Prosím o kontrolu logu děkuji

Zpráva

davi1975 · #1 Příspěvek od **davi1975** » 18 čer 2010 11:44

Logfile of random's system information tool 1.07 (written by random/random)
Run by HP at 2010-06-18 12:41:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 32 GB (46%) free of 70 GB
Total RAM: 702 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:41:39, on 18.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP\Dokumenty\Stažené soubory\RSIT(5).exe
C:\Program Files\trend micro\HP.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP\Nabídka Start\Programy\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} (SonyOnlineInstallerX) - http://www-cdn.freerealms.com/gamedata/ ... cab?v=1037
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F33E617F-4A45-4427-B1EE-69D8B60D92D0}: NameServer = 89.235.20.1,212.80.66.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FortKnox Personal Firewall (fortknox) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnox.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9233 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-05-04 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll [2008-02-04 323568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-05-04 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"FortKnoxPersonalFirewall"=C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnoxGUI.exe [2009-06-02 1727056]
"PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-09 68856]
""= []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Metin2_TESTER\metin2.bin"="C:\Program Files\Metin2_TESTER\metin2.bin:*:Enabled:metin2"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe:*:Enabled:Zoo Tycoon 2 Demo Executable"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-06-10 21:14:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 21:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 21:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 21:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 21:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 20:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-03 11:46:05 ----D---- C:\Program Files\ICQ7.2
2010-05-26 15:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

======List of files/folders modified in the last 1 months======

2010-06-18 12:41:39 ----D---- C:\Program Files\Trend Micro
2010-06-18 12:09:48 ----D---- C:\WINDOWS\Temp
2010-06-17 22:23:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-17 20:17:34 ----D---- C:\Program Files\Metin2_TESTER
2010-06-17 20:04:55 ----D---- C:\Documents and Settings\HP\Data aplikací\Spyware Terminator
2010-06-17 18:24:38 ----D---- C:\Documents and Settings\HP\Data aplikací\IMVU
2010-06-17 13:24:33 ----D---- C:\WINDOWS
2010-06-17 10:43:00 ----D---- C:\WINDOWS\Debug
2010-06-16 17:54:15 ----SHD---- C:\WINDOWS\Installer
2010-06-16 15:41:30 ----D---- C:\Documents and Settings\HP\Data aplikací\Skype
2010-06-16 14:53:22 ----D---- C:\Documents and Settings\HP\Data aplikací\skypePM
2010-06-11 18:42:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-11 14:53:53 ----D---- C:\Documents and Settings\HP\Data aplikací\IMVUClient
2010-06-11 12:25:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-11 12:25:10 ----RSD---- C:\WINDOWS\assembly
2010-06-10 21:33:52 ----D---- C:\WINDOWS\system32
2010-06-10 21:14:29 ----HD---- C:\WINDOWS\inf
2010-06-10 21:14:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 21:12:49 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 21:11:28 ----D---- C:\Program Files\Internet Explorer
2010-06-10 21:11:12 ----D---- C:\WINDOWS\ie8updates
2010-06-10 20:52:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-10 20:51:50 ----D---- C:\WINDOWS\WinSxS
2010-06-10 14:43:58 ----D---- C:\Documents and Settings\HP\Data aplikací\everlight
2010-06-09 14:11:32 ----D---- C:\Program Files\Spyware Terminator
2010-06-07 11:41:30 ----D---- C:\Documents and Settings\HP\Data aplikací\ICQ
2010-06-05 10:46:28 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 08:07:35 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-03 11:47:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-03 11:47:34 ----D---- C:\Program Files
2010-06-03 11:47:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-21 12:04:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-05-20 16:31:25 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 fortknox_drv;fortknox_drv; C:\WINDOWS\system32\drivers\fortknoxfw.sys [2009-02-17 57680]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-02 1972224]
R3 Fkndisf;FortKnox Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\fortknoxfw_ndisim.sys [2009-02-17 23248]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PAC207;Trust 100K Series Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 catchme;catchme; \??\C:\DOCUME~1\HP\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-02 446464]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 fortknox;FortKnox Personal Firewall; C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnox.exe [2009-06-02 506448]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-01-22 540672]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-03-06 520192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-12 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-04 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 18 čer 2010 11:52

Zdravim a pekne odpoledne preji,

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Po startu se Vam spousti zbytecne programy - na jejich zastaveni muzete pouzit StartUpLite (viz muj podpis)

