Kontrola po zásahu expertů

Zpráva

#31 Příspěvek od **vyosek** » 12 dub 2012 22:26

Ono zalezi kolika soubory se musi probrat...tusim pri skenu nemizi, mozna uz ano, vim ze mizi urcite pri moznosti Opravit...Pokud bezi, tak jej nechte...

hunter10 · #32 Příspěvek od **hunter10** » 12 dub 2012 22:31

Jsem z toho srna, kouká na mě pořád stejná nabídka, nikde nic neběží, nikde se nic nehýbe. A je to už pěkná porce minut, diodka na netbooku na mě ale bliká a ve správci úloh se taky data pohybují, ještě ho nechám.

#33 Příspěvek od **vyosek** » 12 dub 2012 22:43

Pokud bezi, tak nechat prosim

hunter10 · #34 Příspěvek od **hunter10** » 12 dub 2012 22:48

Cannot create file C:/User/Netbook/Desktop/cmd.bat

tohle na mě OTL vyplivl.

#35 Příspěvek od **vyosek** » 12 dub 2012 22:56

Hm, zase se ukazal ten pitomej bug OTLka, ktery zatim se nedari opravit

Pouzijte tento (upraveny) skript, jinak postup stejny

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

hunter10 · #36 Příspěvek od **hunter10** » 12 dub 2012 23:50

OTL:

OTL logfile created on: 4/13/2012 12:00:44 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Netbook\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1013.10 Mb Total Physical Memory | 313.96 Mb Available Physical Memory | 30.99% Memory free
1.99 Gb Paging File | 1.13 Gb Available in Paging File | 56.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.78 Gb Total Space | 93.49 Gb Free Space | 42.35% Space Free | Partition Type: NTFS

Computer Name: NETBOOK-PC | User Name: Netbook | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/04/12 22:43:28 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Netbook\Desktop\OTL.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/10/03 03:48:26 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/10/03 03:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/07/31 21:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009/04/08 13:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe

========== Modules (No Company Name) ==========

MOD - [2012/04/09 22:28:48 | 000,444,400 | ---- | M] () -- C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppgooglenaclpluginchrome.dll
MOD - [2012/04/09 22:28:46 | 003,915,248 | ---- | M] () -- C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
MOD - [2012/04/09 22:27:21 | 000,122,880 | ---- | M] () -- C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\avutil-51.dll
MOD - [2012/04/09 22:27:20 | 000,220,672 | ---- | M] () -- C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\avformat-53.dll
MOD - [2012/04/09 22:27:19 | 001,747,456 | ---- | M] () -- C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\avcodec-53.dll
MOD - [2009/10/03 03:48:42 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009/08/16 17:06:04 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/31 21:06:24 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

========== Win32 Services (SafeList) ==========

SRV - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/10/09 13:11:19 | 000,389,120 | R--- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/03 03:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/09/30 23:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/24 04:30:12 | 000,107,016 | ---- | M] (Dritek System Inc.) [Disabled | Stopped] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 11:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/04/08 13:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{081D870C-E0B5-4E62-BFB4-955768C6E708}\MpKslef8505d3.sys -- (MpKslef8505d3)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aqbsryfg)
DRV - [2012/03/07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 01:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/05/28 14:28:22 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/10/19 05:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009/10/09 09:30:06 | 000,102,784 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2009/10/05 03:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/04 07:37:44 | 000,054,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009/07/01 06:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/06/02 13:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 13:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 13:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2009/01/05 08:47:18 | 000,487,168 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes,DefaultScope = {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... 1I7ACAW_cs
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{EEE1A43D-988A-4F72-929F-3970EDBDE3DE}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Netbook\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Netbook\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/12 22:35:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/18 11:13:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/17 22:17:44 | 000,000,000 | ---D | M]

