Zdravim experty,
můj problém spočívá v tom, že se PC občas zasekne, když se chci dostat na disk, zamrzne to a složka se otevře třeba po 15 sekundách. Občas se sám resetne explorer (zmizí a zase se objeví ikony na ploše). Posílám log z RSIT, a za jakokoukoliv radu, která mi pomůže vyřešit problém (co smazat popř. zakázat) budu moc vděčnej.
------------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Josha at 2010-04-15 15:34:40
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 59 GB (59%) free of 100 GB
Total RAM: 3326 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:02, on 15.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DeltTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Download\Firefox\RSIT.exe
C:\Program Files\trend micro\Josha.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="c:\nvidia\winxp\182.50\is\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 5638 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2009-03-04 1196032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-06-29 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-16 163840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2009-03-04 1196032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"DeltTray"=C:\WINDOWS\system32\DeltTray.exe [2004-08-26 56320]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2009-03-27 86016]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2005-05-18 917504]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2009-04-09 2176000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST WISE_SETUP_EXE_PATH=c:\nvidia\winxp\182.50\is\PhysX_9.09.0203_SystemSoftware.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-09-13 278528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Yaho's Miranda IM\miranda32.exe"="C:\Program Files\Yaho's Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\InterVideo\DVD7\WinDVD.exe"="C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56eb7d92-fee2-11de-a612-001fd0a0c583}]
shell\AutoRun\command - I:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb987e36-43c9-11df-a735-001fd0a0c583}]
shell\AutoRun\command - I:\Launcher.exe
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2010-04-15 15:34:41 ----D---- C:\Program Files\trend micro
2010-04-15 15:34:40 ----D---- C:\rsit
2010-04-15 14:42:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 14:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 14:41:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 14:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 14:41:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 14:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 14:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-01 12:09:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-27 20:18:39 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2010-03-27 12:23:18 ----HD---- C:\WINDOWS\PIF
======List of files/folders modified in the last 1 months======
2010-04-15 15:34:49 ----D---- C:\WINDOWS\Prefetch
2010-04-15 15:34:41 ----RD---- C:\Program Files
2010-04-15 15:22:45 ----D---- C:\Program Files\Crawler
2010-04-15 15:22:16 ----D---- C:\hijackthis
2010-04-15 15:08:30 ----D---- C:\WINDOWS\Temp
2010-04-15 15:08:29 ----AD---- C:\WINDOWS
2010-04-15 15:08:12 ----D---- C:\WINDOWS\system32
2010-04-15 15:07:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 14:42:08 ----HD---- C:\WINDOWS\inf
2010-04-15 14:42:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 14:42:02 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 14:42:00 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 14:41:56 ----D---- C:\WINDOWS\system32\drivers
2010-04-15 14:41:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 14:39:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-04-14 20:10:16 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2010-04-14 20:01:14 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-14 18:06:21 ----D---- C:\Documents and Settings\Josha\Data aplikací\Spyware Terminator
2010-04-10 10:25:06 ----D---- C:\Program Files\Mozilla Firefox
2010-04-09 13:28:34 ----D---- C:\Program Files\WinClamAVShield
2010-03-31 15:02:29 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-29 17:36:26 ----D---- C:\Program Files\Spyware Terminator
2010-03-21 20:04:10 ----A---- C:\WINDOWS\wincmd.ini
2010-03-20 22:15:52 ----D---- C:\Download
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\System32\drivers\amon.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 DELTA;Service for Delta Driver (WDM); C:\WINDOWS\System32\DRIVERS\delta.sys [2004-09-10 291456]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-04-09 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2009-03-27 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-04-09 487424]
S2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-07-11 80392]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zasekávání pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zasekávání pc
Zdravím 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
CREATERESTOREPOINT- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: zasekávání pc
OTL logfile created on: 15.4.2010 19:48:26 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Download\Firefox
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 82,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 55,91 Gb Free Space | 57,25% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 431,83 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
Drive E: | 345,57 Gb Total Space | 40,48 Gb Free Space | 11,71% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 93,13 Gb Free Space | 83,31% Space Free | Partition Type: NTFS
Drive G: | 111,78 Gb Total Space | 111,71 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,91 Gb Total Space | 0,10 Gb Free Space | 5,32% Space Free | Partition Type: FAT
Computer Name: JSM
Current User Name: Josha
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.15 19:40:51 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Download\Firefox\OTL.exe
PRC - [2010.04.10 10:25:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.04.09 19:46:54 | 000,495,616 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2009.04.09 13:01:41 | 002,176,000 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009.04.09 13:01:41 | 000,487,424 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.04.14 08:52:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.18 13:54:30 | 000,917,504 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004.08.26 22:43:06 | 000,056,320 | ---- | M] (Doug Fetter Software Wizardry) -- C:\WINDOWS\system32\delttray.exe
========== Modules (SafeList) ==========
MOD - [2010.04.15 19:40:51 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Download\Firefox\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.04.09 19:46:54 | 000,495,616 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.04.09 13:01:41 | 000,487,424 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2010.04.15 15:08:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009.04.09 19:46:54 | 000,502,208 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2009.04.09 13:01:41 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.03.27 10:03:00 | 006,280,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.16 09:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2004.09.10 11:28:46 | 000,291,456 | ---- | M] (Midiman/M-Audio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\delta.sys -- (DELTA) Service for Delta Driver (WDM)
DRV - [2002.07.17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-1844823847-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2009.04.20 13:37:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.10 10:25:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.10 10:25:04 | 000,000,000 | ---D | M]
[2010.01.11 21:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Extensions
[2010.01.11 21:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.03.18 12:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions
[2010.02.04 12:11:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.07.05 08:18:41 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.02.18 18:49:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.03.18 12:57:13 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.18 12:57:13 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.18 12:57:13 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.18 12:57:13 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.18 12:57:13 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2001.10.25 16:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\..\Toolbar\ShellBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [DeltTray] C:\WINDOWS\System32\delttray.exe (Doug Fetter Software Wizardry)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O4 - HKU\S-1-5-21-606747145-1844823847-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.35.51.254 192.168.0.1
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Josha\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Josha\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.09 19:03:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{56eb7d92-fee2-11de-a612-001fd0a0c583}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{eb987e36-43c9-11df-a735-001fd0a0c583}\Shell\AutoRun\command - "" = I:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.09 20:51:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
[2010.04.15 15:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.15 15:34:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.31 15:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josha\Plocha\tata
[2010.03.28 13:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josha\Plocha\rizzah
[2010.03.27 20:18:39 | 000,022,528 | ---- | C] (Jukka Poikolainen Software) -- C:\WINDOWS\System32\WNASPI32.DLL
[2010.03.27 20:18:39 | 000,016,512 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2010.03.27 12:23:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009.04.09 19:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.04.09 19:03:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.04.09 19:03:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.04.09 14:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[8 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[209 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.15 18:41:58 | 000,015,856 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\klavesy.JPG
[2010.04.15 18:14:41 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\Josha\NTUSER.DAT
[2010.04.15 15:34:58 | 000,000,119 | ---- | M] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT
[2010.04.15 15:21:53 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.04.15 15:08:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.04.15 15:08:17 | 000,208,485 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.15 15:08:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.15 15:08:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.15 14:44:42 | 013,538,014 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\jsm-snipet2010-01.mp3
[2010.04.15 14:42:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010.04.14 20:01:14 | 000,160,256 | ---- | M] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.14 20:01:14 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.14 18:05:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.12 18:23:34 | 006,952,846 | -H-- | M] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\IconCache.db
[2010.04.11 21:46:48 | 002,783,193 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\jsm_snipetz2.mp3