Program stahnete, ulozte treba na plochu a spustte
Vypise se Vam seznam zbytecnych programu spoustenych po startu
Kliknete na Disable cimz zamezite jejich spousteni
Nasledne kliknete na Continue a je hotovo
Nemusite se bat ze si odstrelite neco nutneho pro beh Windows - program vypisuje jen zbytecne programy
Po pouziti muzete programek smazat

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-

Soubor ulozte jako oprava.reg :idea:Pri ukladani dat ulozit jako typ Vsechny soubory
Zavrit notepad a spustit oprava.reg
Okno jen problikne a opravi regsitry - soubor muzete smazat

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Jinak je log OK, jsou s PC nejake problemy

davi1975 · #3 Příspěvek od **davi1975** » 18 čer 2010 19:25

Děkuji za pomoc udělal jsem vše jak jste psal . Mám jen problém s rychlostí internetu hrozně mě klesla volal jsem na operátora a ten mně řekl že by to mohl být vir tak jsem se chtěl ujistit jestli nějaký nemám .Pokud je log v pořádku problém musí být někde jinde . Ještě jednou děkuji

#4 Příspěvek od **vyosek** » 18 čer 2010 19:29

Tak se na to podivame hloubeji, RSIT nemusi ukazat vse

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Ani po procisteni CCleanerem se internet nezrychlil

davi1975 · #5 Příspěvek od **davi1975** » 18 čer 2010 19:38

Bohužel ani po pročištění CCleanerem se internet nezrychlil . Sken zašlu hned jak bude hotov.

#6 Příspěvek od **vyosek** » 18 čer 2010 19:40

Ok, pockam na log z MBAM a uvidime

davi1975 · #7 Příspěvek od **davi1975** » 18 čer 2010 21:15

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3861
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

18.6.2010 22:13:52
mbam-log-2010-06-18 (22-13-44).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 209014
Uplynulý čas: 1 hour(s), 19 minute(s), 37 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Documents and Settings\HP\Dokumenty\SmileyCentralPFSetup2.3.50.21.ZNfox000.exe (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Trend Micro\HijackThis\backups\backup-20090111-124707-988.dll (Adware.MyWebSearch) -> No action taken.

#8 Příspěvek od **vyosek** » 18 čer 2010 21:23

Vse co nasel MBAM smazte...

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

davi1975 · #9 Příspěvek od **davi1975** » 18 čer 2010 22:25

nevím co se stalo ale prohledávalo to a najednou všechno zmizelo jen zůstala bílá stránka a je tam napsáno OTL Neodpovídá

#10 Příspěvek od **vyosek** » 18 čer 2010 22:35

Zkuste v nouzovem rezimu (restart PC-mackat F8-zvolit Stav nouze s praci v siti)

Pokud taktez nepujde spustte OTL bez skriptu (nejdrive v normalnim rezimu, v pripade seknuti v nouzaku)

davi1975 · #11 Příspěvek od **davi1975** » 18 čer 2010 22:51

OTL logfile created on: 18.6.2010 23:47:41 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

702,00 Mb Total Physical Memory | 225,00 Mb Available Physical Memory | 32,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1053 1053 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 31,55 Gb Free Space | 46,16% Space Free | Partition Type: NTFS
Drive D: | 6,16 Gb Total Space | 5,75 Gb Free Space | 93,33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP-B667E60A4010
Current User Name: HP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.18 23:47:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Dokumenty\Stažené soubory\OTL(3).exe
PRC - [2010.04.01 19:59:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.01.22 14:54:47 | 000,540,672 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2007.05.16 09:27:38 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.05.16 09:27:16 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

========== Modules (SafeList) ==========

MOD - [2010.06.18 23:47:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Dokumenty\Stažené soubory\OTL(3).exe
MOD - [2009.06.02 16:57:44 | 000,318,032 | ---- | M] (NETGATE Technologies s.r.o.) -- C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\protect.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.06.02 16:57:30 | 000,506,448 | ---- | M] (NETGATE Technologies s.r.o.) [Auto | Running] -- C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnox.exe -- (fortknox)
SRV - [2009.01.22 14:54:47 | 000,540,672 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.06.15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.02.17 14:51:46 | 000,023,248 | ---- | M] (NETGATE Technologies s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fortknoxfw_ndisim.sys -- (Fkndisf)
DRV - [2009.02.17 14:51:44 | 000,057,680 | ---- | M] (NETGATE Technologies s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fortknoxfw.sys -- (fortknox_drv)
DRV - [2009.01.22 14:54:47 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2008.04.13 21:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007.03.02 22:53:19 | 001,972,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.01.26 17:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.01.26 17:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://atlas.cz/
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.17
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.4&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.06 16:27:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.07 13:05:32 | 000,000,000 | ---D | M]

