 275.33-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX v8.04.25-->MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenOffice.org 3.0-->MsiExec.exe /I{564D0000-547B-4ED8-8070-85286CC8C9BF}
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Readiris Pro 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}\setup.exe" -l0x9
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Samsung CLX-216x Series-->C:\Program Files\Samsung\Samsung CLX-216x Series\Install\Setup.exe /R
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SmarThru 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{90F1943D-EA4A-4460-B59F-30023F3BA69A}\Setup.exe" -l0x9 uninstall -l0009
Sunbelt Kerio Personal Firewall-->MsiExec.exe /X{A990EAA7-8941-4621-BC27-4F16261D3180}
Sven 004 XXL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C60B0680-D6CC-458B-A9E7-A86F9DC7B2E0}\Setup.exe" -l0x7
Sven 2 XS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{844DBF54-F822-4A1C-896B-93C0FBBA38D3}\Setup.exe" -l0x7
Sven Břmwřllen DL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5C4DE6-101B-11D6-986D-00500443CF9F}\Setup.exe" -l0x7
Sven XXX - XS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB9EA451-351D-4EDC-B23E-BFECFCEC0E0F}\Setup.exe" -l0x7
Testy Autoškola-->MsiExec.exe /I{64761110-6210-416E-8C8F-6E4394401FD4}
Testy Autoškola-->MsiExec.exe /X{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
TOSHIBA Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
Vypínač na dobrou noc verze 2.0-->"C:\Program Files\Vypínač na dobrou noc\unins000.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (CSY)-->MsiExec.exe /X{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: AVG Anti-Virus (disabled) (outdated)
AV: ESET NOD32 Antivirus 4.0
FW: Kerio Personal Firewall

======System event log======

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 19
Message: Instalace dokončena: Instalace následující aktualizace byla dokončena úspěšně: Aktualizace zabezpečení systému Windows XP (KB2567053)

Record Number: 55468
Source Name: Windows Update Agent
Time Written: 20111012135413.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 4377
Message: Windows XP Hotfix KB2567053 was installed.

Record Number: 55467
Source Name: NtServicePack
Time Written: 20111012135408.000000+120
Event Type: Informace
User: PRIVAT-ZEN1VAN7\NoNaMe

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 12. října 2011 v 15:00):
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy x86 (KB2572067)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 4 systémech Windows XP, Windows Server 2003, Windows Vista, Windows 7 a Windows Server 2008 platformy x86 (KB2572078)
- Kumulativní aktualizace zabezpečení aplikace Internet Explorer 8 pro systém Windows XP (KB2586448)
- Aktualizace zabezpečení systému Windows XP (KB2592799)
- Aktualizace zabezpečení systému Windows XP (KB2567053)
- Nástroj k odstranění škodlivého softwaru v systému Windows – říjen 2011 (KB890830)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 2.0 SP2 v systémech Windows Server 2003 a Windows XP pro platformu x86 (KB2572073)
- Aktualizace zabezpečení systému Windows XP (KB2564958)
- Aktualizace zabezpečení pro produkt Microsoft Silverlight (KB2617986)

Record Number: 55466
Source Name: Windows Update Agent
Time Written: 20111012135347.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 12. října 2011 v 15:00):
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy x86 (KB2572067)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 4 systémech Windows XP, Windows Server 2003, Windows Vista, Windows 7 a Windows Server 2008 platformy x86 (KB2572078)
- Aktualizace zabezpečení systému Windows XP (KB2592799)
- Aktualizace zabezpečení systému Windows XP (KB2567053)
- Nástroj k odstranění škodlivého softwaru v systému Windows – říjen 2011 (KB890830)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 2.0 SP2 v systémech Windows Server 2003 a Windows XP pro platformu x86 (KB2572073)
- Aktualizace zabezpečení systému Windows XP (KB2564958)
- Aktualizace zabezpečení pro produkt Microsoft Silverlight (KB2617986)

Record Number: 55465
Source Name: Windows Update Agent
Time Written: 20111012135141.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 12. října 2011 v 15:00):
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy x86 (KB2572067)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 4 systémech Windows XP, Windows Server 2003, Windows Vista, Windows 7 a Windows Server 2008 platformy x86 (KB2572078)
- Aktualizace zabezpečení systému Windows XP (KB2592799)
- Aktualizace zabezpečení systému Windows XP (KB2567053)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 2.0 SP2 v systémech Windows Server 2003 a Windows XP pro platformu x86 (KB2572073)
- Aktualizace zabezpečení systému Windows XP (KB2564958)
- Aktualizace zabezpečení pro produkt Microsoft Silverlight (KB2617986)

Record Number: 55464
Source Name: Windows Update Agent
Time Written: 20111012135111.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 1
Message:
Record Number: 5
Source Name: Bonjour Service
Time Written: 20110905202713.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20110904100300.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 1
Message:
Record Number: 3
Source Name: Bonjour Service
Time Written: 20110904100300.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20110903133905.000000+120
Event Type: Informace
User:

Computer Name: PRIVAT-ZEN1VAN7
Event Code: 1
Message:
Record Number: 1
Source Name: Bonjour Service
Time Written: 20110903133904.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Nokia\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 10, AuthenticAMD
"PROCESSOR_REVISION"=040a
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