[2010.03.31 15:02:30 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.31 15:02:30 | 000,437,832 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.31 15:02:30 | 000,082,552 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.31 15:02:30 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.31 15:02:29 | 001,046,954 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.21 20:04:10 | 000,000,928 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[209 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.15 18:14:29 | 000,015,856 | ---- | C] () -- C:\Documents and Settings\Josha\Plocha\klavesy.JPG
[2010.04.11 21:46:48 | 002,783,193 | ---- | C] () -- C:\Documents and Settings\Josha\Plocha\jsm_snipetz2.mp3
[2009.12.18 17:47:21 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.10.30 16:17:28 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.08.10 20:16:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.06.24 12:29:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.06.24 12:29:06 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.06.24 12:29:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.06.24 12:29:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.06.24 12:29:06 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.06.24 12:29:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.06.01 15:05:23 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.04.12 20:40:10 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.12 20:35:32 | 000,000,220 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.04.12 20:16:22 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2009.04.12 15:18:19 | 000,510,976 | ---- | C] () -- C:\WINDOWS\System32\synsoacc.dll
[2009.04.11 13:38:14 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejcp.ini
[2009.04.11 13:38:11 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejlh.ini
[2009.04.11 13:38:08 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejgc.ini
[2009.04.11 13:38:06 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejmn.ini
[2009.04.11 13:38:06 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejjm.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejnd.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejeg.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejdn.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejbb.ini
[2009.04.10 20:31:38 | 000,160,256 | ---- | C] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.09 19:44:24 | 000,000,928 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.09 19:07:07 | 008,126,464 | -H-- | C] () -- C:\Documents and Settings\Josha\NTUSER.DAT
[2009.04.09 19:07:07 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Josha\ntuser.dat.LOG
[2009.04.09 19:07:07 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Josha\ntuser.ini
[2009.04.09 13:38:29 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\fusioncache.dat
[2009.04.09 13:23:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.04.09 13:01:41 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.03.27 10:03:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.03.27 10:03:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.03.27 10:03:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.03.27 10:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2001.10.25 16:00:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\_003845_.tmp.dll
========== LOP Check ==========
[2009.12.16 18:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.15 14:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.08.25 08:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Steinberg
[2010.01.11 21:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2009.04.12 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Applied Acoustics Systems
[2009.12.16 18:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\DAEMON Tools Lite
[2010.01.30 16:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\ICQ
[2009.06.24 12:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InterVideo
[2009.04.12 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\NetMedia Providers
[2009.11.12 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Publish Providers
[2009.04.12 20:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony
[2009.04.09 13:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup
[2010.04.14 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Spyware Terminator
[2009.08.25 08:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Steinberg
[2009.08.08 10:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Thinstall
[2010.01.11 21:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\TomTom
[2009.10.19 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\uTorrent
[2010.04.15 15:21:53 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 13:49:26 | 000,153,136 | ---- | M] (Nero AG)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[7 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.27 15:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Adobe
[2009.04.12 19:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Ahead
[2009.04.19 17:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Apple Computer
[2009.04.12 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Applied Acoustics Systems
[2009.12.16 18:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\DAEMON Tools Lite
[2009.04.10 10:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Help
[2010.01.30 16:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\ICQ
[2009.04.09 19:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Identities
[2009.04.09 19:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InstallShield
[2009.06.24 12:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InterVideo
[2009.04.10 08:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Macromedia
[2010.02.17 20:27:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Josha\Data aplikací\Microsoft
[2009.10.30 16:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Microsoft Web Folders
[2009.04.09 12:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla
[2009.04.12 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\NetMedia Providers
[2009.11.12 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Publish Providers
[2009.04.12 20:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony
[2009.04.09 13:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup
[2010.04.14 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Spyware Terminator
[2009.08.25 08:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Steinberg
[2009.04.10 08:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sun
[2009.08.08 10:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Thinstall
[2010.01.11 21:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\TomTom
[2009.10.19 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\uTorrent
[2009.04.11 13:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Winamp
[2009.06.25 10:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.04.09 13:44:26 | 023,510,720 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe
[2009.08.08 10:55:26 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Josha\Data aplikací\Thinstall\Native Instruments Elektrik Piano 1.5\40000011600002i\deltapnl.exe
[2009.08.08 10:55:12 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Josha\Data aplikací\Thinstall\Native Instruments Elektrik Piano 1.5\400000f4500002i\Elektrik Piano 1.5.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[209 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.04.09 20:54:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.09 20:54:52 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.09 20:54:52 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[209 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:73FF815D08E4021F
< End of report >
-----------------------------------------------------------------------
extras:
OTL Extras logfile created on: 15.4.2010 19:48:26 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Download\Firefox
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 82,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 55,91 Gb Free Space | 57,25% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 431,83 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
Drive E: | 345,57 Gb Total Space | 40,48 Gb Free Space | 11,71% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 93,13 Gb Free Space | 83,31% Space Free | Partition Type: NTFS
Drive G: | 111,78 Gb Total Space | 111,71 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,91 Gb Total Space | 0,10 Gb Free Space | 5,32% Space Free | Partition Type: FAT
Computer Name: JSM
Current User Name: Josha
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-606747145-1844823847-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Yaho's Miranda IM\miranda32.exe" = C:\Program Files\Yaho's Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- File not found
"C:\Program Files\InterVideo\DVD7\WinDVD.exe" = C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00110405-78E1-11D2-B60F-006097C998E7}" = Microsoft Excel 2000
"{00170405-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27555031-A116-4EC6-9991-7B400142A936}" = HP PSC & OfficeJet 6.1.A
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{4C4D25EB-6513-4702-8355-F4194DE2E1D9}" = Waves 4.0
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{5636E517-8100-4E2A-B69E-2B16AFFA2360}" = Sony Sound Forge 8.0d
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}" = ACID Pro 7.0
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4810699-E859-43A6-8F40-1743873E72AB}" = Delta
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ADEBB98C-DCD0-4369-BC4A-71B342CF55B2}" = HT Fireman CD/DVD Burner
"{B561F0D9-32FA-4F04-A336-317EB3897D2A}" = Steinberg Cubase AI 4
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"µTorrent CZ_is1" = µTorrent CZ 1.8.4 (build 16688)
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Antares Tube v1.0" = Antares Tube v1.0
"Applied Accoustics String Studio VS 1 VST DX v1.0" = Applied Accoustics String Studio VS 1 VST DX v1.0
"Applied Accoustics UltraAnalog VA-1 v1.01" = Applied Accoustics UltraAnalog VA-1 v1.01
"CDex" = CDex extraction audio
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"Edirol Super Quartet v1.01" = Edirol Super Quartet v1.01
"Fatsondo_is1" = Fatsondo 2.0
"FlashGet" = FlashGet 1.9.0.1012
"GForce impOSCar v1.10 VSTi RTAS" = GForce impOSCar v1.10 VSTi RTAS
"HijackThis" = HijackThis 2.0.2
"InterActual Player" = InterActual Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Battery" = Native Instruments Battery
"Native Instruments FM7 Presets Addon 1" = Native Instruments FM7 Presets Addon 1
"Native Instruments FM7 v1.10.006" = Native Instruments FM7 v1.10.006
"NOD32" = Antivirový systém NOD32
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"PSP_Audioware_Stereo_Pack_DX_RTAS_VST_v1.8-PLZ" = PSP_Audioware_Stereo_Pack_DX_RTAS_VST_v1.8-PLZ
"ReFX JunoX2 VSTi v1.51" = ReFX JunoX2 VSTi v1.51
"rgcAudio z3ta+ v1.1" = rgcAudio z3ta+ v1.1
"Spyware Terminator_is1" = Spyware Terminator
"Steinberg Dcota v1.0" = Steinberg Dcota v1.0
"Steinberg Hypersonic v1.0" = Steinberg Hypersonic v1.0
"Steinberg Magneto VST v1.5" = Steinberg Magneto VST v1.5
"Steinberg PLEX VSTi v1.0" = Steinberg PLEX VSTi v1.0
"Synapse Junglist VSTi v3.2" = Synapse Junglist VSTi v3.2
"The KMPlayer" = The KMPlayer (remove only)
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Totalcmd" = Total Commander (Remove or Repair)
"Vanguard Demo_is1" = Vanguard Demo 1.03
"Virtual Guitarist EE Fx VST" = Virtual Guitarist EE Fx VST
"Warp VST V1.0" = Warp VST V1.0
"Wave Arts Power Suite" = Wave Arts Power Suite
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.1.2010 14:50:08 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 18.1.2010 5:38:28 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace acid70.exe, verze 7.0.0.536, chybující modul ntdll.dll,
verze 5.1.2600.5512, adresa chyby 0x000109f9.