[2010/05/25 20:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Netbook\AppData\Roaming\Mozilla\Extensions
[2012/01/19 20:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\qqbqoa5q.default\extensions
[2011/08/13 17:36:29 | 000,000,000 | ---D | M] (vshare Add-On) -- C:\Users\Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\qqbqoa5q.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}
[2012/04/10 20:17:46 | 000,000,947 | ---- | M] () -- C:\Users\Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\qqbqoa5q.default\searchplugins\icqplugin.xml
[2012/02/16 18:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\NETBOOK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QQBQOA5Q.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/03/18 11:13:18 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/09 20:52:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/31 12:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2010/02/12 00:11:32 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2009/09/21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2012/02/28 10:56:22 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012/02/28 10:56:22 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/09/10 16:46:03 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012/02/28 10:56:22 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012/02/28 10:56:22 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/02/28 10:56:22 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Netbook\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Netbook\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.27_0\
CHR - Extension: avast! WebRep = C:\Users\Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: vshare plugin = C:\Users\Netbook\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\

O1 HOSTS File: ([2012/04/12 21:03:28 | 000,001,018 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81A4568F-EBD7-4229-AF9E-788ED109F30D}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7F69CF2-C5E5-4D13-BEFF-A5109858E2D4}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a6b7da66-6a54-11df-a063-705ab612fb09}\Shell - "" = AutoRun
O33 - MountPoints2\{a6b7da66-6a54-11df-a063-705ab612fb09}\Shell\AutoRun\command - "" = E:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/04/12 22:43:16 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Netbook\Desktop\OTL.exe
[2012/04/12 22:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/04/12 22:35:34 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/04/12 22:35:34 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/04/12 22:35:32 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/04/12 22:35:32 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/04/12 22:35:31 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/04/12 22:35:31 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/04/12 22:34:46 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/04/12 22:34:45 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/04/12 22:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/04/12 22:34:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/04/12 21:52:54 | 000,000,000 | ---D | C] -- C:\Users\Netbook\AppData\Local\VS Revo Group
[2012/04/12 20:48:42 | 000,000,000 | ---D | C] -- C:\Users\Netbook\Desktop\RK_Quarantine
[2012/04/12 17:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/04/12 16:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller
[2012/04/12 13:52:53 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/12 13:52:51 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/04/12 12:32:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/04/12 12:32:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/04/12 12:32:11 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/04/12 12:32:10 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/04/12 12:32:10 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/04/07 01:21:17 | 000,021,848 | ---- | C] (IObit) -- C:\Windows\System32\RegistryDefragBootTime.exe
[2012/04/07 00:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/04/07 00:43:29 | 000,000,000 | ---D | C] -- C:\Users\Netbook\AppData\Roaming\IObit