A zde je log CKScanner:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\emergency 4\data\basedata\bridge_cracks.dds
c:\program files\emergency 4\data\basedata\church02_cracks.dds
c:\program files\emergency 4\data\basedata\collapsing01_cracks.dds
c:\program files\emergency 4\data\basedata\cracks01.dds
c:\program files\emergency 4\data\models\objects\missionspec\snowcracks01_big.v3o
c:\program files\emergency 4\data\models\objects\missionspec\snowcracks01_small.v3o
c:\program files\emergency 4\data\models\objects\objectchildren\church02_cracks.v3o
c:\program files\emergency 4\data\models\openhouses\burningtower\burning_tower01_cracks.dds
c:\program files\emergency 4\data\prototypes\objects\missionspec\snowcracks01_big.e4p
c:\program files\emergency 4\data\prototypes\objects\missionspec\snowcracks01_small.e4p
c:\program files\emergency 4\data\prototypes\objects\objectchildren\church02_cracks.e4p
scanner sequence 3.CH.11.HKABCQ
----- EOF -----

#4 Příspěvek od **vyosek** » 16 led 2012 16:23

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Fidolfo · #5 Příspěvek od **Fidolfo** » 16 led 2012 17:05

OTL 1.část:

OTL logfile created on: 16.1.2012 16:40:32 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\NoNaMe\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 379,23 Mb Available Physical Memory | 37,05% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,84% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 14,27 Gb Free Space | 29,22% Space Free | Partition Type: NTFS

Computer Name: PRIVAT-ZEN1VAN7 | User Name: NoNaMe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.16 16:35:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NoNaMe\Plocha\OTL.exe
PRC - [2011.07.20 11:38:44 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011.07.01 20:23:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.05.25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2009.12.12 01:38:15 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.16 04:00:48 | 000,253,952 | ---- | M] () -- C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe
PRC - [2006.01.24 21:06:21 | 000,122,880 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2005.12.19 11:44:40 | 001,368,064 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
PRC - [2005.12.19 11:43:52 | 002,617,344 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
PRC - [2005.02.10 14:11:08 | 000,479,232 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2005.02.09 13:55:12 | 000,258,048 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2005.01.31 16:24:30 | 000,217,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [1999.04.07 23:39:20 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE

========== Modules (No Company Name) ==========

MOD - [2011.11.18 11:16:47 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.07.01 20:23:07 | 001,850,328 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.05.04 23:02:44 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2007.01.26 09:03:10 | 000,022,723 | ---- | M] () -- C:\WINDOWS\system32\cx21sl3.dll
MOD - [2007.01.16 04:00:52 | 001,384,520 | ---- | M] () -- C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\SSOle.dll
MOD - [2007.01.16 04:00:48 | 000,253,952 | ---- | M] () -- C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe
MOD - [2007.01.16 04:00:24 | 000,184,320 | ---- | M] () -- C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\IMFilter.dll
MOD - [2005.12.07 13:37:36 | 000,159,744 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall 4\ktssleay32_0.9.7.2.dll
MOD - [2005.12.07 13:37:04 | 000,802,816 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall 4\ktlibeay32_0.9.7.2.dll
MOD - [2005.12.07 13:30:04 | 000,084,480 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall 4\ktzlib.dll
MOD - [2004.10.01 13:13:24 | 000,045,056 | ---- | M] () -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll
MOD - [2004.09.22 09:09:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2004.07.20 16:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2003.07.29 14:33:26 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\TosHidAPI.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NBService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2009.12.12 01:38:15 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.12.12 01:38:12 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.12.11 13:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.01.24 21:06:21 | 000,122,880 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005.12.19 11:44:40 | 001,368,064 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe -- (KPF4)

========== Driver Services (SafeList) ==========

DRV - [2009.12.13 19:35:07 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.09 21:38:10 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.12.04 13:50:06 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008.12.04 13:50:02 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.10 19:57:04 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.08.10 19:57:04 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.04.16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007.01.17 10:25:12 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006.03.13 15:49:54 | 000,060,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus) Sony Ericsson W300 Driver driver (WDM)
DRV - [2006.01.24 21:06:20 | 000,208,640 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2006.01.24 21:06:20 | 000,081,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2006.01.24 21:06:20 | 000,028,096 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2006.01.24 17:56:24 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2005.12.15 18:13:34 | 000,274,432 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2005.12.15 18:01:52 | 000,081,920 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2005.03.25 15:04:40 | 002,314,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.03.04 08:24:58 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005.02.01 12:22:22 | 000,098,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005.01.13 16:45:46 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.01.13 16:45:44 | 000,033,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.01.06 12:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.12.21 10:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004.12.15 16:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004.11.15 21:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004.10.04 09:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004.09.21 00:09:10 | 000,186,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv)
DRV - [2004.07.08 16:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2004.05.02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003.04.15 10:16:48 | 000,008,236 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 -- (MarkFun_NT)
DRV - [2002.10.16 12:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2001.10.24 10:46:48 | 000,097,120 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.69

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\NoNaMe\Data aplikací\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.01 20:23:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.11 20:24:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.01.06 17:05:47 | 000,000,000 | ---D | M]