[2009.06.28 18:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Extensions
[2009.06.28 18:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010.06.03 11:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions
[2010.03.11 19:55:01 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009.09.02 16:55:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.23 19:10:13 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.06.03 11:47:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.09.30 13:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.02.25 12:53:31 | 000,002,049 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\firmycz.xml
[2010.06.14 15:31:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-1.xml
[2008.03.27 07:38:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-10.xml
[2008.04.18 06:42:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-11.xml
[2008.06.20 22:11:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-12.xml
[2008.06.26 15:21:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-13.xml
[2008.07.27 21:21:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-14.xml
[2008.09.27 15:46:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-15.xml
[2008.09.29 14:45:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-16.xml
[2008.11.14 16:41:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-17.xml
[2008.12.20 19:37:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-18.xml
[2009.02.04 13:20:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-19.xml
[2007.07.31 13:44:37 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-2.xml
[2009.03.10 17:46:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-20.xml
[2009.03.28 21:25:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-21.xml
[2009.03.28 21:25:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-22.xml
[2009.04.24 12:58:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-23.xml
[2009.04.29 10:22:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-24.xml
[2009.06.12 20:12:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-25.xml
[2009.07.22 21:04:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-26.xml
[2009.08.05 13:13:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-27.xml
[2009.09.10 19:47:22 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-28.xml
[2009.10.28 17:16:58 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-29.xml
[2007.09.20 13:37:52 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-3.xml
[2009.11.06 15:39:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-30.xml
[2009.12.18 14:23:53 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-31.xml
[2010.01.07 17:41:58 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-32.xml
[2010.01.21 08:04:38 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-33.xml
[2010.02.18 23:57:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-34.xml
[2010.02.20 11:31:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-35.xml
[2007.10.20 19:48:54 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-4.xml
[2007.11.02 14:42:33 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-5.xml
[2007.11.27 19:27:08 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-6.xml
[2007.12.02 11:10:38 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-7.xml
[2008.02.08 18:10:07 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-8.xml
[2008.03.01 19:35:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-9.xml
[2010.06.03 11:47:30 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.gif
[2010.06.03 11:47:30 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.xml
[2010.02.25 12:53:31 | 000,002,044 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\mapycz.xml
[2010.02.25 12:53:30 | 000,002,210 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\zbocz.xml
[2010.06.03 11:49:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.01.11 14:06:34 | 000,024,683 | ---- | M] (Ask.com) -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2007.07.11 15:00:05 | 000,000,754 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [FortKnoxPersonalFirewall] C:\Program Files\NETGATE\FortKnox Personal Firewall 2009\FortKnoxGUI.exe (NETGATE Technologies s.r.o.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004..\Run: [] File not found
O4 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP\Nabídka Start\Programy\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freerealms.com/gamedata/ ... cab?v=1037 (SonyOnlineInstallerX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.16 15:46:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004.08.18 14:00:00 | 000,000,112 | ---- | M] () - D:\AUTORUN.FCB -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2010.06.18 20:16:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP\Recent
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.06.18 22:59:05 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.18 22:57:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.18 22:56:29 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.18 22:56:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.18 22:55:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.18 22:54:28 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\HP\NTUSER.DAT
[2010.06.18 22:54:04 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\HP\ntuser.ini
[2010.06.18 17:51:31 | 000,001,874 | ---- | M] () -- C:\Documents and Settings\HP\Plocha\IMVU.lnk
[2010.06.17 12:14:41 | 001,498,968 | ---- | M] () -- C:\WINDOWS\Trogir_ScreenSaver.scr
[2010.06.16 14:52:56 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.06.14 15:23:49 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.17 12:14:41 | 001,498,968 | ---- | C] () -- C:\WINDOWS\Trogir_ScreenSaver.scr
[2009.09.20 10:34:31 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009.09.20 10:34:24 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2009.01.22 14:54:47 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.10.22 15:15:04 | 000,000,037 | ---- | C] () -- C:\WINDOWS\IVANOFF.INI
[2008.07.29 16:54:23 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.03.20 12:45:23 | 000,000,057 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.01.18 18:38:05 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RUNAWAY.INI
[2007.11.02 21:01:43 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2007.09.22 10:21:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\CDCOPS.INI
[2007.07.22 10:55:50 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Visen.ini
[2007.07.22 10:54:13 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Pomeranc.ini
[2007.07.22 10:52:06 | 000,000,164 | ---- | C] () -- C:\WINDOWS\Jahoda.ini
[2007.07.22 10:50:22 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Vanilka.ini
[2007.07.22 10:47:21 | 000,000,166 | ---- | C] () -- C:\WINDOWS\Jablko.ini
[2007.07.22 10:40:28 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Citron.ini
[2007.06.26 15:27:22 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.06.20 20:02:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.06.15 11:06:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007.06.05 10:09:16 | 000,000,096 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.05.30 12:22:36 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.04.19 10:32:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007.04.19 10:28:13 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL
[2007.04.16 16:22:24 | 000,000,132 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1993.07.23 20:31:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll

========== LOP Check ==========

[2010.06.03 11:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.09.20 15:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.08.07 13:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NETGATE
[2007.09.20 15:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.05.21 12:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.12.21 21:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:671329E4
< End of report >

davi1975 · #12 Příspěvek od **davi1975** » 18 čer 2010 22:53

OTL Extras logfile created on: 18.6.2010 23:47:41 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

702,00 Mb Total Physical Memory | 225,00 Mb Available Physical Memory | 32,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1053 1053 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 31,55 Gb Free Space | 46,16% Space Free | Partition Type: NTFS
Drive D: | 6,16 Gb Total Space | 5,75 Gb Free Space | 93,33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP-B667E60A4010
Current User Name: HP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"15998:TCP" = 15998:TCP:*:Enabled:BitComet 15998 TCP
"15998:UDP" = 15998:UDP:*:Enabled:BitComet 15998 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe" = C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- ()
"C:\Program Files\Metin2_TESTER\metin2.bin" = C:\Program Files\Metin2_TESTER\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe" = C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe:*:Enabled:Zoo Tycoon 2 Demo Executable -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{10162E91-BB26-AF99-909C-E840C15890E8}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 15
"{29C0E9C5-7718-D07B-633F-FD5BE27BBCE5}" = ccc-core-preinstall
"{2A5782B3-9767-5DF6-8F5A-4900CD698845}" = Catalyst Control Center Graphics Light
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38EC695A-64CD-7C76-3C21-9ECB49880C70}" = Catalyst Control Center Core Implementation
"{47E0F183-E938-A97E-A3CF-9FD4D9893439}" = ccc-core-static
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{508D86EE-931E-4DEA-0BF8-25E30CE9EB42}" = ccc-utility
"{5628829F-3318-4DDA-988D-D301832F1611}" = Singles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{649E4B4B-9DBD-4C0D-9ECD-BDF3382992E2}" = Trainer Maker 4 for Windows
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{797E03F8-C8A0-47ED-AA9F-D7076276E491}" = Ford Racing 2
"{7A81A7E3-7391-ADFF-9014-F8F45F0337F6}" = CCC Help English
"{7F431D08-0D56-4F2B-85F5-D32B7A2A577A}" = SimTractor 4.0
"{805C099D-2A20-DBF8-780C-52CA10916A14}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E79A5A3-AA5F-DA1F-4BF2-EEC290A08709}" = Skins
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C064F50C-4B08-3136-48F5-B92130A47267}" = Catalyst Control Center Graphics Previews Common
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3E7A2A5-A059-4A44-949B-21FBD371A8B8}" = Paint.NET v3.5
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E64C12CA-FDA9-4D3C-9A35-D2951AD7EB1B}_is1" = Everlight - Moc a kouzla Víl
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"Bus Driver" = Bus Driver 1.0
"CANONBJ_Deinstall_CNMCP6e.DLL" = Canon PIXMA iP1000
"CCleaner" = CCleaner
"csExcel_is1" = csExcel v.2.2.10
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"FortKnox Personal Firewall_is1" = FortKnox Personal Firewall 2009
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Indeo® Software" = Indeo® Software
"Jen počkej!" = Jen počkej!
"LANGMaster Škola DNES_is1" = LANGMaster Škola DNES
"LEGO Racers" = LEGO Racers
"Magnus" = Skipper a Skeeto
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mortyr CZ" = Mortyr CZ
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoFiltre" = PhotoFiltre
"Plane Arcade" = Plane Arcade
"RAYEVEIL" = RAYEVEIL
"RECOIL" = RECOIL
"Rex" = Rex
"Scorpions WinCheater 2.07 (s databází 88)_is1" = Scorpions WinCheater
"Spyware Terminator_is1" = Spyware Terminator
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNations_is1" = TrackMania Nations ESWC 1.7.9
"Trogir_ScreenSaver Screen Saver" = Trogir_ScreenSaver Screen Saver
"VirtualBus" = VirtualBus A6C RC2.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.96.2
"Zoo Empire_is1" = Zoo Empire 1.21
"Zoo Tycoon 2 Trial Version" = Zoo Tycoon 2 Trial Version