========== Files - Modified Within 7 Days ==========

[2012/04/13 00:05:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/12 23:32:09 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000UA.job
[2012/04/12 22:43:28 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Netbook\Desktop\OTL.exe
[2012/04/12 22:35:35 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/12 22:35:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/04/12 22:34:50 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/12 22:34:50 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/12 22:33:10 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012/04/12 22:33:10 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/12 22:33:10 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012/04/12 22:33:10 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/12 22:32:25 | 074,761,776 | ---- | M] () -- C:\Users\Netbook\Desktop\avast_free_antivirus_setup.exe
[2012/04/12 22:27:31 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/04/12 22:27:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/12 22:27:11 | 796,729,344 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/12 21:03:28 | 000,001,018 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/04/12 20:47:42 | 001,261,568 | ---- | M] () -- C:\Users\Netbook\Desktop\RogueKiller.exe
[2012/04/12 20:24:00 | 000,781,383 | ---- | M] () -- C:\Users\Netbook\Desktop\RSIT.exe
[2012/04/12 20:17:38 | 000,879,714 | ---- | M] () -- C:\Users\Netbook\Desktop\SecurityCheck.exe
[2012/04/12 16:07:19 | 000,000,042 | ---- | M] () -- C:\Windows\System32\AK083E209605E394C.lie
[2012/04/12 15:51:43 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/12 15:32:02 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000Core.job
[2012/04/12 15:29:04 | 000,002,417 | ---- | M] () -- C:\Users\Netbook\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2012/04/12 22:53:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/04/12 22:35:35 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/12 22:29:57 | 074,761,776 | ---- | C] () -- C:\Users\Netbook\Desktop\avast_free_antivirus_setup.exe
[2012/04/12 20:47:44 | 001,261,568 | ---- | C] () -- C:\Users\Netbook\Desktop\RogueKiller.exe
[2012/04/12 20:24:01 | 000,781,383 | ---- | C] () -- C:\Users\Netbook\Desktop\RSIT.exe
[2012/04/12 20:17:43 | 000,879,714 | ---- | C] () -- C:\Users\Netbook\Desktop\SecurityCheck.exe
[2012/04/12 16:07:19 | 000,000,042 | ---- | C] () -- C:\Windows\System32\AK083E209605E394C.lie
[2012/04/12 15:27:19 | 000,000,970 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000UA.job
[2012/04/12 15:27:18 | 000,000,918 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000Core.job
[2012/04/07 01:45:35 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/01/08 21:24:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011/07/01 05:13:56 | 000,004,608 | ---- | C] () -- C:\Users\Netbook\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/04 02:06:48 | 000,000,226 | ---- | C] () -- C:\Windows\wininit.ini
[2011/05/30 03:12:57 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011/05/30 03:12:57 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011/05/30 03:12:57 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011/05/09 14:46:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/20 21:45:48 | 000,049,152 | R--- | C] () -- C:\Windows\System32\AVerIO.dll
[2010/06/20 21:45:48 | 000,003,456 | R--- | C] () -- C:\Windows\System32\AVerIO.sys
[2010/06/20 21:45:19 | 000,598,016 | R--- | C] () -- C:\Windows\System32\sptlib21.dll
[2010/06/20 21:45:19 | 000,307,200 | R--- | C] () -- C:\Windows\System32\sptlib01.dll
[2010/06/20 21:45:19 | 000,294,912 | R--- | C] () -- C:\Windows\System32\sptlib11.dll
[2010/06/20 21:45:19 | 000,290,816 | R--- | C] () -- C:\Windows\System32\sptlib22.dll
[2010/06/20 21:45:19 | 000,249,856 | R--- | C] () -- C:\Windows\System32\sptlib03.dll
[2010/06/20 21:45:19 | 000,225,280 | R--- | C] () -- C:\Windows\System32\sptlib02.dll
[2010/06/20 21:45:19 | 000,135,168 | R--- | C] () -- C:\Windows\System32\sptlib12.dll
[2010/05/28 14:54:21 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2010/05/28 14:54:21 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJX.BIN
[2010/05/28 14:54:21 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2010/05/28 14:54:21 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2010/05/28 14:54:21 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2010/05/28 14:54:21 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2010/05/25 20:31:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