[2008.09.22 14:01:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Extensions
[2008.09.22 14:01:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2012.01.16 15:52:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions
[2010.05.28 10:28:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.15 17:21:27 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012.01.04 07:59:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.08 18:55:15 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.01.15 17:21:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com
[2012.01.16 15:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged
[2008.03.27 23:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\temp
[2012.01.15 17:28:51 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com
[2009.04.28 08:45:15 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\daemon-search.xml
[2012.01.11 19:39:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-1.xml
[2008.07.04 13:46:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-2.xml
[2008.07.05 20:09:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-3.xml
[2008.07.21 07:43:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-4.xml
[2008.08.27 17:29:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-5.xml
[2008.10.08 13:32:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-6.xml
[2008.11.15 09:50:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-7.xml
[2008.12.24 20:48:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-8.xml
[2009.05.02 08:32:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-9.xml
[2007.07.25 22:04:52 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin.xml
[2011.07.01 19:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.13 21:58:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.07 18:08:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.27 18:42:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.08 19:16:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.01 19:25:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.04.15 16:24:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.04.15 16:24:58 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2008.12.18 17:07:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.01 20:23:09 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.01 20:23:04 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.07.01 20:23:04 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.07.01 20:23:04 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.07.01 20:23:04 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.07.01 20:23:04 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTe ... {startPage}
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2011.08.10 22:21:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Maple_S2P] C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1229272821-725345543-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6877196687 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9014805-19FA-4703-B3AB-7CB84E6FFF22}: NameServer = 10.0.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) -C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop Components:1 (Aqua Real) - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
O24 - Desktop WallPaper: C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.16 16:35:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NoNaMe\Plocha\OTL.exe
[2012.01.16 15:46:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NoNaMe\Recent
[2012.01.15 18:05:42 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.15 17:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\AskToolbar
[2012.01.15 17:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NoNaMe\Data aplikací\Nero
[2012.01.15 17:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Nero
[2012.01.15 17:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.01.15 17:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ashampoo
[2012.01.15 17:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012.01.15 17:20:29 | 032,747,816 | ---- | C] (Nero AG) -- C:\Documents and Settings\NoNaMe\Plocha\Nero_BurnLite-10.0.10600.exe
[2007.11.14 19:11:47 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\NoNaMe\Data aplikací\pcouffin.sys
[1999.04.07 23:39:18 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.09 08:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.09 08:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.09 08:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.09 08:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.09 08:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.01.16 16:42:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.16 16:35:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NoNaMe\Plocha\OTL.exe
[2012.01.16 16:01:10 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.01.16 16:00:40 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2012.01.16 16:00:40 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2012.01.16 15:56:46 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Plocha\CKScanner.exe
[2012.01.16 15:51:22 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job
[2012.01.16 15:47:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.16 15:46:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.15 18:05:30 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Plocha\RSIT.exe
[2012.01.15 17:25:00 | 032,747,816 | ---- | M] (Nero AG) -- C:\Documents and Settings\NoNaMe\Plocha\Nero_BurnLite-10.0.10600.exe
[2012.01.15 17:21:11 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2012.01.13 22:42:10 | 000,037,913 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Plocha\boty.jpg
[2012.01.12 15:22:43 | 000,010,782 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\SmarThruOptions.xml
[2012.01.12 02:17:06 | 000,037,921 | -H-- | M] () -- C:\Documents and Settings\NoNaMe\Plocha\2376LKPV.bat
[2012.01.11 20:24:43 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2012.01.10 19:12:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.01.09 21:03:46 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.16 16:42:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.16 15:56:39 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Plocha\CKScanner.exe
[2012.01.15 18:05:08 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Plocha\RSIT.exe
[2012.01.15 17:29:18 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.01.15 17:21:11 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2012.01.13 22:42:10 | 000,037,913 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Plocha\boty.jpg
[2012.01.12 02:17:06 | 000,037,921 | -H-- | C] () -- C:\Documents and Settings\NoNaMe\Plocha\2376LKPV.bat
[2012.01.11 20:24:43 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
[2012.01.11 20:24:43 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2011.09.03 23:32:20 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.07.20 23:21:03 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.07.20 21:54:39 | 000,684,622 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2011.07.20 21:54:39 | 000,041,674 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010.10.21 19:09:10 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.10.21 19:09:06 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.10.21 19:09:06 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.02.26 14:52:40 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.02.26 14:52:38 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.02.26 14:52:25 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.26 14:52:25 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.26 14:52:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.02.26 14:50:06 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.04.14 15:00:09 | 006,294,528 | ---- | C] () -- C:\WINDOWS\System32\MediaIO1.dll
[2009.04.14 15:00:08 | 009,974,784 | ---- | C] () -- C:\WINDOWS\System32\MioPlayer2.dll
[2009.02.28 21:54:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cfgedit.INI
[2009.02.21 19:35:46 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2009.02.21 19:17:37 | 000,010,782 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\SmarThruOptions.xml
[2009.02.21 19:17:27 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2008.12.11 23:25:25 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.11.18 17:14:05 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2008.11.18 17:14:01 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2008.11.18 17:03:57 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cx21sl3.dll
[2008.11.18 15:20:54 | 000,110,592 | R--- | C] () -- C:\WINDOWS\WiaInst.exe
[2008.11.18 15:20:47 | 000,057,344 | R--- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2008.11.18 15:20:47 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\Ssuiext.dll
[2008.11.18 15:20:46 | 000,094,208 | R--- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2008.11.18 15:20:46 | 000,086,016 | R--- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2008.11.18 15:20:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2008.11.05 22:17:01 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\vso_ts_preview.xml
[2008.09.30 14:51:40 | 000,000,703 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008.08.20 14:54:45 | 000,015,923 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\ehacabamex.sys