Error - 18.1.2010 12:54:52 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 18.1.2010 15:41:07 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 19.1.2010 6:18:45 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 4:17:38 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 6:46:27 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 6:58:51 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ivih264.dll, verze 2.2.4.2, adresa chyby 0x0002071f.
Error - 21.1.2010 13:51:45 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace acid70.exe, verze 7.0.0.536, chybující modul ntdll.dll,
verze 5.1.2600.5512, adresa chyby 0x000109f9.
Error - 22.1.2010 9:05:44 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ivih264.dll, verze 2.2.4.2, adresa chyby 0x0002071f.
[ System Events ]
Error - 15.4.2010 8:39:25 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 8:39:25 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 8:39:39 | Computer Name = JSM | Source = Service Control Manager | ID = 7000
Description = Služba gdrv neuspěla při spuštění v důsledku následující chyby: %%5
Error - 15.4.2010 8:39:44 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba GEST Service for program management. byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 15.4.2010 9:08:16 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:16 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:17 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:29 | Computer Name = JSM | Source = Service Control Manager | ID = 7000
Description = Služba gdrv neuspěla při spuštění v důsledku následující chyby: %%5
Error - 15.4.2010 9:13:32 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba GEST Service for program management. byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 15.4.2010 9:23:01 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba TomTomHOMEService byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Download\Firefox
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 82,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 55,91 Gb Free Space | 57,25% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 431,83 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
Drive E: | 345,57 Gb Total Space | 40,48 Gb Free Space | 11,71% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 93,13 Gb Free Space | 83,31% Space Free | Partition Type: NTFS
Drive G: | 111,78 Gb Total Space | 111,71 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,91 Gb Total Space | 0,10 Gb Free Space | 5,32% Space Free | Partition Type: FAT
Computer Name: JSM
Current User Name: Josha
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.15 19:40:51 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Download\Firefox\OTL.exe
PRC - [2010.04.10 10:25:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.04.09 19:46:54 | 000,495,616 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2009.04.09 13:01:41 | 002,176,000 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009.04.09 13:01:41 | 000,487,424 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.04.14 08:52:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.18 13:54:30 | 000,917,504 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004.08.26 22:43:06 | 000,056,320 | ---- | M] (Doug Fetter Software Wizardry) -- C:\WINDOWS\system32\delttray.exe
========== Modules (SafeList) ==========
MOD - [2010.04.15 19:40:51 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Download\Firefox\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.04.09 19:46:54 | 000,495,616 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.04.09 13:01:41 | 000,487,424 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.11 19:00:06 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2010.04.15 15:08:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009.04.09 19:46:54 | 000,502,208 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2009.04.09 13:01:41 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.03.27 10:03:00 | 006,280,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.16 09:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2004.09.10 11:28:46 | 000,291,456 | ---- | M] (Midiman/M-Audio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\delta.sys -- (DELTA) Service for Delta Driver (WDM)
DRV - [2002.07.17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-1844823847-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2009.04.20 13:37:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.10 10:25:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.10 10:25:04 | 000,000,000 | ---D | M]
[2010.01.11 21:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Extensions
[2010.01.11 21:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.03.18 12:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions
[2010.02.04 12:11:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.07.05 08:18:41 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Josha\Data aplikací\Mozilla\Firefox\Profiles\gvdpsvgl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.02.18 18:49:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.03.18 12:57:13 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.18 12:57:13 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.18 12:57:13 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.18 12:57:13 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.18 12:57:13 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2001.10.25 16:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\..\Toolbar\ShellBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [DeltTray] C:\WINDOWS\System32\delttray.exe (Doug Fetter Software Wizardry)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O4 - HKU\S-1-5-21-606747145-1844823847-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1844823847-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.35.51.254 192.168.0.1
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Josha\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Josha\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.09 19:03:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{56eb7d92-fee2-11de-a612-001fd0a0c583}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{eb987e36-43c9-11df-a735-001fd0a0c583}\Shell\AutoRun\command - "" = I:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.09 20:51:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
[2010.04.15 15:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.15 15:34:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.31 15:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josha\Plocha\tata
[2010.03.28 13:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josha\Plocha\rizzah
[2010.03.27 20:18:39 | 000,022,528 | ---- | C] (Jukka Poikolainen Software) -- C:\WINDOWS\System32\WNASPI32.DLL
[2010.03.27 20:18:39 | 000,016,512 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2010.03.27 12:23:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009.04.09 19:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.04.09 19:03:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.04.09 19:03:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.04.09 14:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[8 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[209 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.15 18:41:58 | 000,015,856 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\klavesy.JPG
[2010.04.15 18:14:41 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\Josha\NTUSER.DAT
[2010.04.15 15:34:58 | 000,000,119 | ---- | M] () -- C:\WINDOWS\System32\BIN_STRSBW.SPT
[2010.04.15 15:21:53 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.04.15 15:08:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.04.15 15:08:17 | 000,208,485 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.15 15:08:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.15 15:08:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.15 14:44:42 | 013,538,014 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\jsm-snipet2010-01.mp3
[2010.04.15 14:42:00 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010.04.14 20:10:16 | 000,000,016 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010.04.14 20:01:14 | 000,160,256 | ---- | M] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.14 20:01:14 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.14 18:05:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.12 18:23:34 | 006,952,846 | -H-- | M] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\IconCache.db
[2010.04.11 21:46:48 | 002,783,193 | ---- | M] () -- C:\Documents and Settings\Josha\Plocha\jsm_snipetz2.mp3
[2010.03.31 15:02:30 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.31 15:02:30 | 000,437,832 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.31 15:02:30 | 000,082,552 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.31 15:02:30 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.31 15:02:29 | 001,046,954 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.21 20:04:10 | 000,000,928 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[209 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.15 18:14:29 | 000,015,856 | ---- | C] () -- C:\Documents and Settings\Josha\Plocha\klavesy.JPG
[2010.04.11 21:46:48 | 002,783,193 | ---- | C] () -- C:\Documents and Settings\Josha\Plocha\jsm_snipetz2.mp3
[2009.12.18 17:47:21 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.10.30 16:17:28 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.08.10 20:16:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.06.24 12:29:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.06.24 12:29:06 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.06.24 12:29:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.06.24 12:29:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.06.24 12:29:06 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.06.24 12:29:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.06.01 15:05:23 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.04.12 20:40:10 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.12 20:35:32 | 000,000,220 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.04.12 20:16:22 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2009.04.12 15:18:19 | 000,510,976 | ---- | C] () -- C:\WINDOWS\System32\synsoacc.dll
[2009.04.11 13:38:14 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejcp.ini
[2009.04.11 13:38:11 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejlh.ini
[2009.04.11 13:38:08 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejgc.ini
[2009.04.11 13:38:06 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejmn.ini
[2009.04.11 13:38:06 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejjm.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejnd.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejeg.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejdn.ini
[2009.04.11 13:38:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\ocdiejbb.ini
[2009.04.10 20:31:38 | 000,160,256 | ---- | C] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.09 19:44:24 | 000,000,928 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.09 19:07:07 | 008,126,464 | -H-- | C] () -- C:\Documents and Settings\Josha\NTUSER.DAT
[2009.04.09 19:07:07 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Josha\ntuser.dat.LOG
[2009.04.09 19:07:07 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Josha\ntuser.ini
[2009.04.09 13:38:29 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Josha\Local Settings\Data aplikací\fusioncache.dat