========== LOP Check ==========

[2011/04/21 16:42:14 | 000,000,000 | -HSD | M] -- C:\Users\Netbook\AppData\Roaming\.#
[2012/03/11 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 13:37:16 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ESET
[2010/05/28 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\GameConsole
[2012/02/08 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ICQ
[2012/04/07 01:40:56 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\IObit
[2012/04/13 04:43:19 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\IrfanView
[2010/05/28 16:56:00 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\OpenOffice.org
[2011/06/03 23:40:02 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Pamela
[2011/06/04 02:07:18 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Pamela Call Recorder
[2011/04/21 16:43:56 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\PlayFirst
[2010/06/19 16:34:53 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\QIP
[2012/01/09 23:46:52 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Sports Interactive
[2012/03/11 18:51:13 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\uTorrent
[2010/07/17 18:11:03 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ViquaSoft
[2010/11/02 22:36:33 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/01/26 19:18:15 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[26 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/04/21 16:42:14 | 000,000,000 | -HSD | M] -- C:\Users\Netbook\AppData\Roaming\.#
[2010/05/26 01:08:20 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Adobe
[2012/03/11 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\DAEMON Tools Lite
[2012/03/05 20:06:06 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\dvdcss
[2011/06/09 13:37:16 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ESET
[2010/05/28 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\GameConsole
[2010/05/25 20:24:04 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Google
[2012/02/08 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ICQ
[2010/05/25 19:50:58 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Identities
[2012/04/07 01:40:56 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\IObit
[2012/04/13 04:43:19 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\IrfanView
[2010/05/25 19:52:13 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Macromedia
[2012/01/31 18:48:22 | 000,000,000 | --SD | M] -- C:\Users\Netbook\AppData\Roaming\Microsoft
[2010/05/25 20:31:43 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Mozilla
[2010/05/28 16:56:00 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\OpenOffice.org
[2011/06/03 23:40:02 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Pamela
[2011/06/04 02:07:18 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Pamela Call Recorder
[2011/04/21 16:43:56 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\PlayFirst
[2010/06/19 16:34:53 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\QIP
[2012/02/28 20:19:46 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Skype
[2011/08/07 20:30:14 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\skypePM
[2012/01/09 23:46:52 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\Sports Interactive
[2012/03/11 18:51:13 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\uTorrent
[2010/07/17 18:11:03 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ViquaSoft
[2012/03/05 21:15:33 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\vlc
[2011/04/18 16:39:14 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011/06/02 19:51:12 | 000,005,430 | R--- | M] () -- C:\Users\Netbook\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe
[2011/06/02 19:51:12 | 000,005,430 | R--- | M] () -- C:\Users\Netbook\AppData\Roaming\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2010/11/02 22:36:33 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/04/12 15:32:02 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000Core.job
[2012/04/13 00:32:03 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/05/28 14:28:22 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/04/12 22:34:50 | 000,009,696 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/12 22:34:50 | 000,009,696 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/12 16:07:19 | 000,000,042 | ---- | M] () -- C:\Windows\system32\AK083E209605E394C.lie
[2012/04/12 22:35:31 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012/04/12 22:27:31 | 000,016,384 | ---- | M] () -- C:\Windows\system32\Ikeext.etl
[2012/04/12 13:54:07 | 055,154,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2012/04/12 22:33:10 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012/04/12 22:33:10 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/04/12 22:33:10 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012/04/12 22:33:10 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/04/12 22:33:10 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Netbook\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/04/12 15:27:09 | 000,116,648 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"msnmsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2010/11/10 02:54:18 | 004,240,760 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/03/18 11:13:18 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=637F2BDC0E53704D121DDD27A1F62090 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/04/13 00:05:37 | 000,000,512 | ---- | M] () MD5=C1D44CDEC480E7F49FD16C2C3FDBABAE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/01/01 20:47:42 | 000,119,335 | ---- | M] () -- \Program Files\Counter-Strike 1.6\nnk\nnk\sprites\fx\Ground_Crack.png
[2010/01/01 20:47:44 | 000,394,146 | ---- | M] () -- \Program Files\Counter-Strike 1.6\nnk\nnk\sprites\general\Ground_Crack.spr
[2010/01/01 21:47:42 | 000,119,335 | ---- | M] () -- \Program Files\Counter-Strike 1.6\nnk\sprites\fx\Ground_Crack.png
[2010/01/01 21:47:44 | 000,394,146 | ---- | M] () -- \Program Files\Counter-Strike 1.6\nnk\sprites\general\Ground_Crack.spr
[2003/12/05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2011/04/26 16:17:40 | 000,663,839 | ---- | M] () -- \Users\Netbook\Downloads\Call of Duty 1 crack.rar
[2010/03/29 02:52:34 | 002,648,651 | ---- | M] () -- \Users\Netbook\Music\Sample\24-Nutcracker Suite, Tschaikovsky-Dance of the Sugar-Plum Fa.mp3

< *keygen* /s >

< *loader* /s >
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2003/09/15 15:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003/09/15 14:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\models\loader.mdl
[2003/09/15 14:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 14:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2010/05/25 21:20:09 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010/05/25 21:20:08 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010/05/25 21:20:09 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010/05/25 21:20:08 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2011/05/16 01:21:01 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011/01/18 11:22:33 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011/01/18 11:23:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010/05/25 21:23:31 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2012/01/24 01:30:48 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/01/24 01:30:50 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/01/24 01:30:48 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/01/24 01:31:24 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010/02/05 23:27:14 | 000,000,015 | ---- | M] () -- \Program Files\TNod User & Password Finder\Licenses Downloader.bat
[2009/06/02 01:16:58 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011/06/24 15:31:26 | 000,006,494 | ---- | M] () -- \Users\Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\qqbqoa5q.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}\chrome\skin\ajax-loader.gif
[2011/06/24 15:31:26 | 000,000,729 | ---- | M] () -- \Users\Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\qqbqoa5q.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}\chrome\skin\loader.gif
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010/01/19 09:47:07 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010/01/19 09:47:07 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010/01/19 09:47:07 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011/06/21 15:59:38 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/06/21 15:59:38 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/06/21 15:59:39 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010/01/19 09:44:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E3C56885
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4CF61E54

< End of report >

hunter10 · #37 Příspěvek od **hunter10** » 12 dub 2012 23:52

Extras:

OTL Extras logfile created on: 4/13/2012 12:00:44 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Netbook\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1013.10 Mb Total Physical Memory | 313.96 Mb Available Physical Memory | 30.99% Memory free
1.99 Gb Paging File | 1.13 Gb Available in Paging File | 56.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.78 Gb Total Space | 93.49 Gb Free Space | 42.35% Space Free | Partition Type: NTFS

Computer Name: NETBOOK-PC | User Name: Netbook | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1584854C-1513-40EA-96D4-493384D0A3C7}" = Readon TV Movie Radio Player 7.2.0.0
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"755087041320E005CB1E8A67C5C55A260EB81B90" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.0.43
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"EB49625FA523D1EE06E9952FD2542653E95D828F" = Windows Driver Package - ENE (EUCR) USB (10/09/2009 5.89.0.59)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Identity Card" = Identity Card
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TNod" = TNod User & Password Finder
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"vShare.tv plugin" = vShare.tv plugin 1.3
"Windows Movie Maker" = Windows Movie Maker
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 6/21/2011 10:14:45 AM | Computer Name = Netbook-PC | Source = .NET Runtime | ID = 1023
Description =

[ System Events ]
Error - 4/12/2012 9:17:22 AM | Computer Name = Netbook-PC | Source = Microsoft Antimalware | ID = 3002
Description =

Error - 4/12/2012 11:15:46 AM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7030
Description = Služba ESET Service je označena jako interaktivní služba. Avšak systém
je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude
fungovat správně.

Error - 4/12/2012 12:45:43 PM | Computer Name = Netbook-PC | Source = BugCheck | ID = 1001
Description =

Error - 4/12/2012 12:46:08 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7034
Description = Služba AVerScheduleService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4/12/2012 12:46:36 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 4/12/2012 12:46:36 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 4/12/2012 4:08:51 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7034
Description = Služba AVerScheduleService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4/12/2012 4:08:59 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 4/12/2012 4:08:59 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 4/12/2012 4:27:44 PM | Computer Name = Netbook-PC | Source = Service Control Manager | ID = 7034
Description = Služba AVerScheduleService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

< End of report >

#38 Příspěvek od **vyosek** » 13 dub 2012 06:29

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{081D870C-E0B5-4E62-BFB4-955768C6E708}\MpKslef8505d3.sys -- (MpKslef8505d3)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aqbsryfg)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60347
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w7402r346
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes,DefaultScope = {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60347
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_cs
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\SearchScopes\{EEE1A43D-988A-4F72-929F-3970EDBDE3DE}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{a6b7da66-6a54-11df-a063-705ab612fb09}\Shell - "" = AutoRun
[2012/04/12 17:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/04/07 01:21:17 | 000,021,848 | ---- | C] (IObit) -- C:\Windows\System32\RegistryDefragBootTime.exe
[2012/04/07 00:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/04/07 00:43:29 | 000,000,000 | ---D | C] -- C:\Users\Netbook\AppData\Roaming\IObit
[2011/04/21 16:42:14 | 000,000,000 | -HSD | M] -- C:\Users\Netbook\AppData\Roaming\.#
[2011/06/09 13:37:16 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\ESET
[2012/04/07 01:40:56 | 000,000,000 | ---D | M] -- C:\Users\Netbook\AppData\Roaming\IObit
[2010/11/02 22:36:33 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/04/12 15:32:02 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000Core.job
[2012/04/13 00:32:03 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000UA.job
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E3C56885
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4CF61E54

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

hunter10 · #39 Příspěvek od **hunter10** » 13 dub 2012 07:00

Dobré jitro

All processes killed
========== OTL ==========
Service TuneUpUtilitiesDrv stopped successfully!
Service TuneUpUtilitiesDrv deleted successfully!
File C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys not found.
Service MpKslef8505d3 stopped successfully!
Service MpKslef8505d3 deleted successfully!
File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{081D870C-E0B5-4E62-BFB4-955768C6E708}\MpKslef8505d3.sys not found.
Error: No service named aqbsryfg was found to stop!
Service\Driver key aqbsryfg not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-3762287767-3604363639-1709770277-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE1A43D-988A-4F72-929F-3970EDBDE3DE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE1A43D-988A-4F72-929F-3970EDBDE3DE}\ not found.
Prefs.js: "Centrum.cz Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}\ deleted successfully.
C:\Program Files\vShare.tv plugin\BarLcher.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ deleted successfully.
File C:\Program Files\vShare.tv plugin\BarLcher.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-3762287767-3604363639-1709770277-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ not found.
File C:\Program Files\vShare.tv plugin\BarLcher.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6b7da66-6a54-11df-a063-705ab612fb09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6b7da66-6a54-11df-a063-705ab612fb09}\ not found.
C:\ProgramData\ESET\ESET Smart Security\Updfiles\temp folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Updfiles\oldfiles folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Updfiles\continuous folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Updfiles folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\SysInspector folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\SupportRequests folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Stats folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Oldfiles folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Logs\eScan folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Logs folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Charon folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\ProgramData\ESET\ESET Smart Security folder moved successfully.
C:\ProgramData\ESET folder moved successfully.
C:\Windows\System32\RegistryDefragBootTime.exe moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V5 folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5\Startup Manager folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Netbook\AppData\Roaming\IObit folder moved successfully.
C:\Users\Netbook\AppData\Roaming\.# folder moved successfully.
C:\Users\Netbook\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Netbook\AppData\Roaming\ESET folder moved successfully.
Folder C:\Users\Netbook\AppData\Roaming\IObit\ not found.
C:\Windows\Tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3762287767-3604363639-1709770277-1000UA.job moved successfully.
ADS C:\ProgramData\TEMP:AB689DEA deleted successfully.
ADS C:\ProgramData\TEMP:5D7E5A8F deleted successfully.
ADS C:\ProgramData\TEMP:4D066AD2 deleted successfully.
ADS C:\ProgramData\TEMP:93DE1838 deleted successfully.
ADS C:\ProgramData\TEMP:E1F04E8D deleted successfully.
ADS C:\ProgramData\TEMP:E3C56885 deleted successfully.
ADS C:\ProgramData\TEMP:ABE89FFE deleted successfully.
ADS C:\ProgramData\TEMP:444C53BA deleted successfully.
ADS C:\ProgramData\TEMP:0B9176C0 deleted successfully.
ADS C:\ProgramData\TEMP:4CF61E54 deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Netbook
->Temp folder emptied: 3171911 bytes
->Temporary Internet Files folder emptied: 170029 bytes
->Java cache emptied: 1908274 bytes
->FireFox cache emptied: 52699488 bytes
->Google Chrome cache emptied: 8867767 bytes
->Flash cache emptied: 493 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12714258 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 76.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Netbook
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.39.2 log created on 04132012_075047

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#40 Příspěvek od **vyosek** » 13 dub 2012 07:01

Dobre rano

OTL udelalo co melo, co nas pacient

hunter10 · #41 Příspěvek od **hunter10** » 13 dub 2012 07:04

Zdá se mi, že je paradoxně trochu pomalejší, jinak nic zásadního, CCleaner nehlásí žádný problém s registry ani nic podobného.

#42 Příspěvek od **vyosek** » 13 dub 2012 07:06

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Napiste ci zmena

hunter10 · #43 Příspěvek od **hunter10** » 13 dub 2012 07:28

Fragmentováno bylo 9%, zdá se ještě chvilku potrvá...

Na ploše mám pořád zbytky z RogueKillera

#44 Příspěvek od **vyosek** » 13 dub 2012 07:29

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

hunter10 · #45 Příspěvek od **hunter10** » 13 dub 2012 07:43

Defragmentováno 2%

Remaining time: >1 day

VIRY.CZ

Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů

Re: Kontrola po zásahu expertů