facebook

[dasenka...]

Logfile of random's system information tool 1.08 (written by random/random)
Run by dasa at 2011-01-30 16:23:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 406 MB (4%) free of 10 GB
Total RAM: 447 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:30, on 30.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS.0\system32\nvsvc32.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ADSL\ADSL USB MODEM\DSLMON.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
c:\windows.0\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Spyware Terminator\SpyWareTerminator.exe
C:\Documents and Settings\dasa.DOMA-D074FF335E\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\dasa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows.0\nvsvc32.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows.0\nvsvc32.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\ADSL\ADSL USB MODEM\DSLMON.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DB04C1C-7AB4-48FB-870E-D7C271333A6F}: NameServer = 160.218.161.54 194.228.41.65
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.0\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.0\system32\browseui.dll
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 7267 bytes

======Scheduled tasks folder======

C:\WINDOWS.0\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1614895754-1417001333-1001.job
C:\WINDOWS.0\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1614895754-1417001333-1001.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-07 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS.0\SOUNDMAN.EXE [2005-10-04 98304]
"NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2005-09-18 7204864]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-07 202256]
"KernelFaultCheck"=C:\WINDOWS.0\system32\dumprep 0 -k []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-06-07 111928]
"UserFaultCheck"=C:\WINDOWS.0\system32\dumprep 0 -u []
"NVIDIA driver monitor"=c:\windows.0\nvsvc32.exe [2011-01-30 110592]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-01-30 2216960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1702400]
"NVIDIA driver monitor"=c:\windows.0\nvsvc32.exe [2011-01-30 110592]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-01-30 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9xadiras]
9xadiras.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS.0\AGRSMMSG.exe [2002-06-21 87439]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS.0\system32\ctfmon.exe [2008-04-14 22528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1702400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS.0\system32\NvCpl.dll [2005-09-18 7204864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS.0\system32\NvMcTray.dll [2005-09-18 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS.0\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dasa.DOMA-D074FF335E^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.2.lnk]
C:\PROGRA~1\OPENOF~1.2\program\QUICKS~1.EXE [2007-03-22 401408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SamSs"=2

C:\Documents and Settings\All Users.WINDOWS.0\Nabídka Start\Programy\Po spuštění
DSLMON.lnk - C:\Program Files\ADSL\ADSL USB MODEM\DSLMON.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMHelp"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"\??\C:\WINDOWS.0\system32\winlogon.exe"="\??\C:\WINDOWS.0\system32\winlogon.exe:*:enabled:@shell32.dll,-1"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe"="C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\dasa.DOMA-D074FF335E\Dokumenty\Stažené soubory\facebook-pic000934519.exe"="c:\windows.0\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2011-01-30 16:21:50 ----D---- C:\Program Files\trend micro
2011-01-30 16:21:45 ----D---- C:\rsit
2011-01-30 15:13:37 ----D---- C:\Program Files\WinClamAVShield
2011-01-30 15:11:40 ----D---- C:\Program Files\Crawler
2011-01-30 15:11:35 ----A---- C:\WINDOWS.0\system32\drivers\sp_rsdrv2.sys
2011-01-30 15:11:34 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\Spyware Terminator
2011-01-30 15:11:27 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Spyware Terminator
2011-01-30 15:11:26 ----D---- C:\Program Files\Spyware Terminator
2011-01-30 14:26:02 ----RSH---- C:\WINDOWS.0\nvsvc32.exe
2011-01-19 20:09:24 ----A---- C:\WINDOWS.0\wininit.ini
2011-01-19 18:08:42 ----A---- C:\WINDOWS.0\RtlRack.ini
2011-01-17 15:31:10 ----A---- C:\WINDOWS.0\IE4 Error Log.txt

======List of files/folders modified in the last 1 months======

2011-01-30 16:22:35 ----D---- C:\WINDOWS.0\Prefetch
2011-01-30 16:21:50 ----RD---- C:\Program Files
2011-01-30 16:14:36 ----D---- C:\WINDOWS.0\Temp
2011-01-30 16:13:24 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\Skype
2011-01-30 16:09:17 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\skypePM
2011-01-30 15:43:34 ----SD---- C:\WINDOWS.0\Tasks
2011-01-30 15:36:53 ----D---- C:\Program Files\WinRAR
2011-01-30 15:11:37 ----D---- C:\WINDOWS.0\system32\drivers
2011-01-30 14:26:02 ----D---- C:\WINDOWS.0
2011-01-30 13:55:26 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\AlawarWrapper
2011-01-30 08:04:44 ----A---- C:\WINDOWS.0\Marias.ini
2011-01-28 23:14:05 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2011-01-28 16:26:18 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\ICQ
2011-01-25 22:56:34 ----A---- C:\WINDOWS.0\DUMP33d1.tmp
2011-01-23 22:52:23 ----SHD---- C:\WINDOWS.0\Installer
2011-01-23 22:52:23 ----SHD---- C:\Config.Msi
2011-01-23 22:51:38 ----RD---- C:\Program Files\Skype
2011-01-23 16:23:10 ----D---- C:\Program Files\Mozilla Firefox
2011-01-22 15:02:09 ----A---- C:\WINDOWS.0\DUMP21ff.tmp
2011-01-21 18:42:42 ----D---- C:\WINDOWS.0\system32
2011-01-21 14:26:34 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\OpenOffice.org2
2011-01-21 07:54:39 ----A---- C:\WINDOWS.0\ModemLog_Microcom InPorte Home.txt
2011-01-19 20:11:25 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\Mozilla
2011-01-18 15:39:26 ----D---- C:\WINDOWS.0\system32\Restore
2011-01-17 01:29:13 ----D---- C:\Program Files\Common Files\Skype
2011-01-17 01:29:08 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Skype
2011-01-14 14:42:20 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\dvdcss
2011-01-14 13:57:39 ----D---- C:\Documents and Settings\dasa.DOMA-D074FF335E\Data aplikací\vlc
2011-01-09 15:35:17 ----D---- C:\Program Files\ICQ7.2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS.0\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS.0\system32\drivers\sp_rsdrv2.sys []
R3 adiusbaw;ADSL USB MODEM WAN ADAPTER; C:\WINDOWS.0\system32\DRIVERS\adiusbaw.sys [2004-01-12 127721]
R3 AgereSoftModem;Microcom InPorte Home; C:\WINDOWS.0\system32\DRIVERS\AGRSM.sys [2002-06-21 1133440]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS.0\system32\drivers\ALCXWDM.SYS [2005-10-04 3797632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS.0\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2005-09-18 3493984]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS.0\system32\DRIVERS\NVENETFD.sys [2005-07-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS.0\system32\DRIVERS\nvnetbus.sys [2005-07-30 12928]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS.0\System32\Drivers\adildr.sys [2003-11-13 46423]
S3 usbprint;Třída USB Printer; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS.0\system32\nvsvc32.exe [2005-09-18 139331]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-01-30 496128]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[vyosek]