[2008.08.20 14:54:44 | 000,015,039 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\bemusajifo.sys
[2008.08.20 14:30:24 | 000,018,070 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\rimegerud.db
[2008.08.20 14:30:24 | 000,017,901 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\cyrem.bat
[2008.08.20 14:30:24 | 000,017,528 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\upobova.dat
[2008.08.20 14:30:24 | 000,015,966 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\iqotibonos.ban
[2008.08.20 14:30:24 | 000,013,210 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\yxoxa.pif
[2008.08.17 14:55:43 | 000,017,412 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\ojalucak._sy
[2008.08.17 14:55:43 | 000,017,244 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\femo.db
[2008.08.17 14:55:43 | 000,011,908 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\bory.bat
[2008.08.17 14:55:42 | 000,011,166 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\cosywoneso.com
[2008.08.17 13:29:36 | 000,018,213 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\sahexokoz.inf
[2008.08.17 13:29:36 | 000,017,431 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\gydymocibu.dl
[2008.08.17 13:29:36 | 000,016,708 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\irase.dl
[2008.08.17 13:29:36 | 000,015,478 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\goty.inf
[2008.08.10 19:57:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.08.10 19:57:04 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.07.15 10:58:06 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008.07.15 10:45:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008.05.30 21:09:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008.05.26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008.03.29 10:19:30 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\fusioncache.dat
[2008.03.28 10:17:44 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.03.28 10:17:44 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\PnkBstrK.sys
[2008.03.28 10:17:30 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008.03.28 10:17:29 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008.03.28 10:17:29 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008.01.17 13:39:14 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.01.03 21:34:10 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.14 19:11:47 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\pcouffin.cat
[2007.11.14 19:11:47 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Data aplikací\pcouffin.inf
[2007.09.23 12:25:51 | 000,000,400 | ---- | C] () -- C:\WINDOWS\T602.INI
[2007.09.16 15:40:40 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.20 06:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 06:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.01.24 21:06:20 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2006.01.24 20:48:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.01.24 20:47:28 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006.01.24 20:47:17 | 000,003,389 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.01.24 19:22:44 | 000,000,676 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2006.01.24 18:59:21 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2006.01.24 18:45:11 | 000,000,226 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2006.01.24 18:45:10 | 000,001,341 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2006.01.24 18:45:00 | 000,004,291 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2006.01.24 18:45:00 | 000,002,025 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2006.01.24 18:38:57 | 000,000,795 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2006.01.24 18:34:31 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.01.24 18:34:31 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006.01.24 18:34:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006.01.24 18:01:55 | 000,000,112 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.01.24 17:46:53 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.01.24 17:31:09 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2006.01.24 17:19:29 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2006.01.24 17:19:27 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006.01.24 17:19:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006.01.23 22:36:52 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.01.23 22:35:54 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.01.23 21:46:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.01.23 21:41:58 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.12.15 18:01:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\khips.sys
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.12.02 14:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004.09.22 09:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.07.20 16:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 13:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.07.29 14:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,497,460 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 13:00:00 | 000,481,366 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,100,722 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 13:00:00 | 000,079,822 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999.01.23 00:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2006.01.24 17:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2009.04.28 21:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2009.12.13 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.03.29 21:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2011.09.26 12:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.12.12 21:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.02.11 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.02.06 20:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.02.06 16:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2009.02.06 20:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.08.17 13:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\services
[2011.07.20 12:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2008.09.22 14:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2008.03.30 11:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2007.11.14 19:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.12.12 01:37:10 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2006.01.24 18:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ACD Systems
[2006.01.24 21:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Acronis
[2009.08.02 14:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Any Video Converter
[2009.04.28 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Ashampoo
[2009.06.25 23:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\avidemux
[2011.09.03 23:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Black Sea Studios
[2009.01.04 10:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\BSplayer
[2007.11.13 22:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\BSplayer Pro
[2009.04.28 21:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Canneverbe_Limited
[2012.01.15 20:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\DAEMON Tools Lite
[2009.03.01 00:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Desktopicon
[2008.09.13 10:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\HLSW
[2011.07.05 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ
[2007.09.23 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar
[2007.09.06 18:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQLite
[2006.01.24 18:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\InterVideo
[2009.03.29 20:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Leadertech
[2009.06.19 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Nokia
[2009.05.02 13:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\OpenOffice.org
[2008.08.24 17:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Opera
[2009.02.06 20:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\PC Suite
[2007.09.06 18:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\PCToolsFirewallPlus
[2009.02.21 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\SmarThru4
[2011.07.20 12:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Sports Interactive
[2008.09.22 14:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\TomTom
[2008.03.30 11:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\TuneUp Software
[2012.01.16 16:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\uTorrent
[2010.01.17 21:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Vso
[2009.07.30 09:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Windows Desktop Search
[2009.08.19 21:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Windows Search
[2012.01.16 16:00:40 | 000,000,488 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2012.01.16 16:01:10 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.01.16 15:51:22 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job
[2012.01.16 16:00:40 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job

Fidolfo · #6 Příspěvek od **Fidolfo** » 16 led 2012 17:06

OTL 2.část:

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.12.12 02:32:43 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: SCECLI.DLL >
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Globalization\*.tmp files -> C:\WINDOWS\Globalization\*.tmp -> ]
[9 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.11.18 10:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2006.01.24 18:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ACD Systems
[2006.01.24 21:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Acronis
[2009.02.26 15:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Adobe
[2009.08.22 22:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\AdobeUM
[2007.11.14 19:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Ahead
[2009.08.02 14:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Any Video Converter
[2009.02.03 17:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Apple Computer
[2009.04.28 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Ashampoo
[2009.06.25 23:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\avidemux
[2011.09.03 23:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Black Sea Studios
[2009.01.04 10:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\BSplayer
[2007.11.13 22:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\BSplayer Pro
[2009.04.28 21:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Canneverbe_Limited
[2012.01.15 20:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\DAEMON Tools Lite
[2009.03.01 00:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Desktopicon
[2009.10.10 23:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Google
[2006.01.24 18:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Help
[2008.09.13 10:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\HLSW
[2011.07.05 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ
[2007.09.23 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar
[2007.09.06 18:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQLite
[2006.01.23 21:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Identities
[2007.09.23 19:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\InstallShield
[2006.01.24 18:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\InterVideo
[2011.07.20 12:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Lavasoft
[2009.03.29 20:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Leadertech
[2007.09.06 18:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Macromedia
[2008.12.23 00:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Malwarebytes
[2011.10.17 21:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Media Player Classic
[2009.04.14 15:00:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft
[2006.01.24 18:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft Web Folders
[2008.08.27 17:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla
[2006.01.24 18:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\MSN6
[2012.01.15 17:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Nero
[2009.06.19 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Nokia
[2009.05.02 13:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\OpenOffice.org
[2008.08.24 17:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Opera
[2009.02.06 20:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\PC Suite
[2007.09.06 18:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\PCToolsFirewallPlus
[2010.09.14 16:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Real
[2011.05.16 20:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Skype
[2009.04.14 13:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\skypePM
[2009.02.21 19:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\SmarThru4
[2011.07.20 12:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Sports Interactive
[2007.09.06 20:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Sun
[2009.12.25 18:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\SUPERAntiSpyware.com
[2008.09.22 14:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\TomTom
[2008.03.30 11:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\TuneUp Software
[2012.01.16 16:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\uTorrent
[2010.01.17 21:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Vso
[2009.07.30 09:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Windows Desktop Search
[2009.08.19 21:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\Windows Search
[2008.04.16 09:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.02.26 15:03:09 | 000,038,208 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2008.03.01 17:56:11 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft\Installer\{64761110-6210-416E-8C8F-6E4394401FD4}\_5AF3C82F304834E17C2061.exe
[2008.03.01 17:56:11 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft\Installer\{64761110-6210-416E-8C8F-6E4394401FD4}\_6FEFF9B68218417F98F549.exe
[2009.12.25 18:06:27 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft\Installer\{A990EAA7-8941-4621-BC27-4F16261D3180}\ARPPRODUCTICON.exe
[2009.12.25 18:06:27 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft\Installer\{A990EAA7-8941-4621-BC27-4F16261D3180}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
[2009.12.25 18:06:27 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Microsoft\Installer\{A990EAA7-8941-4621-BC27-4F16261D3180}\NewShortcut3_8315396A5EA1419DBEC4978284BDF556.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.01.16 16:00:40 | 000,000,488 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2012.01.16 16:01:10 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.01.16 15:51:22 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job
[2012.01.16 16:00:40 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.13 19:35:07 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.01.23 22:35:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.01.23 22:35:19 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.01.23 22:35:19 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.16 15:47:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ccleaner" = "C:\Program Files\CCleaner\CCleaner.exe" /AUTO -- [2011.12.20 22:41:08 | 002,696,512 | ---- | M] (Piriform Ltd)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2011.07.20 11:38:44 | 000,399,736 | ---- | M] (BitTorrent, Inc.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.07.01 20:23:08 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=6C9CD3ECBA6732661C8BBE37A877A2BD -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /TUTag=Z6XPPK /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional (TuneUp Záloha)" /fastdetect /NoExecute=OptIn /TUTag=Z6XPPK-BAK

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.16 16:42:24 | 000,000,512 | ---- | M] () MD5=2E6E157B8B9B246CEB334C3695597CAD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.10.30 00:00:00 | 000,043,856 | ---- | M] () -- \Program Files\Emergency 4\Data\basedata\bridge_cracks.dds
[2006.10.30 00:00:00 | 000,087,536 | ---- | M] () -- \Program Files\Emergency 4\Data\basedata\church02_cracks.dds
[2006.10.30 00:00:00 | 000,087,536 | ---- | M] () -- \Program Files\Emergency 4\Data\basedata\collapsing01_cracks.dds
[2006.10.30 00:00:00 | 000,022,000 | ---- | M] () -- \Program Files\Emergency 4\Data\basedata\cracks01.dds
[2006.10.30 00:00:00 | 000,000,771 | ---- | M] () -- \Program Files\Emergency 4\Data\Models\Objects\Missionspec\snowcracks01_big.V3O
[2006.10.30 00:00:00 | 000,000,767 | ---- | M] () -- \Program Files\Emergency 4\Data\Models\Objects\Missionspec\snowcracks01_small.V3O
[2006.10.30 00:00:00 | 000,002,369 | ---- | M] () -- \Program Files\Emergency 4\Data\Models\Objects\ObjectChildren\church02_cracks.V3O
[2006.10.30 00:00:00 | 000,043,856 | ---- | M] () -- \Program Files\Emergency 4\Data\Models\OpenHouses\burningtower\burning_tower01_cracks.dds
[2006.10.30 00:00:00 | 000,002,540 | ---- | M] () -- \Program Files\Emergency 4\Data\Prototypes\Objects\Missionspec\snowcracks01_big.e4p
[2006.10.30 00:00:00 | 000,002,552 | ---- | M] () -- \Program Files\Emergency 4\Data\Prototypes\Objects\Missionspec\snowcracks01_small.e4p
[2006.10.30 00:00:00 | 000,002,544 | ---- | M] () -- \Program Files\Emergency 4\Data\Prototypes\Objects\ObjectChildren\church02_cracks.e4p

< *keygen* /s >
[2012.01.15 16:35:06 | 000,015,065 | ---- | M] () -- \Documents and Settings\NoNaMe\Data aplikací\uTorrent\Nero 7 Premium 7.8.5.0 CZ + keygen.rar.torrent
[2012.01.15 16:37:50 | 190,316,672 | ---- | M] () -- \Documents and Settings\NoNaMe\Dokumenty\Downloads\Nero 7 Premium 7.8.5.0 CZ + keygen.rar

< *loader* /s >
[2008.08.15 21:34:41 | 000,117,169 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\ZlobDownloadervcd.zip
[2008.08.16 17:16:28 | 000,000,660 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\ZlobDownloadervcd1.zip
[2012.01.11 05:03:10 | 000,010,144 | ---- | M] () -- \Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules\ExternalLibraryLoader.jsm
[2010.02.06 11:56:00 | 000,002,960 | ---- | M] () -- \Documents and Settings\NoNaMe\Local Settings\Data aplikací\Google\Google Desktop\dca16082cd32\icons\utubedownloader_sm.gif
[2008.04.29 07:26:08 | 000,070,944 | ---- | M] () -- \Program Files\AGEIA Technologies\demos\physxloader.dll
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2008.12.15 02:46:54 | 000,286,720 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2011.07.05 10:59:44 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.05 10:59:45 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.05 10:59:44 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.06 17:51:43 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.05 11:27:09 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2009.01.15 16:58:56 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2009.01.15 01:36:48 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.01.15 17:43:24 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.01.14 19:42:58 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.01.15 00:59:36 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2007.03.16 09:40:42 | 000,110,592 | ---- | M] () -- \Program Files\SmarThru 4\WebUploaderLib.dll
[2007.03.16 09:29:24 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\English\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:28 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\French\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:30 | 000,000,196 | ---- | M] () -- \Program Files\SmarThru 4\German\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:56 | 000,000,203 | ---- | M] () -- \Program Files\SmarThru 4\Hungarian\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:54 | 000,000,184 | ---- | M] () -- \Program Files\SmarThru 4\Chinese (Traditional)\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:22 | 000,000,178 | ---- | M] () -- \Program Files\SmarThru 4\Chinese\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:34 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Italian\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:36 | 000,000,191 | ---- | M] () -- \Program Files\SmarThru 4\Korean\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:30:00 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Polish\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:44 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:46 | 000,000,192 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:38 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\Russian\SmarThruRes-WebUploaderLib.xml
[2007.03.16 09:29:42 | 000,000,193 | ---- | M] () -- \Program Files\SmarThru 4\Spanish\SmarThruRes-WebUploaderLib.xml
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.30 12:55:16 | 000,070,944 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2009.04.28 10:48:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.12.04 00:59:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< End of report >

Fidolfo · #7 Příspěvek od **Fidolfo** » 16 led 2012 17:07

Extras :

OTL Extras logfile created on: 16.1.2012 16:40:32 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\NoNaMe\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 379,23 Mb Available Physical Memory | 37,05% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,84% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 14,27 Gb Free Space | 29,22% Space Free | Partition Type: NTFS

Computer Name: PRIVAT-ZEN1VAN7 | User Name: NoNaMe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Microsoft Office\Office\1029\WFXMSRVR.EXE" = C:\Program Files\Microsoft Office\Office\1029\WFXMSRVR.EXE:*:Disabled:WFXMSRVR -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\MapView\WEB\www.ms.mff.cuni.cz\Ceska Republika\CR-SR-Cykloserver\LocalIndirectServer.exe" = C:\Program Files\MapView\WEB\www.ms.mff.cuni.cz\Ceska Republika\CR-SR-Cykloserver\LocalIndirectServer.exe:*:Enabled:LIS_Cykloserver -- (Kurniky)
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI -- (Sunbelt Software)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Emergency 4\Em4.exe" = C:\Program Files\Emergency 4\Em4.exe:*:Enabled:Em4 -- ()
"C:\Program Files\Sports Interactive\Football Manager 2011\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011 -- (Sports Interactive)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@BIOS" = @BIOS
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0E5C4DE6-101B-11D6-986D-00500443CF9F}" = Sven Břmwřllen DL
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BFEB2DF-D80D-48B9-A95B-8C3E70DEA49F}" = ACDSee 6.0 PowerPack Trial
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{64761110-6210-416E-8C8F-6E4394401FD4}" = Testy Autoškola
"{652B48CA-165B-4671-9415-2B477B20CE82}_is1" = Emergency 4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}" = Testy Autoškola
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.1.55b
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{844DBF54-F822-4A1C-896B-93C0FBBA38D3}" = Sven 2 XS
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8DC9BEFF-07FC-4631-BBF4-8F00F74953C2}" = InterVideo WinDVD Platinum
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A990EAA7-8941-4621-BC27-4F16261D3180}" = Sunbelt Kerio Personal Firewall
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.1.14.223
"{BB9EA451-351D-4EDC-B23E-BFECFCEC0E0F}" = Sven XXX - XS
"{BBC8862B-BFC8-475D-9BB8-93289703BD33}" = ESET NOD32 Antivirus
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C60B0680-D6CC-458B-A9E7-A86F9DC7B2E0}" = Sven 004 XXL
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = TOSHIBA Bluetooth Stack for Windows
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DA2B455A-B0BE-4C5A-B73A-0615F37C81D5}" = Beowulf TM
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AnalogX NetStat Live" = AnalogX NetStat Live
"Any Video Converter_is1" = Any Video Converter 2.7.6
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"CCleaner" = CCleaner
"EasyTune5" = EasyTune5
"FinWin 1.0" = FinWin 1.0
"Football Manager 2011" = Football Manager 2011
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PunkBusterSvc" = PunkBuster Services
"Samsung CLX-216x Series" = Samsung CLX-216x Series
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TrueImage" = Acronis True Image
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.11.2011 14:28:48 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Error | ID = 1000
Description = Chybující aplikace fm.exe, verze 11.3.0.47461, chybující modul fm.exe,
verze 11.3.0.47461, adresa chyby 0x0103fab2.

Error - 21.11.2011 11:06:02 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Error | ID = 1000
Description = Chybující aplikace fm.exe, verze 11.3.0.47461, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 28.11.2011 18:05:56 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OneClick.exe, verze 8.0.2000.35, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.11.2011 18:05:57 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OneClick.exe, verze 8.0.2000.35, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.11.2011 18:12:48 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OneClick.exe, verze 8.0.2000.35, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.11.2011 18:12:50 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OneClick.exe, verze 8.0.2000.35, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.12.2011 18:34:19 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1434, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 7.1.2012 4:35:17 | Computer Name = PRIVAT-ZEN1VAN7 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 7.1.2012 18:05:47 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Error | ID = 1000
Description = Chybující aplikace fm.exe, verze 11.3.0.47461, chybující modul fm.exe,
verze 11.3.0.47461, adresa chyby 0x002f0062.

Error - 15.1.2012 10:30:58 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace nero.exe, verze 6.6.0.6, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 15.1.2012 10:48:43 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 10:48:54 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 10:48:55 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 10:50:52 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 10:54:34 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 12:02:40 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Service Control Manager | ID = 7000
Description = Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.1.2012 12:23:43 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 15.1.2012 12:32:57 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Service Control Manager | ID = 7000
Description = Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.1.2012 13:22:00 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Service Control Manager | ID = 7000
Description = Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 16.1.2012 10:47:07 | Computer Name = PRIVAT-ZEN1VAN7 | Source = Service Control Manager | ID = 7000
Description = Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

[ TuneUp Events ]
Error - 10.8.2011 14:39:56 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-08-10 20:39:56', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','1448',0)

Error - 10.8.2011 14:43:02 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-08-10 20:43:02', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','2460',0)

Error - 15.1.2012 13:00:08 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:00:08', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','3712',0)

Error - 15.1.2012 13:07:37 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:07:37', '\device\harddiskvolume2\documents
and settings\all users\data aplikací\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','3548',0)

Error - 15.1.2012 13:12:54 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:12:54', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','3992',0)

Error - 15.1.2012 13:16:29 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:16:29', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamservice.exe','1616',0)

Error - 15.1.2012 13:16:29 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:16:29', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamgui.exe','1792',0)

Error - 15.1.2012 13:16:49 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:16:49', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','3388',0)

Error - 15.1.2012 13:17:24 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:17:24', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','3328',0)

Error - 15.1.2012 13:18:44 | Computer Name = PRIVAT-ZEN1VAN7 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-01-15 18:18:44', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\unins000.exe','600',0)

< End of report >

#8 Příspěvek od **vyosek** » 16 led 2012 18:19

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- -- (NBService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\NoNaMe\Data aplikací\Facebook\npfbplugin_1_0_3.dll File not found
[2012.01.15 17:21:27 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012.01.04 07:59:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.15 17:21:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com
[2012.01.16 15:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged
[2008.03.27 23:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\temp
[2012.01.15 17:28:51 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com
[2009.04.28 08:45:15 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\daemon-search.xml
[2012.01.11 19:39:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-1.xml
[2008.07.04 13:46:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-2.xml
[2008.07.05 20:09:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-3.xml
[2008.07.21 07:43:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-4.xml
[2008.08.27 17:29:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-5.xml
[2008.10.08 13:32:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-6.xml
[2008.11.15 09:50:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-7.xml
[2008.12.24 20:48:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-8.xml
[2009.05.02 08:32:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-9.xml
[2007.07.25 22:04:52 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
[2012.01.15 17:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\AskToolbar
[2007.09.16 15:40:40 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.23 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Globalization\*.tmp files -> C:\WINDOWS\Globalization\*.tmp -> ]
[9 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2012.01.16 16:01:10 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.01.16 15:51:22 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"ctfmon.exe"=-

:files
C:\Program Files\Ask.com
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Fidolfo · #9 Příspěvek od **Fidolfo** » 16 led 2012 23:07

Tak jsem vše udělal jak bylo napsáno a když mi to restartovalo compa tak to hodilo nějakou chybu..A nešel mi net.Tak jsem dal obnovení systému před úkonem..Log mi to každopádně vyjelo tak tady jej posílám,ale počítám,že budu muset ted hodin novej,že?

All processes killed
========== OTL ==========
Service NBService stopped successfully!
Service NBService deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3\ deleted successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\lib folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local\modules folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults\preferences folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\components folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\chrome folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\temp folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin.xml moved successfully.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{7C5C0F58-E061-457D-9033-77307F5ED00C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C5C0F58-E061-457D-9033-77307F5ED00C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\ deleted successfully.
C:\Program Files\Bonjour\mdnsNSP.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\AskToolbar folder moved successfully.
C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar folder moved successfully.
C:\WINDOWS\003520_.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP165B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E0A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EE6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F6C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20E0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP48.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP86E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP978.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AC.tmp folder deleted successfully.
C:\WINDOWS\Globalization\tl-PH-Nokia.tmp0 deleted successfully.
C:\WINDOWS\Installer\MSI13AF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13ED.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13EE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13EF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13F0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5A8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5E6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5E7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5E8.tmp deleted successfully.
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"Adobe ARM"|C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] /E :invalid edit format. Invalid data type.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: Administrator.PRIVAT-ZEN1VAN7
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 10902870 bytes
->Flash cache emptied: 348 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NoNaMe
->Temp folder emptied: 1684754 bytes
->Temporary Internet Files folder emptied: 7299112 bytes
->Java cache emptied: 194694 bytes
->FireFox cache emptied: 77185962 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 41690 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33251 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 248418 bytes

Total Files Cleaned = 93,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.PRIVAT-ZEN1VAN7
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: NoNaMe
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01162012_215327

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#10 Příspěvek od **vyosek** » 17 led 2012 12:53

Ja uz chybku vidim

Zde novy skript na opravu

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- -- (NBService)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\NoNaMe\Data aplikací\Facebook\npfbplugin_1_0_3.dll File not found
[2012.01.15 17:21:27 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012.01.04 07:59:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.15 17:21:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com
[2012.01.16 15:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged
[2008.03.27 23:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\temp
[2012.01.15 17:28:51 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com
[2009.04.28 08:45:15 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\daemon-search.xml
[2012.01.11 19:39:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-1.xml
[2008.07.04 13:46:20 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-2.xml
[2008.07.05 20:09:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-3.xml
[2008.07.21 07:43:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-4.xml
[2008.08.27 17:29:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-5.xml
[2008.10.08 13:32:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-6.xml
[2008.11.15 09:50:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-7.xml
[2008.12.24 20:48:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-8.xml
[2009.05.02 08:32:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-9.xml
[2007.07.25 22:04:52 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\NONAME\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IGOHPVBM.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
CHR - default_search_provider: search_url = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-1801674531-1229272821-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
[2012.01.15 17:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\AskToolbar
[2007.09.16 15:40:40 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.23 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Globalization\*.tmp files -> C:\WINDOWS\Globalization\*.tmp -> ]
[9 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2012.01.16 16:01:10 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.01.16 15:51:22 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"ctfmon.exe"=-

:files
C:\Program Files\Ask.com
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Fidolfo · #11 Příspěvek od **Fidolfo** » 17 led 2012 15:19

jen se zeptám,tentokrát nemusím nic zaškrtávat?Jen to tam prostě vložím a dám opravit?Nebo zaškrtnu to samé jako při prvotním vyhledávání?A stane se něco když jsem před chvílí ten ASK tolbar odinstaloval?

#12 Příspěvek od **vyosek** » 17 led 2012 15:28

Pokud je ask toolbar odinstalovan, nestane se nic, OTL pripadne polozky s nim spojene nenajde...

Jen vlozte a dejte opravit...

Fidolfo · #13 Příspěvek od **Fidolfo** » 17 led 2012 15:35

super ted to šlo jako po másle...zde log:

All processes killed
========== OTL ==========
Service NBService stopped successfully!
Service NBService deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully!
HKU\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3\ deleted successfully.
Folder C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
Folder C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\ not found.
Folder C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\engine@conduit.com\ not found.
Folder C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\staged\ not found.
C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\temp folder moved successfully.
Folder C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\extensions\toolbar@ask.com\ not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\daemon-search.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-1.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-2.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-3.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-4.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-5.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-6.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-7.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-8.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin-9.xml not found.
File C:\Documents and Settings\NoNaMe\Data aplikací\Mozilla\Firefox\Profiles\igohpvbm.default\searchplugins\icqplugin.xml not found.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{7C5C0F58-E061-457D-9033-77307F5ED00C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C5C0F58-E061-457D-9033-77307F5ED00C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-1229272821-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Folder C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\AskToolbar\ not found.
C:\Documents and Settings\NoNaMe\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\NoNaMe\Data aplikací\ICQ Toolbar folder moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP165B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E0A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EE6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F6C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20E0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP48.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP86E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP978.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AC.tmp folder deleted successfully.
File C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job not found.
File C:\WINDOWS\Tasks\User_Feed_Synchronization-{9716E3FF-47FA-424A-A0C1-C26F54EE88DE}.job not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"Adobe ARM"|C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] /E :invalid edit format. Invalid data type.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Ask.com not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: Administrator.PRIVAT-ZEN1VAN7
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 2665087 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NoNaMe
->Temp folder emptied: 355985 bytes
->Temporary Internet Files folder emptied: 5374063 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55163819 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 38974 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 6648 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 61,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.PRIVAT-ZEN1VAN7
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: NoNaMe
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01172012_153045

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#14 Příspěvek od **vyosek** » 17 led 2012 15:42

Super, udelalo co melo, jak se chova PC

Fidolfo · #15 Příspěvek od **Fidolfo** » 17 led 2012 15:44

řekl bych že se o dost zrychlil a ted šlape jako hodinky...Velká paráda

VIRY.CZ

Prosím o preventivmí kontrolu.Děkuji

Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji

Re: Prosím o preventivmí kontrolu.Děkuji