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"SOE-Free Realms" = Free Realms

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 1.7.2008 2:16:09 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://play.clubpenguin.com/chat658.swf failed, 0000A413.

Error - 4.7.2008 11:42:17 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://play.clubpenguin.com/chat658.swf failed, 0000A413.

Error - 12.7.2008 9:13:48 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://play.clubpenguin.com/chat658.swf failed, 0000A413.

Error - 23.7.2008 5:48:52 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://media1.clubpenguin.com/play/v2/shell/shell10.swf failed, 0000A413.

Error - 9.8.2008 4:12:31 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://media1.clubpenguin.com/play/v2/g ... vel1_1.swf failed,
0000A413.

Error - 10.8.2008 5:05:02 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://media1.clubpenguin.com/play/v2/shell/shell13.swf failed, 0000A413.

Error - 22.8.2008 6:51:47 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://media1.clubpenguin.com/play/v2/shell/shell15.swf failed, 0000A413.

Error - 22.1.2009 8:32:08 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\HP\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLIST.BIN
failed, 0000A413.

Error - 24.3.2009 3:05:06 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... e_spcd.iso
failed, 00000084.

Error - 14.6.2010 14:45:47 | Computer Name = HP-B667E60A4010 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... e_spcd.iso
failed, 00000084.

[ Application Events ]
Error - 9.6.2010 10:52:10 | Computer Name = HP-B667E60A4010 | Source = Google Update | ID = 20
Description =

Error - 9.6.2010 14:52:05 | Computer Name = HP-B667E60A4010 | Source = Google Update | ID = 20
Description =

Error - 10.6.2010 7:52:05 | Computer Name = HP-B667E60A4010 | Source = Google Update | ID = 20
Description =

Error - 10.6.2010 8:43:18 | Computer Name = HP-B667E60A4010 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace fr2.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.6.2010 8:52:16 | Computer Name = HP-B667E60A4010 | Source = Google Update | ID = 20
Description =

Error - 10.6.2010 9:52:11 | Computer Name = HP-B667E60A4010 | Source = Google Update | ID = 20
Description =

Error - 10.6.2010 11:46:22 | Computer Name = HP-B667E60A4010 | Source = Application Error | ID = 1000
Description = Chybující aplikace ze.exe, verze 0.0.0.0, chybující modul ze.exe,
verze 0.0.0.0, adresa chyby 0x00101cec.

Error - 14.6.2010 13:34:21 | Computer Name = HP-B667E60A4010 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace FortKnoxGUI.exe, verze 4.0.205.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.6.2010 17:32:22 | Computer Name = HP-B667E60A4010 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.6.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.6.2010 17:47:11 | Computer Name = HP-B667E60A4010 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.6.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 9.6.2010 8:16:04 | Computer Name = HP-B667E60A4010 | Source = NetBT | ID = 4307
Description = Inicializace se nezdařila, protože přenos odmítl otevřít počáteční
adresy.

Error - 10.6.2010 7:49:28 | Computer Name = HP-B667E60A4010 | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NwlnkNb, protože jiný
počítač v síti má stejný název. Server nelze spustit.

Error - 10.6.2010 7:49:28 | Computer Name = HP-B667E60A4010 | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NwlnkIpx, protože jiný
počítač v síti má stejný název. Server nelze spustit.