Zdravim, pekny podvecer preji a vitam Vas u nas na foru

Vidim ze s pomoci kolegy jste zalozila tema a dala log

//edit po dohode s kolegou thread prenechavam

[dasenka...]

dobre dekuji

[vyosek]

Tak nakonec jsme se dohodli s kolegou cernohousem ze si Vas vezme pod sva kridla, takze ja se loucim a preji uspesne vyleceni

Hezky vecer, vyosek

[dasenka...]

dekuji. takze on mi sem napise co a jak dal?

[vyosek]

JJ, behem chvilu tu bude postup od nej...omlouvam se za zmatek

[cernohous13]

dasenka...
hned se do toho dám

[dasenka...]

Nene v pořádku já moc děkuji za pomoc...

[dasenka...]

dobře děkuji

[cernohous13]

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „Moveit!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\

Script OTM

Kód: Vybrat vše

:Files
C:\WINDOWS.0\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1614895754-1417001333-1001.job
C:\WINDOWS.0\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1614895754-1417001333-1001.job
c:\windows.0\nvsvc32.exe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"KernelFaultCheck"=-
"Adobe Reader Speed Launcher"=-
"UserFaultCheck"=-
"NVIDIA driver monitor"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA driver monitor"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\dasa.DOMA-D074FF335E\Dokumenty\Stažené soubory\facebook-pic000934519.exe"=-

:commands
[PURITY]
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[REBOOT]

[dasenka...]

a s tim logem co?

[dasenka...]

Nebo uz je to jako hotove?? odpovite mi nekdo prosim

[vyosek]

Jeste sem tedy s dovolenim vlezu

Log z OTM co na Vas vypadl sem vlozte, pripadne je ulozen v c:\_OTM\MovedFiles

My tu taky nejsme porad - delame to tu ve svem volnem case a zadarmo

[dasenka...]

ja to chapu.. a omlouvam se... jen jsem z toho nervozi..

[dasenka...]

All processes killed
========== FILES ==========
C:\WINDOWS.0\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-1614895754-1417001333-1001.job moved successfully.
C:\WINDOWS.0\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-1614895754-1417001333-1001.job moved successfully.
c:\windows.0\nvsvc32.exe moved successfully.
File/Folder C:\WINDOWS.0\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS.0\system32\SET*.tmp not found.
C:\WINDOWS.0\DUMP21ff.tmp moved successfully.
C:\WINDOWS.0\DUMP33d1.tmp moved successfully.
C:\WINDOWS.0\NV420432.TMP folder moved successfully.
C:\WINDOWS.0\SET3.tmp moved successfully.
C:\WINDOWS.0\SET4.tmp moved successfully.
C:\WINDOWS.0\SET8.tmp moved successfully.
C:\WINDOWS.0\system32\CONFIG.TMP moved successfully.
C:\WINDOWS.0\Temp\CR_22.tmp folder moved successfully.
C:\WINDOWS.0\Temp\CR_2C.tmp folder moved successfully.
C:\WINDOWS.0\Temp\CR_4E.tmp folder moved successfully.
C:\WINDOWS.0\Temp\CR_9.tmp folder moved successfully.
C:\WINDOWS.0\Temp\CR_E.tmp folder moved successfully.
C:\WINDOWS.0\Temp\GUR3.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\dasa.DOMA-D074FF335E\Dokumenty\Stažené soubory\facebook-pic000934519.exe deleted successfully.
========== COMMANDS ==========
C:\WINDOWS.0\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: All Users.WINDOWS

User: All Users.WINDOWS.0

User: Dasa
->Temp folder emptied: 9815947 bytes
->Temporary Internet Files folder emptied: 14563358 bytes
->FireFox cache emptied: 15718643 bytes
->Flash cache emptied: 27462 bytes

User: dasa.DOMA-D074FF335E
->Temp folder emptied: 559633834 bytes
->Temporary Internet Files folder emptied: 110357594 bytes
->FireFox cache emptied: 120584490 bytes
->Google Chrome cache emptied: 557424 bytes
->Flash cache emptied: 77786 bytes

User: DASA~1~DOM

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS.0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lada
->Temp folder emptied: 20687627 bytes
->Temporary Internet Files folder emptied: 11585178 bytes
->FireFox cache emptied: 1597334 bytes
->Flash cache emptied: 405 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35964886 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 218830883 bytes

Total Files Cleaned = 1 068,00 mb


Restore points cleared and new OTM Restore Point set!

OTM by OldTimer - Version 3.1.17.2 log created on 01302011_172642

Files moved on Reboot...

Registry entries deleted on Reboot...