[2009.04.09 13:23:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.04.09 13:01:41 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.03.27 10:03:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.03.27 10:03:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.03.27 10:03:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.03.27 10:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2001.10.25 16:00:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\_003845_.tmp.dll
========== LOP Check ==========
[2009.12.16 18:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.15 14:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.08.25 08:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Steinberg
[2010.01.11 21:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2009.04.12 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Applied Acoustics Systems
[2009.12.16 18:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\DAEMON Tools Lite
[2010.01.30 16:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\ICQ
[2009.06.24 12:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InterVideo
[2009.04.12 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\NetMedia Providers
[2009.11.12 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Publish Providers
[2009.04.12 20:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony
[2009.04.09 13:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup
[2010.04.14 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Spyware Terminator
[2009.08.25 08:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Steinberg
[2009.08.08 10:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Thinstall
[2010.01.11 21:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\TomTom
[2009.10.19 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\uTorrent
[2010.04.15 15:21:53 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 13:49:26 | 000,153,136 | ---- | M] (Nero AG)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[7 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.27 15:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Adobe
[2009.04.12 19:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Ahead
[2009.04.19 17:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Apple Computer
[2009.04.12 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Applied Acoustics Systems
[2009.12.16 18:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\DAEMON Tools Lite
[2009.04.10 10:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Help
[2010.01.30 16:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\ICQ
[2009.04.09 19:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Identities
[2009.04.09 19:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InstallShield
[2009.06.24 12:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\InterVideo
[2009.04.10 08:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Macromedia
[2010.02.17 20:27:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Josha\Data aplikací\Microsoft
[2009.10.30 16:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Microsoft Web Folders
[2009.04.09 12:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Mozilla
[2009.04.12 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\NetMedia Providers
[2009.11.12 20:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Publish Providers
[2009.04.12 20:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony
[2009.04.09 13:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup
[2010.04.14 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Spyware Terminator
[2009.08.25 08:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Steinberg
[2009.04.10 08:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Sun
[2009.08.08 10:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Thinstall
[2010.01.11 21:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\TomTom
[2009.10.19 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\uTorrent
[2009.04.11 13:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\Winamp
[2009.06.25 10:42:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josha\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.04.09 13:44:26 | 023,510,720 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Josha\Data aplikací\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe
[2009.08.08 10:55:26 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Josha\Data aplikací\Thinstall\Native Instruments Elektrik Piano 1.5\40000011600002i\deltapnl.exe
[2009.08.08 10:55:12 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Josha\Data aplikací\Thinstall\Native Instruments Elektrik Piano 1.5\400000f4500002i\Elektrik Piano 1.5.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[209 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.04.09 20:54:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.09 20:54:52 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.09 20:54:52 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[209 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:73FF815D08E4021F
< End of report >
-----------------------------------------------------------------------
extras:
OTL Extras logfile created on: 15.4.2010 19:48:26 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Download\Firefox
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 82,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 55,91 Gb Free Space | 57,25% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 431,83 Gb Free Space | 88,44% Space Free | Partition Type: NTFS
Drive E: | 345,57 Gb Total Space | 40,48 Gb Free Space | 11,71% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 93,13 Gb Free Space | 83,31% Space Free | Partition Type: NTFS
Drive G: | 111,78 Gb Total Space | 111,71 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,91 Gb Total Space | 0,10 Gb Free Space | 5,32% Space Free | Partition Type: FAT
Computer Name: JSM
Current User Name: Josha
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-606747145-1844823847-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Yaho's Miranda IM\miranda32.exe" = C:\Program Files\Yaho's Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- File not found
"C:\Program Files\InterVideo\DVD7\WinDVD.exe" = C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00110405-78E1-11D2-B60F-006097C998E7}" = Microsoft Excel 2000
"{00170405-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27555031-A116-4EC6-9991-7B400142A936}" = HP PSC & OfficeJet 6.1.A
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{4C4D25EB-6513-4702-8355-F4194DE2E1D9}" = Waves 4.0
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{5636E517-8100-4E2A-B69E-2B16AFFA2360}" = Sony Sound Forge 8.0d
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0711.1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}" = ACID Pro 7.0
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4810699-E859-43A6-8F40-1743873E72AB}" = Delta
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{ADEBB98C-DCD0-4369-BC4A-71B342CF55B2}" = HT Fireman CD/DVD Burner
"{B561F0D9-32FA-4F04-A336-317EB3897D2A}" = Steinberg Cubase AI 4
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"µTorrent CZ_is1" = µTorrent CZ 1.8.4 (build 16688)
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Antares Tube v1.0" = Antares Tube v1.0
"Applied Accoustics String Studio VS 1 VST DX v1.0" = Applied Accoustics String Studio VS 1 VST DX v1.0
"Applied Accoustics UltraAnalog VA-1 v1.01" = Applied Accoustics UltraAnalog VA-1 v1.01
"CDex" = CDex extraction audio
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"Edirol Super Quartet v1.01" = Edirol Super Quartet v1.01
"Fatsondo_is1" = Fatsondo 2.0
"FlashGet" = FlashGet 1.9.0.1012
"GForce impOSCar v1.10 VSTi RTAS" = GForce impOSCar v1.10 VSTi RTAS
"HijackThis" = HijackThis 2.0.2
"InterActual Player" = InterActual Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Battery" = Native Instruments Battery
"Native Instruments FM7 Presets Addon 1" = Native Instruments FM7 Presets Addon 1
"Native Instruments FM7 v1.10.006" = Native Instruments FM7 v1.10.006
"NOD32" = Antivirový systém NOD32
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"PSP_Audioware_Stereo_Pack_DX_RTAS_VST_v1.8-PLZ" = PSP_Audioware_Stereo_Pack_DX_RTAS_VST_v1.8-PLZ
"ReFX JunoX2 VSTi v1.51" = ReFX JunoX2 VSTi v1.51
"rgcAudio z3ta+ v1.1" = rgcAudio z3ta+ v1.1
"Spyware Terminator_is1" = Spyware Terminator
"Steinberg Dcota v1.0" = Steinberg Dcota v1.0
"Steinberg Hypersonic v1.0" = Steinberg Hypersonic v1.0
"Steinberg Magneto VST v1.5" = Steinberg Magneto VST v1.5
"Steinberg PLEX VSTi v1.0" = Steinberg PLEX VSTi v1.0
"Synapse Junglist VSTi v3.2" = Synapse Junglist VSTi v3.2
"The KMPlayer" = The KMPlayer (remove only)
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Totalcmd" = Total Commander (Remove or Repair)
"Vanguard Demo_is1" = Vanguard Demo 1.03
"Virtual Guitarist EE Fx VST" = Virtual Guitarist EE Fx VST
"Warp VST V1.0" = Warp VST V1.0
"Wave Arts Power Suite" = Wave Arts Power Suite
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.1.2010 14:50:08 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 18.1.2010 5:38:28 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace acid70.exe, verze 7.0.0.536, chybující modul ntdll.dll,
verze 5.1.2600.5512, adresa chyby 0x000109f9.
Error - 18.1.2010 12:54:52 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 18.1.2010 15:41:07 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 19.1.2010 6:18:45 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 4:17:38 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 6:46:27 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace GSvr.exe, verze 0.0.0.0, chybující modul GSvr.exe,
verze 0.0.0.0, adresa chyby 0x00002398.
Error - 20.1.2010 6:58:51 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ivih264.dll, verze 2.2.4.2, adresa chyby 0x0002071f.
Error - 21.1.2010 13:51:45 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace acid70.exe, verze 7.0.0.536, chybující modul ntdll.dll,
verze 5.1.2600.5512, adresa chyby 0x000109f9.
Error - 22.1.2010 9:05:44 | Computer Name = JSM | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ivih264.dll, verze 2.2.4.2, adresa chyby 0x0002071f.
[ System Events ]
Error - 15.4.2010 8:39:25 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 8:39:25 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 8:39:39 | Computer Name = JSM | Source = Service Control Manager | ID = 7000
Description = Služba gdrv neuspěla při spuštění v důsledku následující chyby: %%5
Error - 15.4.2010 8:39:44 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba GEST Service for program management. byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 15.4.2010 9:08:16 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:16 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:17 | Computer Name = JSM | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 15.4.2010 9:08:29 | Computer Name = JSM | Source = Service Control Manager | ID = 7000
Description = Služba gdrv neuspěla při spuštění v důsledku následující chyby: %%5
Error - 15.4.2010 9:13:32 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba GEST Service for program management. byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 15.4.2010 9:23:01 | Computer Name = JSM | Source = Service Control Manager | ID = 7034
Description = Služba TomTomHOMEService byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zasekávání pc
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
[8 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[209 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:73FF815D08E4021F
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]C:\WINDOWS\System32\_003845_.tmp.dll
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Re: zasekávání pc
LOG:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ deleted successfully.
C:\WINDOWS\Fonts\SETB0B.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0C.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0D.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0E.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0F.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB10.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB11.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB12.tmp deleted successfully.
C:\WINDOWS\002310_.tmp deleted successfully.
C:\WINDOWS\002329_.tmp deleted successfully.
C:\WINDOWS\005291_.tmp deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\SETAEC.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET15D3.tmp deleted successfully.
C:\WINDOWS\System32\SET15D5.tmp deleted successfully.
C:\WINDOWS\System32\SET15D8.tmp deleted successfully.
C:\WINDOWS\System32\SET7B7.tmp deleted successfully.
C:\WINDOWS\System32\SET7BC.tmp deleted successfully.
C:\WINDOWS\System32\SET7BF.tmp deleted successfully.
C:\WINDOWS\System32\SET7C1.tmp deleted successfully.
C:\WINDOWS\System32\SET7C3.tmp deleted successfully.
C:\WINDOWS\System32\SET7CA.tmp deleted successfully.
C:\WINDOWS\System32\SET7CB.tmp deleted successfully.
C:\WINDOWS\System32\SET7CE.tmp deleted successfully.
C:\WINDOWS\System32\SET7DD.tmp deleted successfully.
C:\WINDOWS\System32\SET7E3.tmp deleted successfully.
C:\WINDOWS\System32\SET7E4.tmp deleted successfully.
C:\WINDOWS\System32\SET7E6.tmp deleted successfully.
C:\WINDOWS\System32\SET7E7.tmp deleted successfully.
C:\WINDOWS\System32\SET7E8.tmp deleted successfully.
C:\WINDOWS\System32\SET7E9.tmp deleted successfully.
C:\WINDOWS\System32\SET7EA.tmp deleted successfully.
C:\WINDOWS\System32\SET7EC.tmp deleted successfully.
C:\WINDOWS\System32\SET7ED.tmp deleted successfully.
C:\WINDOWS\System32\SET7EE.tmp deleted successfully.
C:\WINDOWS\System32\SET7EF.tmp deleted successfully.
C:\WINDOWS\System32\SET7FA.tmp deleted successfully.
C:\WINDOWS\System32\SET7FB.tmp deleted successfully.
C:\WINDOWS\System32\SET7FC.tmp deleted successfully.
C:\WINDOWS\System32\SET7FD.tmp deleted successfully.
C:\WINDOWS\System32\SET7FF.tmp deleted successfully.
C:\WINDOWS\System32\SET801.tmp deleted successfully.
C:\WINDOWS\System32\SET802.tmp deleted successfully.
C:\WINDOWS\System32\SET808.tmp deleted successfully.
C:\WINDOWS\System32\SET80B.tmp deleted successfully.
C:\WINDOWS\System32\SET80C.tmp deleted successfully.
C:\WINDOWS\System32\SET80E.tmp deleted successfully.
C:\WINDOWS\System32\SET80F.tmp deleted successfully.
C:\WINDOWS\System32\SET810.tmp deleted successfully.
C:\WINDOWS\System32\SET815.tmp deleted successfully.
C:\WINDOWS\System32\SET816.tmp deleted successfully.
C:\WINDOWS\System32\SET817.tmp deleted successfully.
C:\WINDOWS\System32\SET818.tmp deleted successfully.
C:\WINDOWS\System32\SET819.tmp deleted successfully.
C:\WINDOWS\System32\SET820.tmp deleted successfully.
C:\WINDOWS\System32\SET824.tmp deleted successfully.
C:\WINDOWS\System32\SET825.tmp deleted successfully.
C:\WINDOWS\System32\SET82A.tmp deleted successfully.
C:\WINDOWS\System32\SET82E.tmp deleted successfully.
C:\WINDOWS\System32\SET835.tmp deleted successfully.
C:\WINDOWS\System32\SET836.tmp deleted successfully.
C:\WINDOWS\System32\SET839.tmp deleted successfully.
C:\WINDOWS\System32\SET844.tmp deleted successfully.
C:\WINDOWS\System32\SET845.tmp deleted successfully.
C:\WINDOWS\System32\SET848.tmp deleted successfully.
C:\WINDOWS\System32\SET84A.tmp deleted successfully.
C:\WINDOWS\System32\SET84B.tmp deleted successfully.
C:\WINDOWS\System32\SET84C.tmp deleted successfully.
C:\WINDOWS\System32\SET84D.tmp deleted successfully.
C:\WINDOWS\System32\SET84E.tmp deleted successfully.
C:\WINDOWS\System32\SET84F.tmp deleted successfully.
C:\WINDOWS\System32\SET85F.tmp deleted successfully.
C:\WINDOWS\System32\SET864.tmp deleted successfully.
C:\WINDOWS\System32\SET866.tmp deleted successfully.
C:\WINDOWS\System32\SET868.tmp deleted successfully.
C:\WINDOWS\System32\SET869.tmp deleted successfully.
C:\WINDOWS\System32\SET86A.tmp deleted successfully.
C:\WINDOWS\System32\SET86D.tmp deleted successfully.
C:\WINDOWS\System32\SET86E.tmp deleted successfully.
C:\WINDOWS\System32\SET872.tmp deleted successfully.
C:\WINDOWS\System32\SET873.tmp deleted successfully.
C:\WINDOWS\System32\SET877.tmp deleted successfully.
C:\WINDOWS\System32\SET878.tmp deleted successfully.
C:\WINDOWS\System32\SET87E.tmp deleted successfully.
C:\WINDOWS\System32\SET87F.tmp deleted successfully.
C:\WINDOWS\System32\SET880.tmp deleted successfully.
C:\WINDOWS\System32\SET887.tmp deleted successfully.
C:\WINDOWS\System32\SET888.tmp deleted successfully.
C:\WINDOWS\System32\SET88D.tmp deleted successfully.
C:\WINDOWS\System32\SET88E.tmp deleted successfully.
C:\WINDOWS\System32\SET88F.tmp deleted successfully.
C:\WINDOWS\System32\SET890.tmp deleted successfully.
C:\WINDOWS\System32\SET892.tmp deleted successfully.
C:\WINDOWS\System32\SET897.tmp deleted successfully.
C:\WINDOWS\System32\SET898.tmp deleted successfully.
C:\WINDOWS\System32\SET8A5.tmp deleted successfully.
C:\WINDOWS\System32\SET8AA.tmp deleted successfully.
C:\WINDOWS\System32\SET8AB.tmp deleted successfully.
C:\WINDOWS\System32\SET8B7.tmp deleted successfully.
C:\WINDOWS\System32\SET8BB.tmp deleted successfully.
C:\WINDOWS\System32\SET8BC.tmp deleted successfully.
C:\WINDOWS\System32\SET8BF.tmp deleted successfully.
C:\WINDOWS\System32\SET8C1.tmp deleted successfully.
C:\WINDOWS\System32\SET8C5.tmp deleted successfully.
C:\WINDOWS\System32\SET8CA.tmp deleted successfully.
C:\WINDOWS\System32\SET8D3.tmp deleted successfully.
C:\WINDOWS\System32\SET8D5.tmp deleted successfully.
C:\WINDOWS\System32\SET8DC.tmp deleted successfully.
C:\WINDOWS\System32\SET8DD.tmp deleted successfully.
C:\WINDOWS\System32\SET8E0.tmp deleted successfully.
C:\WINDOWS\System32\SET8E1.tmp deleted successfully.
C:\WINDOWS\System32\SET8E2.tmp deleted successfully.
C:\WINDOWS\System32\SET8E3.tmp deleted successfully.
C:\WINDOWS\System32\SET8E4.tmp deleted successfully.
C:\WINDOWS\System32\SET8E6.tmp deleted successfully.
C:\WINDOWS\System32\SET8E7.tmp deleted successfully.
C:\WINDOWS\System32\SET8E8.tmp deleted successfully.
C:\WINDOWS\System32\SET8E9.tmp deleted successfully.
C:\WINDOWS\System32\SET8EA.tmp deleted successfully.
C:\WINDOWS\System32\SET8EB.tmp deleted successfully.
C:\WINDOWS\System32\SET8EE.tmp deleted successfully.
C:\WINDOWS\System32\SET8F0.tmp deleted successfully.
C:\WINDOWS\System32\SET8F5.tmp deleted successfully.
C:\WINDOWS\System32\SET8F6.tmp deleted successfully.
C:\WINDOWS\System32\SET8FC.tmp deleted successfully.
C:\WINDOWS\System32\SET901.tmp deleted successfully.
C:\WINDOWS\System32\SET902.tmp deleted successfully.
C:\WINDOWS\System32\SET903.tmp deleted successfully.
C:\WINDOWS\System32\SET905.tmp deleted successfully.
C:\WINDOWS\System32\SET908.tmp deleted successfully.
C:\WINDOWS\System32\SET90A.tmp deleted successfully.
C:\WINDOWS\System32\SET90B.tmp deleted successfully.
C:\WINDOWS\System32\SET90F.tmp deleted successfully.
C:\WINDOWS\System32\SET915.tmp deleted successfully.
C:\WINDOWS\System32\SET916.tmp deleted successfully.
C:\WINDOWS\System32\SET919.tmp deleted successfully.
C:\WINDOWS\System32\SET91A.tmp deleted successfully.
C:\WINDOWS\System32\SET91C.tmp deleted successfully.
C:\WINDOWS\System32\SET921.tmp deleted successfully.
C:\WINDOWS\System32\SET929.tmp deleted successfully.
C:\WINDOWS\System32\SET92A.tmp deleted successfully.
C:\WINDOWS\System32\SET92D.tmp deleted successfully.
C:\WINDOWS\System32\SET930.tmp deleted successfully.
C:\WINDOWS\System32\SET93D.tmp deleted successfully.
C:\WINDOWS\System32\SET942.tmp deleted successfully.
C:\WINDOWS\System32\SET943.tmp deleted successfully.
C:\WINDOWS\System32\SET950.tmp deleted successfully.
C:\WINDOWS\System32\SET952.tmp deleted successfully.
C:\WINDOWS\System32\SET957.tmp deleted successfully.
C:\WINDOWS\System32\SET95B.tmp deleted successfully.
C:\WINDOWS\System32\SET968.tmp deleted successfully.
C:\WINDOWS\System32\SET96A.tmp deleted successfully.
C:\WINDOWS\System32\SET96B.tmp deleted successfully.
C:\WINDOWS\System32\SET96C.tmp deleted successfully.
C:\WINDOWS\System32\SET970.tmp deleted successfully.
C:\WINDOWS\System32\SET975.tmp deleted successfully.
C:\WINDOWS\System32\SET976.tmp deleted successfully.
C:\WINDOWS\System32\SET977.tmp deleted successfully.
C:\WINDOWS\System32\SET97D.tmp deleted successfully.
C:\WINDOWS\System32\SET989.tmp deleted successfully.
C:\WINDOWS\System32\SET98B.tmp deleted successfully.
C:\WINDOWS\System32\SET98C.tmp deleted successfully.
C:\WINDOWS\System32\SET98D.tmp deleted successfully.
C:\WINDOWS\System32\SET990.tmp deleted successfully.
C:\WINDOWS\System32\SET998.tmp deleted successfully.
C:\WINDOWS\System32\SET9A2.tmp deleted successfully.
C:\WINDOWS\System32\SET9B0.tmp deleted successfully.
C:\WINDOWS\System32\SET9C0.tmp deleted successfully.
C:\WINDOWS\System32\SET9C4.tmp deleted successfully.
C:\WINDOWS\System32\SET9CE.tmp deleted successfully.
C:\WINDOWS\System32\SET9D3.tmp deleted successfully.
C:\WINDOWS\System32\SET9E6.tmp deleted successfully.
C:\WINDOWS\System32\SET9E9.tmp deleted successfully.
C:\WINDOWS\System32\SET9EE.tmp deleted successfully.
C:\WINDOWS\System32\SET9F9.tmp deleted successfully.
C:\WINDOWS\System32\SETA00.tmp deleted successfully.
C:\WINDOWS\System32\SETA04.tmp deleted successfully.
C:\WINDOWS\System32\SETA06.tmp deleted successfully.
C:\WINDOWS\System32\SETA07.tmp deleted successfully.
C:\WINDOWS\System32\SETA08.tmp deleted successfully.
C:\WINDOWS\System32\SETA16.tmp deleted successfully.
C:\WINDOWS\System32\SETA20.tmp deleted successfully.
C:\WINDOWS\System32\SETA34.tmp deleted successfully.
C:\WINDOWS\System32\SETA35.tmp deleted successfully.
C:\WINDOWS\System32\SETA3A.tmp deleted successfully.
C:\WINDOWS\System32\SETA5A.tmp deleted successfully.
C:\WINDOWS\System32\SETA5C.tmp deleted successfully.
C:\WINDOWS\System32\SETA62.tmp deleted successfully.
C:\WINDOWS\System32\SETA63.tmp deleted successfully.
C:\WINDOWS\System32\SETA64.tmp deleted successfully.
C:\WINDOWS\System32\SETA66.tmp deleted successfully.
C:\WINDOWS\System32\SETA67.tmp deleted successfully.
C:\WINDOWS\System32\SETA68.tmp deleted successfully.
C:\WINDOWS\System32\SETA69.tmp deleted successfully.
C:\WINDOWS\System32\SETA6B.tmp deleted successfully.
C:\WINDOWS\System32\SETA6D.tmp deleted successfully.
C:\WINDOWS\System32\SETA6E.tmp deleted successfully.
C:\WINDOWS\System32\SETA70.tmp deleted successfully.
C:\WINDOWS\System32\SETA72.tmp deleted successfully.
C:\WINDOWS\System32\SETA73.tmp deleted successfully.
C:\WINDOWS\System32\SETA76.tmp deleted successfully.
C:\WINDOWS\System32\SETA77.tmp deleted successfully.
C:\WINDOWS\System32\SETA7F.tmp deleted successfully.
C:\WINDOWS\System32\SETA86.tmp deleted successfully.
C:\WINDOWS\System32\SETA8A.tmp deleted successfully.
C:\WINDOWS\System32\SETA8E.tmp deleted successfully.
C:\WINDOWS\System32\SETA91.tmp deleted successfully.
C:\WINDOWS\System32\SETA93.tmp deleted successfully.
C:\WINDOWS\System32\SETA96.tmp deleted successfully.
C:\WINDOWS\System32\SETA98.tmp deleted successfully.
C:\WINDOWS\System32\SETA99.tmp deleted successfully.
C:\WINDOWS\System32\SETA9F.tmp deleted successfully.
C:\WINDOWS\System32\SETAA0.tmp deleted successfully.
C:\WINDOWS\System32\SETAA4.tmp deleted successfully.
C:\WINDOWS\System32\SETAA5.tmp deleted successfully.
C:\WINDOWS\System32\SETAA9.tmp deleted successfully.
C:\WINDOWS\System32\SETAAF.tmp deleted successfully.
C:\WINDOWS\System32\SETAB4.tmp deleted successfully.
C:\WINDOWS\System32\SETAB7.tmp deleted successfully.
C:\WINDOWS\System32\SETABA.tmp deleted successfully.
C:\WINDOWS\System32\SETABC.tmp deleted successfully.
ADS C:\WINDOWS:73FF815D08E4021F deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Josha
->Temp folder emptied: 1169787367 bytes
->Temporary Internet Files folder emptied: 109961212 bytes
->Java cache emptied: 44470252 bytes
->FireFox cache emptied: 36722431 bytes
->Flash cache emptied: 53680 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20043064 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 24684672 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 1003833671 bytes
Total Files Cleaned = 2 298,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Josha
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
OTL by OldTimer - Version 3.2.1.1 log created on 04152010_202125
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
---------------------------------------------------------------
Výsledky analýzy:
http://www.virustotal.com/cs/analisis/8 ... 1271355995
Výsledek: 0/40 (0%)
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ deleted successfully.
C:\WINDOWS\Fonts\SETB0B.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0C.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0D.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0E.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB0F.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB10.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB11.tmp deleted successfully.
C:\WINDOWS\Fonts\SETB12.tmp deleted successfully.
C:\WINDOWS\002310_.tmp deleted successfully.
C:\WINDOWS\002329_.tmp deleted successfully.
C:\WINDOWS\005291_.tmp deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV19921796.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\SETAEC.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET15D3.tmp deleted successfully.
C:\WINDOWS\System32\SET15D5.tmp deleted successfully.
C:\WINDOWS\System32\SET15D8.tmp deleted successfully.
C:\WINDOWS\System32\SET7B7.tmp deleted successfully.
C:\WINDOWS\System32\SET7BC.tmp deleted successfully.
C:\WINDOWS\System32\SET7BF.tmp deleted successfully.
C:\WINDOWS\System32\SET7C1.tmp deleted successfully.
C:\WINDOWS\System32\SET7C3.tmp deleted successfully.
C:\WINDOWS\System32\SET7CA.tmp deleted successfully.
C:\WINDOWS\System32\SET7CB.tmp deleted successfully.
C:\WINDOWS\System32\SET7CE.tmp deleted successfully.
C:\WINDOWS\System32\SET7DD.tmp deleted successfully.
C:\WINDOWS\System32\SET7E3.tmp deleted successfully.
C:\WINDOWS\System32\SET7E4.tmp deleted successfully.
C:\WINDOWS\System32\SET7E6.tmp deleted successfully.
C:\WINDOWS\System32\SET7E7.tmp deleted successfully.
C:\WINDOWS\System32\SET7E8.tmp deleted successfully.
C:\WINDOWS\System32\SET7E9.tmp deleted successfully.
C:\WINDOWS\System32\SET7EA.tmp deleted successfully.
C:\WINDOWS\System32\SET7EC.tmp deleted successfully.
C:\WINDOWS\System32\SET7ED.tmp deleted successfully.
C:\WINDOWS\System32\SET7EE.tmp deleted successfully.
C:\WINDOWS\System32\SET7EF.tmp deleted successfully.
C:\WINDOWS\System32\SET7FA.tmp deleted successfully.
C:\WINDOWS\System32\SET7FB.tmp deleted successfully.
C:\WINDOWS\System32\SET7FC.tmp deleted successfully.
C:\WINDOWS\System32\SET7FD.tmp deleted successfully.
C:\WINDOWS\System32\SET7FF.tmp deleted successfully.
C:\WINDOWS\System32\SET801.tmp deleted successfully.
C:\WINDOWS\System32\SET802.tmp deleted successfully.
C:\WINDOWS\System32\SET808.tmp deleted successfully.
C:\WINDOWS\System32\SET80B.tmp deleted successfully.
C:\WINDOWS\System32\SET80C.tmp deleted successfully.
C:\WINDOWS\System32\SET80E.tmp deleted successfully.
C:\WINDOWS\System32\SET80F.tmp deleted successfully.
C:\WINDOWS\System32\SET810.tmp deleted successfully.
C:\WINDOWS\System32\SET815.tmp deleted successfully.
C:\WINDOWS\System32\SET816.tmp deleted successfully.
C:\WINDOWS\System32\SET817.tmp deleted successfully.
C:\WINDOWS\System32\SET818.tmp deleted successfully.
C:\WINDOWS\System32\SET819.tmp deleted successfully.
C:\WINDOWS\System32\SET820.tmp deleted successfully.
C:\WINDOWS\System32\SET824.tmp deleted successfully.
C:\WINDOWS\System32\SET825.tmp deleted successfully.
C:\WINDOWS\System32\SET82A.tmp deleted successfully.
C:\WINDOWS\System32\SET82E.tmp deleted successfully.
C:\WINDOWS\System32\SET835.tmp deleted successfully.
C:\WINDOWS\System32\SET836.tmp deleted successfully.
C:\WINDOWS\System32\SET839.tmp deleted successfully.
C:\WINDOWS\System32\SET844.tmp deleted successfully.
C:\WINDOWS\System32\SET845.tmp deleted successfully.
C:\WINDOWS\System32\SET848.tmp deleted successfully.
C:\WINDOWS\System32\SET84A.tmp deleted successfully.
C:\WINDOWS\System32\SET84B.tmp deleted successfully.
C:\WINDOWS\System32\SET84C.tmp deleted successfully.
C:\WINDOWS\System32\SET84D.tmp deleted successfully.
C:\WINDOWS\System32\SET84E.tmp deleted successfully.
C:\WINDOWS\System32\SET84F.tmp deleted successfully.
C:\WINDOWS\System32\SET85F.tmp deleted successfully.
C:\WINDOWS\System32\SET864.tmp deleted successfully.
C:\WINDOWS\System32\SET866.tmp deleted successfully.
C:\WINDOWS\System32\SET868.tmp deleted successfully.
C:\WINDOWS\System32\SET869.tmp deleted successfully.
C:\WINDOWS\System32\SET86A.tmp deleted successfully.
C:\WINDOWS\System32\SET86D.tmp deleted successfully.
C:\WINDOWS\System32\SET86E.tmp deleted successfully.
C:\WINDOWS\System32\SET872.tmp deleted successfully.
C:\WINDOWS\System32\SET873.tmp deleted successfully.
C:\WINDOWS\System32\SET877.tmp deleted successfully.
C:\WINDOWS\System32\SET878.tmp deleted successfully.
C:\WINDOWS\System32\SET87E.tmp deleted successfully.
C:\WINDOWS\System32\SET87F.tmp deleted successfully.
C:\WINDOWS\System32\SET880.tmp deleted successfully.
C:\WINDOWS\System32\SET887.tmp deleted successfully.
C:\WINDOWS\System32\SET888.tmp deleted successfully.
C:\WINDOWS\System32\SET88D.tmp deleted successfully.
C:\WINDOWS\System32\SET88E.tmp deleted successfully.
C:\WINDOWS\System32\SET88F.tmp deleted successfully.
C:\WINDOWS\System32\SET890.tmp deleted successfully.
C:\WINDOWS\System32\SET892.tmp deleted successfully.
C:\WINDOWS\System32\SET897.tmp deleted successfully.
C:\WINDOWS\System32\SET898.tmp deleted successfully.
C:\WINDOWS\System32\SET8A5.tmp deleted successfully.
C:\WINDOWS\System32\SET8AA.tmp deleted successfully.
C:\WINDOWS\System32\SET8AB.tmp deleted successfully.
C:\WINDOWS\System32\SET8B7.tmp deleted successfully.
C:\WINDOWS\System32\SET8BB.tmp deleted successfully.
C:\WINDOWS\System32\SET8BC.tmp deleted successfully.
C:\WINDOWS\System32\SET8BF.tmp deleted successfully.
C:\WINDOWS\System32\SET8C1.tmp deleted successfully.
C:\WINDOWS\System32\SET8C5.tmp deleted successfully.
C:\WINDOWS\System32\SET8CA.tmp deleted successfully.
C:\WINDOWS\System32\SET8D3.tmp deleted successfully.
C:\WINDOWS\System32\SET8D5.tmp deleted successfully.
C:\WINDOWS\System32\SET8DC.tmp deleted successfully.
C:\WINDOWS\System32\SET8DD.tmp deleted successfully.
C:\WINDOWS\System32\SET8E0.tmp deleted successfully.
C:\WINDOWS\System32\SET8E1.tmp deleted successfully.
C:\WINDOWS\System32\SET8E2.tmp deleted successfully.
C:\WINDOWS\System32\SET8E3.tmp deleted successfully.
C:\WINDOWS\System32\SET8E4.tmp deleted successfully.
C:\WINDOWS\System32\SET8E6.tmp deleted successfully.
C:\WINDOWS\System32\SET8E7.tmp deleted successfully.
C:\WINDOWS\System32\SET8E8.tmp deleted successfully.
C:\WINDOWS\System32\SET8E9.tmp deleted successfully.
C:\WINDOWS\System32\SET8EA.tmp deleted successfully.
C:\WINDOWS\System32\SET8EB.tmp deleted successfully.
C:\WINDOWS\System32\SET8EE.tmp deleted successfully.
C:\WINDOWS\System32\SET8F0.tmp deleted successfully.
C:\WINDOWS\System32\SET8F5.tmp deleted successfully.
C:\WINDOWS\System32\SET8F6.tmp deleted successfully.
C:\WINDOWS\System32\SET8FC.tmp deleted successfully.
C:\WINDOWS\System32\SET901.tmp deleted successfully.
C:\WINDOWS\System32\SET902.tmp deleted successfully.
C:\WINDOWS\System32\SET903.tmp deleted successfully.
C:\WINDOWS\System32\SET905.tmp deleted successfully.
C:\WINDOWS\System32\SET908.tmp deleted successfully.
C:\WINDOWS\System32\SET90A.tmp deleted successfully.
C:\WINDOWS\System32\SET90B.tmp deleted successfully.
C:\WINDOWS\System32\SET90F.tmp deleted successfully.
C:\WINDOWS\System32\SET915.tmp deleted successfully.
C:\WINDOWS\System32\SET916.tmp deleted successfully.
C:\WINDOWS\System32\SET919.tmp deleted successfully.
C:\WINDOWS\System32\SET91A.tmp deleted successfully.
C:\WINDOWS\System32\SET91C.tmp deleted successfully.
C:\WINDOWS\System32\SET921.tmp deleted successfully.
C:\WINDOWS\System32\SET929.tmp deleted successfully.
C:\WINDOWS\System32\SET92A.tmp deleted successfully.
C:\WINDOWS\System32\SET92D.tmp deleted successfully.
C:\WINDOWS\System32\SET930.tmp deleted successfully.
C:\WINDOWS\System32\SET93D.tmp deleted successfully.
C:\WINDOWS\System32\SET942.tmp deleted successfully.
C:\WINDOWS\System32\SET943.tmp deleted successfully.
C:\WINDOWS\System32\SET950.tmp deleted successfully.
C:\WINDOWS\System32\SET952.tmp deleted successfully.
C:\WINDOWS\System32\SET957.tmp deleted successfully.
C:\WINDOWS\System32\SET95B.tmp deleted successfully.
C:\WINDOWS\System32\SET968.tmp deleted successfully.
C:\WINDOWS\System32\SET96A.tmp deleted successfully.
C:\WINDOWS\System32\SET96B.tmp deleted successfully.
C:\WINDOWS\System32\SET96C.tmp deleted successfully.
C:\WINDOWS\System32\SET970.tmp deleted successfully.
C:\WINDOWS\System32\SET975.tmp deleted successfully.
C:\WINDOWS\System32\SET976.tmp deleted successfully.
C:\WINDOWS\System32\SET977.tmp deleted successfully.
C:\WINDOWS\System32\SET97D.tmp deleted successfully.
C:\WINDOWS\System32\SET989.tmp deleted successfully.
C:\WINDOWS\System32\SET98B.tmp deleted successfully.
C:\WINDOWS\System32\SET98C.tmp deleted successfully.
C:\WINDOWS\System32\SET98D.tmp deleted successfully.
C:\WINDOWS\System32\SET990.tmp deleted successfully.
C:\WINDOWS\System32\SET998.tmp deleted successfully.
C:\WINDOWS\System32\SET9A2.tmp deleted successfully.
C:\WINDOWS\System32\SET9B0.tmp deleted successfully.
C:\WINDOWS\System32\SET9C0.tmp deleted successfully.
C:\WINDOWS\System32\SET9C4.tmp deleted successfully.
C:\WINDOWS\System32\SET9CE.tmp deleted successfully.
C:\WINDOWS\System32\SET9D3.tmp deleted successfully.
C:\WINDOWS\System32\SET9E6.tmp deleted successfully.
C:\WINDOWS\System32\SET9E9.tmp deleted successfully.
C:\WINDOWS\System32\SET9EE.tmp deleted successfully.
C:\WINDOWS\System32\SET9F9.tmp deleted successfully.
C:\WINDOWS\System32\SETA00.tmp deleted successfully.
C:\WINDOWS\System32\SETA04.tmp deleted successfully.
C:\WINDOWS\System32\SETA06.tmp deleted successfully.
C:\WINDOWS\System32\SETA07.tmp deleted successfully.
C:\WINDOWS\System32\SETA08.tmp deleted successfully.
C:\WINDOWS\System32\SETA16.tmp deleted successfully.
C:\WINDOWS\System32\SETA20.tmp deleted successfully.
C:\WINDOWS\System32\SETA34.tmp deleted successfully.
C:\WINDOWS\System32\SETA35.tmp deleted successfully.
C:\WINDOWS\System32\SETA3A.tmp deleted successfully.
C:\WINDOWS\System32\SETA5A.tmp deleted successfully.
C:\WINDOWS\System32\SETA5C.tmp deleted successfully.
C:\WINDOWS\System32\SETA62.tmp deleted successfully.
C:\WINDOWS\System32\SETA63.tmp deleted successfully.
C:\WINDOWS\System32\SETA64.tmp deleted successfully.
C:\WINDOWS\System32\SETA66.tmp deleted successfully.
C:\WINDOWS\System32\SETA67.tmp deleted successfully.
C:\WINDOWS\System32\SETA68.tmp deleted successfully.
C:\WINDOWS\System32\SETA69.tmp deleted successfully.
C:\WINDOWS\System32\SETA6B.tmp deleted successfully.
C:\WINDOWS\System32\SETA6D.tmp deleted successfully.
C:\WINDOWS\System32\SETA6E.tmp deleted successfully.
C:\WINDOWS\System32\SETA70.tmp deleted successfully.
C:\WINDOWS\System32\SETA72.tmp deleted successfully.
C:\WINDOWS\System32\SETA73.tmp deleted successfully.
C:\WINDOWS\System32\SETA76.tmp deleted successfully.
C:\WINDOWS\System32\SETA77.tmp deleted successfully.
C:\WINDOWS\System32\SETA7F.tmp deleted successfully.
C:\WINDOWS\System32\SETA86.tmp deleted successfully.
C:\WINDOWS\System32\SETA8A.tmp deleted successfully.
C:\WINDOWS\System32\SETA8E.tmp deleted successfully.
C:\WINDOWS\System32\SETA91.tmp deleted successfully.
C:\WINDOWS\System32\SETA93.tmp deleted successfully.
C:\WINDOWS\System32\SETA96.tmp deleted successfully.
C:\WINDOWS\System32\SETA98.tmp deleted successfully.
C:\WINDOWS\System32\SETA99.tmp deleted successfully.
C:\WINDOWS\System32\SETA9F.tmp deleted successfully.
C:\WINDOWS\System32\SETAA0.tmp deleted successfully.
C:\WINDOWS\System32\SETAA4.tmp deleted successfully.
C:\WINDOWS\System32\SETAA5.tmp deleted successfully.
C:\WINDOWS\System32\SETAA9.tmp deleted successfully.
C:\WINDOWS\System32\SETAAF.tmp deleted successfully.
C:\WINDOWS\System32\SETAB4.tmp deleted successfully.
C:\WINDOWS\System32\SETAB7.tmp deleted successfully.
C:\WINDOWS\System32\SETABA.tmp deleted successfully.
C:\WINDOWS\System32\SETABC.tmp deleted successfully.
ADS C:\WINDOWS:73FF815D08E4021F deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Josha
->Temp folder emptied: 1169787367 bytes
->Temporary Internet Files folder emptied: 109961212 bytes
->Java cache emptied: 44470252 bytes
->FireFox cache emptied: 36722431 bytes
->Flash cache emptied: 53680 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20043064 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 24684672 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 1003833671 bytes
Total Files Cleaned = 2 298,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Josha
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
OTL by OldTimer - Version 3.2.1.1 log created on 04152010_202125
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
---------------------------------------------------------------
Výsledky analýzy:
http://www.virustotal.com/cs/analisis/8 ... 1271355995
Výsledek: 0/40 (0%)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zasekávání pc
akorat se mi u souboru ted ukazujou kocovky v názvu: (*.txt, *.doc, *.exe ... apod...)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zasekávání pc
momentálně si nemohu stěžovat, zatím pc neseká a vše vypadá v pořádku.
Re: zasekávání pc
i když teď jsem jeden objevil- pouštím si hudbu, a výstup hlasitosti musím dát na maximum abych to vůbec slyšel. nemohl se smazat něaký soubor, který má co dočinění se zvukem?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: zasekávání pc
problém s ovladačem vyřešen, nebyla nutná reinstalace. děkuji.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?