< End of report >

#13 Příspěvek od **vyosek** » 18 čer 2010 22:58

Vidim tam Spyware Terminatora - sken jste poustel

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
[2010.06.14 15:31:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-1.xml
[2008.03.27 07:38:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-10.xml
[2008.04.18 06:42:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-11.xml
[2008.06.20 22:11:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-12.xml
[2008.06.26 15:21:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-13.xml
[2008.07.27 21:21:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-14.xml
[2008.09.27 15:46:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-15.xml
[2008.09.29 14:45:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-16.xml
[2008.11.14 16:41:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-17.xml
[2008.12.20 19:37:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-18.xml
[2009.02.04 13:20:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-19.xml
[2007.07.31 13:44:37 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-2.xml
[2009.03.10 17:46:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-20.xml
[2009.03.28 21:25:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-21.xml
[2009.03.28 21:25:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-22.xml
[2009.04.24 12:58:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-23.xml
[2009.04.29 10:22:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-24.xml
[2009.06.12 20:12:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-25.xml
[2009.07.22 21:04:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-26.xml
[2009.08.05 13:13:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-27.xml
[2009.09.10 19:47:22 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-28.xml
[2009.10.28 17:16:58 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-29.xml
[2007.09.20 13:37:52 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-3.xml
[2009.11.06 15:39:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-30.xml
[2009.12.18 14:23:53 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-31.xml
[2010.01.07 17:41:58 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-32.xml
[2010.01.21 08:04:38 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-33.xml
[2010.02.18 23:57:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-34.xml
[2010.02.20 11:31:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-35.xml
[2007.10.20 19:48:54 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-4.xml
[2007.11.02 14:42:33 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-5.xml
[2007.11.27 19:27:08 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-6.xml
[2007.12.02 11:10:38 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-7.xml
[2008.02.08 18:10:07 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-8.xml
[2008.03.01 19:35:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-9.xml
[2010.06.03 11:47:30 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.gif
[2010.06.03 11:47:30 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.xml
[2009.01.11 14:06:34 | 000,024,683 | ---- | M] (Ask.com) -- C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O4 - HKU\S-1-5-21-1085031214-1275210071-839522115-1004..\Run: [] File not found
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:671329E4

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

#14 Příspěvek od **vyosek** » 18 čer 2010 23:02

Dnes uz jdu spat, provedte opravu a napiste co PC, na log z opravy kouknu rano...

davi1975 · #15 Příspěvek od **davi1975** » 18 čer 2010 23:10

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-1085031214-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Yahoo" removed from browser.search.order.1
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... 2.0.0.4&q=" removed from keyword.URL
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-33.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-34.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-35.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\879loguk.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-1275210071-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\002702_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET1D8.tmp deleted successfully.
C:\WINDOWS\System32\SET43.tmp deleted successfully.
C:\WINDOWS\System32\SET4C.tmp deleted successfully.
C:\WINDOWS\System32\SET50.tmp deleted successfully.
C:\WINDOWS\System32\SET55.tmp deleted successfully.
C:\WINDOWS\System32\SET61.tmp deleted successfully.
C:\WINDOWS\System32\SET72.tmp deleted successfully.
C:\WINDOWS\System32\SET79.tmp deleted successfully.
C:\WINDOWS\System32\SET7A.tmp deleted successfully.
C:\WINDOWS\System32\SET7B.tmp deleted successfully.
C:\WINDOWS\System32\SET7C.tmp deleted successfully.
C:\WINDOWS\System32\SET7E.tmp deleted successfully.
C:\WINDOWS\System32\SET80.tmp deleted successfully.
C:\WINDOWS\System32\SET81.tmp deleted successfully.
C:\WINDOWS\System32\SET83.tmp deleted successfully.
C:\WINDOWS\System32\SET84.tmp deleted successfully.
C:\WINDOWS\System32\SETC6.tmp deleted successfully.
C:\WINDOWS\System32\SETC9.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET44.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:671329E4 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP103.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP116.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP125.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP139.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP224.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP90.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP91.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP93.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF2.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI3.tmp moved successfully.
C:\WINDOWS\Installer\MSI4.tmp moved successfully.
C:\WINDOWS\Installer\MSI45.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI4E.tmp moved successfully.
C:\WINDOWS\Installer\MSI53.tmp moved successfully.
C:\WINDOWS\Installer\MSI6.tmp moved successfully.
C:\WINDOWS\Installer\MSI7.tmp moved successfully.
C:\WINDOWS\Installer\MSIB.tmp moved successfully.
C:\WINDOWS\Installer\MSIC.tmp moved successfully.
C:\WINDOWS\msagent\SET42.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: HP
->Temp folder emptied: 27552759 bytes
->Temporary Internet Files folder emptied: 335256 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38375752 bytes
->Flash cache emptied: 2754 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33432 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 54596 bytes

Total Files Cleaned = 63,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: HP
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.6.0 log created on 06192010_000109

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_650.dat moved successfully.

Registry entries deleted on Reboot...

VIRY.CZ

Prosím o kontrolu logu děkuji

Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji