Zdravim prosim o preventivku dekuji

[SIDILKO]

Logfile of random's system information tool 1.07 (written by random/random)
Run by SIDILKO at 2010-07-08 13:55:56
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (21%) free of 8 GB
Total RAM: 767 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:56:10, on 8.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
I:\Program Files\Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
I:\Downloads\RSIT(2).exe
C:\Program Files\trend micro\SIDILKO.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{67318BDA-494F-4D8C-8342-8865DA81610A}: NameServer = 10.1.111.254,213.168.180.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{84801F2E-FB46-494D-8BDE-8D52B41A75D8}: NameServer = 10.1.111.254,213.168.180.2
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: cbssreg - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - I:\Program Files\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5480 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-25 1241552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-27 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-25 1241552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"=Mixer.exe /startup []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-07-03 2176512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-07-03 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg]
C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll [2010-04-18 38912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispAppearancePage"=0
"NoColorChoice"=0
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
"NoVisualStyleChoice"=0
"NoSizeChoice"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSMBalloonTip"=1
"NoDriveTypeAutoRun"=149
"MemCheckBoxInRunDlg"=0
"NoClose"=0
"NoAutoTrayNotify"=0
"NoResolveTrack"=0
"NoResolveSearch"=1
"NoWelcomeScreen"=1
"NoRecentDocsNetHood"=1
"NoDesktopCleanupWizard"=1
"NoSharedDocuments"=1
"NoThemesTab"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoStrCmpLogical"=
"NoClose"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{354774b9-7e2e-11df-88dd-00112f32ec3e}]
shell\AutoRun\command - E:\PainkillerSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}]
shell\AutoRun\command - I:\AutoLcd209x.exe


======List of files/folders created in the last 1 months======

2010-07-08 04:11:44 ----A---- C:\WINDOWS\unvise32.exe
2010-07-07 01:21:07 ----D---- C:\Program Files\Warcraft III
2010-07-02 21:25:17 ----D---- C:\Program Files\WinClamAVShield
2010-07-02 18:10:47 ----D---- C:\Program Files\Crawler
2010-07-02 18:10:28 ----D---- C:\Documents and Settings\SIDILKO\Data aplikací\Spyware Terminator
2010-07-02 18:10:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-07-02 18:10:10 ----D---- C:\Program Files\Spyware Terminator
2010-07-02 17:56:48 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-07-02 17:56:46 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-07-02 17:56:45 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-07-02 17:55:38 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-07-02 17:55:05 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2010-06-29 14:27:19 ----A---- C:\WINDOWS\system32\setie.txt
2010-06-29 14:24:08 ----A---- C:\WINDOWS\system32\msrun.exe
2010-06-28 12:26:43 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-06-28 12:26:43 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-06-28 12:26:42 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-06-28 12:26:42 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-06-28 12:26:41 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-06-28 12:26:40 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-06-28 12:26:40 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-06-28 12:26:39 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-06-28 12:26:38 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-06-28 12:26:38 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-06-28 12:26:37 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-06-28 12:26:37 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-06-28 12:26:36 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-06-28 12:26:35 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-06-28 12:26:34 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-06-28 12:26:33 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-06-28 12:26:32 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-06-28 12:26:32 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-06-28 12:26:31 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-06-28 12:26:30 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-06-28 12:26:30 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-06-28 12:26:29 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-06-28 12:26:28 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-06-28 12:26:28 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-06-28 12:26:27 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-06-28 12:26:27 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-06-28 12:26:26 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-06-28 12:26:26 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-06-28 12:26:25 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-06-28 12:26:24 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-06-28 12:26:24 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-06-28 12:26:23 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-06-28 12:26:23 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-06-28 12:26:22 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-06-28 12:26:22 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-06-28 12:26:21 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-06-28 12:26:20 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-06-28 12:26:20 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-06-28 12:26:19 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-06-28 12:26:18 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-06-28 12:26:18 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-06-28 12:26:17 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-06-28 12:26:16 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-06-28 12:26:16 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-06-28 12:26:16 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-06-28 12:26:15 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-06-28 12:26:14 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-06-28 12:26:13 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-06-28 12:26:13 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-06-28 12:26:12 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-06-28 12:26:12 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-06-28 12:26:11 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-06-28 12:26:10 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-06-28 12:26:09 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-06-28 12:26:09 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-06-28 12:26:08 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-06-28 12:26:07 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-06-28 12:26:06 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-06-28 12:26:06 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-06-28 12:26:06 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-06-28 12:26:05 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-06-28 12:26:05 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-06-28 12:26:04 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-06-28 12:26:04 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-06-28 12:26:03 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-06-28 12:26:03 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-06-28 12:26:02 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-06-28 12:26:01 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-06-28 12:26:01 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-06-28 12:26:00 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-06-28 12:25:59 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-06-28 12:25:59 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-06-28 12:25:58 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-06-28 12:25:58 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-06-28 12:25:58 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-06-28 12:25:57 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-06-28 12:25:57 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-06-28 12:25:56 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-06-28 12:25:56 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-06-28 12:25:56 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-06-28 12:25:55 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-06-28 12:25:55 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-06-28 12:25:55 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-06-28 12:25:54 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-06-28 12:25:54 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-06-28 12:25:54 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-06-28 12:25:53 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-06-28 12:25:52 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-06-28 12:24:18 ----D---- C:\WINDOWS\Logs
2010-06-25 12:11:16 ----D---- C:\Program Files\Codec Pack - All In 1
2010-06-25 12:10:24 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt
2010-06-22 20:44:37 ----D---- C:\Program Files\Elaborate Bytes
2010-06-20 12:31:05 ----D---- C:\WINDOWS\Minidump
2010-06-09 13:54:29 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-06-09 13:42:43 ----D---- C:\Documents and Settings\SIDILKO\Data aplikací\TuneUp Software
2010-06-09 13:42:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software

======List of files/folders modified in the last 1 months======

2010-07-08 13:56:06 ----D---- C:\Program Files\trend micro
2010-07-08 13:55:59 ----D---- C:\WINDOWS\Temp
2010-07-08 13:48:01 ----D---- C:\WINDOWS\system32
2010-07-08 12:30:17 ----SHD---- C:\WINDOWS\Installer
2010-07-08 12:06:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-08 07:46:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-08 04:11:44 ----D---- C:\WINDOWS
2010-07-08 00:37:19 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-07 01:21:07 ----RD---- C:\Program Files
2010-07-02 22:09:22 ----RSD---- C:\WINDOWS\Fonts
2010-07-02 22:01:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-02 22:00:20 ----D---- C:\WINDOWS\Prefetch
2010-07-02 18:37:47 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-07-02 18:36:51 ----SH---- C:\boot.ini
2010-07-02 18:10:42 ----D---- C:\WINDOWS\system32\drivers
2010-07-02 17:56:48 ----D---- C:\WINDOWS\system32\config
2010-07-02 17:56:44 ----SD---- C:\WINDOWS\Tasks
2010-07-02 17:34:49 ----D---- C:\Program Files\Common Files
2010-06-29 14:23:36 ----HD---- C:\WINDOWS\inf
2010-06-28 12:26:45 ----D---- C:\WINDOWS\system32\DirectX
2010-06-28 11:10:08 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-28 10:46:04 ----D---- C:\Program Files\Mozilla Firefox
2010-06-25 12:31:20 ----A---- C:\WINDOWS\iun6002.exe
2010-06-09 01:02:57 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 srenum;srenum; C:\WINDOWS\System32\DRIVERS\srenum.sys [2010-06-29 46976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 ndisrd;WinpkFilter Service; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [2010-06-29 20480]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S1 ethvncve;ethvncve; \??\C:\WINDOWS\system32\drivers\ethvncve.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 msgame;Sidewinder Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-03-03 397312]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; I:\Program Files\Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-27 153376]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-07-02 488960]
R2 SPService;SPService; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-07-02 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2006-03-02 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-03-03 516096]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-07-02 360192]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny podvecer preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Vypnete rezidentni stit u Spyware Terminatora - pral by se s Esetem

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  eventlog.dll
  scecli.dll
  netlogon.dll
  cngaudit.dll
  sceclt.dll
  ntelogon.dll
  logevent.dll
  iaStor.sys
  nvstor.sys
  atapi.sys
  IdeChnDr.sys
  viasraid.sys
  AGP440.sys
  vaxscsi.sys
  nvatabus.sys
  viamraid.sys
  nvata.sys
  nvgts.sys
  iastorv.sys
  ViPrt.sys
  eNetHook.dll
  ahcix86.sys
  KR10N.sys
  nvstor32.sys
  ahcix86s.sys
  nvrd32.sys
  symmpi.sys
  adp3132.sys
  mv61xx.sys
  nvraid.sys
  ndis.sys
  winlogon.exe
  explorer.exe
  userinit.exe
  lsass.exe
  svchost.exe
  smss.exe
  hal.dll
  ws2_32.dll
  tcpip.sys
  cryptsvc.dll
  Changer.sys
  JakNDis.sys
  isapnp.sys
  cdrom.sys
  autochk.exe
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[SIDILKO]

Dobry den,
ta lista to je od Crawler a mam nastaveny na vyhledavani na Googlu - pouzivam.
Rezidentni stit je pryc)
Scan uz jede, log je tu hned diky.

[vyosek]

Ok, takze ani crawlera z tech radku R? nebudu odstranovat - mam to ve zvyku pac se s nim nekdy tahne i bordel Ale necham to samozrejme tam, pokud to vyuzivate...

[SIDILKO]

Tak neni to nutny.. Ale libilo se mi u Google Chrome co se napsalo jako adresa tak to automaticky hledal.. Ale z nejakyho neznamyho duvodu mi po reinstalu woken nejde spustit../

[SIDILKO]

aa uz je to.


OTL logfile created on: 8.7.2010 18:32:59 - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = C:\Documents and Settings\SIDILKO\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,00 Mb Total Physical Memory | 318,00 Mb Available Physical Memory | 41,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,81 Gb Total Space | 0,91 Gb Free Space | 11,61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 653,18 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 66,71 Gb Total Space | 6,23 Gb Free Space | 9,33% Space Free | Partition Type: NTFS
Drive K: | 603,79 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SHIDIL-COMP
Current User Name: SIDILKO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.08 18:29:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SIDILKO\Plocha\OTL.exe
PRC - [2010.07.02 18:10:34 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.07.02 17:56:48 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010.06.28 10:45:47 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.28 10:45:45 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.06.25 08:08:48 | 002,497,488 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\Toolbar\CToolbar.exe
PRC - [2009.10.29 12:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) -- I:\Program Files\Hamachi\hamachi-2.exe
PRC - [2009.09.12 01:32:02 | 007,902,864 | ---- | M] (Ventis Media Inc.) -- I:\Program Files\MediaMonkey\MediaMonkey.exe
PRC - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2007.12.21 08:21:06 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.07.12 17:33:12 | 001,581,056 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2010.07.08 18:29:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SIDILKO\Plocha\OTL.exe
MOD - [2009.09.12 01:32:26 | 000,053,904 | ---- | M] () -- I:\Program Files\MediaMonkey\MMHelper.dll
MOD - [2006.03.02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006.03.02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.07.02 18:10:34 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.07.02 17:56:48 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.07.02 17:56:45 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.07.01 20:26:29 | 000,073,216 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite\sp.DLL -- (SPService)
SRV - [2009.10.29 12:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- I:\Program Files\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2008.12.11 13:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.12.21 08:22:44 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010.07.02 18:10:34 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.06.29 14:24:08 | 000,046,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\srenum.sys -- (srenum)
DRV - [2010.06.29 14:23:29 | 000,020,480 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2010.06.02 17:21:08 | 000,139,776 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ethvncve.sys -- (ethvncve)
DRV - [2010.04.09 13:16:50 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.04.09 13:16:46 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2009.09.23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.05.23 01:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.12.21 08:21:54 | 000,053,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2007.12.21 08:21:52 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2007.12.21 08:21:46 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.12.21 08:19:54 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2004.08.17 15:43:40 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002.07.16 11:58:12 | 000,379,726 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001.08.17 23:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001.08.17 22:02:40 | 000,035,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msgame.sys -- (msgame)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60327
IE - HKU\S-1-5-21-1614895754-179605362-725345543-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-1614895754-179605362-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60327&qkw="

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010.07.02 18:11:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.02 16:35:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.28 10:45:53 | 000,000,000 | ---D | M]

[2010.05.30 20:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Mozilla\Extensions
[2010.05.30 20:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Mozilla\Firefox\Profiles\uf3urxlx.default\extensions
[2010.05.31 21:55:22 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Data aplikací\Mozilla\Firefox\Profiles\uf3urxlx.default\searchplugins\daemon-search.xml
[2010.05.30 20:09:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-1614895754-179605362-725345543-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\OSTATNI\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-21-1614895754-179605362-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SIDILKO\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SIDILKO\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.22 20:08:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004.03.26 03:58:07 | 000,000,058 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{354774b9-7e2e-11df-88dd-00112f32ec3e}\Shell - "" = AutoRun
O33 - MountPoints2\{354774b9-7e2e-11df-88dd-00112f32ec3e}\Shell\AutoRun\command - "" = E:\PainkillerSetup.exe -- [2004.03.26 03:57:39 | 680,960,000 | R--- | M] ()
O33 - MountPoints2\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}\Shell - "" = AutoRun
O33 - MountPoints2\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}\Shell\AutoRun\command - "" = I:\AutoLcd209x.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Messenger - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (61093680697573376)

========== Files/Folders - Created Within 7 Days ==========

[2010.07.08 18:31:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SIDILKO\Plocha\OTL.exe
[2010.07.08 12:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SIDILKO\Plocha\Agi a Kýťa
[2010.07.08 04:11:44 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010.07.07 01:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2010.07.02 21:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2010.07.02 18:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.07.02 18:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SIDILKO\Data aplikací\Spyware Terminator
[2010.07.02 18:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.07.02 18:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.07.02 17:56:48 | 000,603,904 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2010.07.02 17:56:46 | 000,027,904 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.07.02 17:56:45 | 000,360,192 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010.07.02 17:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2009
[2010.07.02 17:55:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.07.08 18:29:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SIDILKO\Plocha\OTL.exe
[2010.07.08 18:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010.07.08 18:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010.07.08 18:02:02 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - SRDownloader.exe.lnk
[2010.07.08 18:00:34 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.07.08 17:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010.07.08 17:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010.07.08 16:09:02 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010.07.08 16:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010.07.08 15:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010.07.08 15:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010.07.08 14:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010.07.08 14:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010.07.08 13:47:42 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Launch Painkiller!.lnk
[2010.07.08 13:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010.07.08 13:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010.07.08 12:50:21 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.08 12:45:41 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\SIDILKO\NTUSER.DAT
[2010.07.08 12:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010.07.08 12:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010.07.08 11:42:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.08 11:38:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.08 11:38:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.08 11:38:44 | 804,048,896 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.08 07:46:16 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\SIDILKO\ntuser.ini
[2010.07.08 07:46:14 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\SIDILKO\Local Settings\Data aplikací\IconCache.db
[2010.07.08 07:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010.07.08 07:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010.07.08 06:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010.07.08 06:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010.07.08 05:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010.07.08 05:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010.07.08 04:09:02 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010.07.08 04:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010.07.08 03:09:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010.07.08 03:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010.07.08 02:09:05 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010.07.08 02:09:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010.07.08 01:09:04 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010.07.08 01:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010.07.08 00:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010.07.08 00:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010.07.07 23:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010.07.07 23:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010.07.07 22:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010.07.07 22:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010.07.07 21:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010.07.07 21:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010.07.07 20:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010.07.07 20:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010.07.07 19:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010.07.07 19:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010.07.07 15:30:40 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Portable Quake III.exe.lnk
[2010.07.07 02:45:15 | 000,018,064 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.07.07 02:40:41 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Warcraft III.exe.lnk
[2010.07.07 02:40:38 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Frozen Throne.exe.lnk
[2010.07.06 23:17:11 | 010,368,054 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Bez názvu.bmp
[2010.07.02 22:01:05 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010.07.02 18:37:47 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010.07.02 18:37:47 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010.07.02 18:37:47 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010.07.02 18:37:47 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010.07.02 18:37:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010.07.02 18:37:46 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010.07.02 18:36:51 | 000,000,389 | -HS- | M] () -- C:\boot.ini
[2010.07.02 18:10:34 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.07.02 17:56:48 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2010.07.02 17:56:45 | 000,360,192 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010.07.02 17:19:10 | 000,249,415 | ---- | M] () -- C:\Documents and Settings\SIDILKO\Plocha\Hronov.JPG
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.08 18:02:02 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - SRDownloader.exe.lnk
[2010.07.08 13:47:41 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Launch Painkiller!.lnk
[2010.07.08 00:42:03 | 001,689,852 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\12. Južanský typ (Rap Strappo, Hudba Analytik).MP3
[2010.07.07 15:30:40 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Portable Quake III.exe.lnk
[2010.07.07 02:40:41 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Warcraft III.exe.lnk
[2010.07.07 02:40:38 | 000,000,658 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Zástupce - Frozen Throne.exe.lnk
[2010.07.06 23:17:09 | 010,368,054 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Bez názvu.bmp
[2010.07.02 18:10:34 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.07.02 17:19:10 | 000,249,415 | ---- | C] () -- C:\Documents and Settings\SIDILKO\Plocha\Hronov.JPG
[2010.06.29 14:24:08 | 000,046,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\srenum.sys
[2010.06.02 17:21:08 | 000,139,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\ethvncve.sys
[2010.05.30 19:15:16 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.05.30 19:15:16 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2010.05.06 12:29:17 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2010.05.04 21:49:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010.03.23 00:53:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.22 23:17:52 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010.03.22 23:11:08 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2006.03.02 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.03.03 06:29:58 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

========== LOP Check ==========

[2010.05.31 21:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.11 23:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.07.08 11:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.09 13:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.07.02 17:55:05 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.05.30 21:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OSTATNI\Data aplikací\Bump Technologies, Inc
[2010.04.12 08:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OSTATNI\Data aplikací\ESET
[2010.03.23 11:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OSTATNI\Data aplikací\OpenOffice.org
[2010.07.08 11:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OSTATNI\Data aplikací\Spyware Terminator
[2010.05.30 19:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Bump Technologies, Inc
[2010.05.31 21:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\DAEMON Tools Lite
[2010.04.11 23:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\ESET
[2010.03.24 19:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\GetRightToGo
[2010.03.25 01:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\GHISLER
[2010.05.25 10:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Nvu
[2010.03.23 00:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\OpenOffice.org
[2010.07.07 22:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Spyware Terminator
[2010.05.29 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Styler
[2010.06.09 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\TuneUp Software
[2010.07.08 18:00:34 | 000,000,490 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.07.08 00:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010.06.25 09:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010.06.28 10:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010.06.28 11:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010.07.08 12:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010.07.08 13:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010.07.08 14:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010.07.08 15:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010.07.08 16:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010.07.08 17:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010.07.08 18:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010.07.08 01:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010.07.07 19:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010.07.07 20:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010.07.07 21:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010.07.07 22:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010.07.07 23:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010.07.08 00:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2010.07.08 01:09:04 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2010.07.08 02:09:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2010.07.08 03:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2010.07.08 04:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2010.07.08 02:09:05 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010.07.08 05:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2010.07.08 06:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2010.07.08 07:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2010.06.28 08:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2010.06.25 09:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2010.06.28 10:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2010.06.28 11:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010.07.08 12:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010.07.08 13:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010.07.08 14:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2010.07.08 03:09:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010.07.08 15:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010.07.08 16:09:02 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010.07.08 17:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010.07.08 18:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010.07.07 19:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010.07.07 20:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2010.07.07 21:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2010.07.07 22:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010.07.07 23:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010.07.08 04:09:02 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010.07.08 05:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010.07.08 06:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010.07.08 07:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010.06.28 08:09:00 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.07.03 22:29:39 | 003,037,696 | ---- | M] (Crawler.com)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.22 20:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Adobe
[2010.05.30 19:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Bump Technologies, Inc
[2010.05.31 21:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\DAEMON Tools Lite
[2010.04.11 23:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\ESET
[2010.03.24 19:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\GetRightToGo
[2010.03.25 01:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\GHISLER
[2010.03.22 23:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Help
[2010.03.22 20:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Identities
[2010.03.22 20:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Macromedia
[2010.05.29 16:14:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Microsoft
[2010.05.30 20:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Mozilla
[2010.03.22 21:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Nero
[2010.05.25 10:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Nvu
[2010.03.23 00:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\OpenOffice.org
[2010.07.07 22:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Spyware Terminator
[2010.05.29 00:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Styler
[2010.05.27 22:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\Sun
[2010.06.09 13:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\TuneUp Software
[2010.03.22 21:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SIDILKO\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.04.20 00:00:01 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\SIDILKO\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe


< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.07.02 22:01:05 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010.07.02 22:01:05 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2006.03.02 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.03.22 21:49:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.03.22 21:49:38 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.03.22 21:49:37 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.07.08 12:44:44 | 000,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys

< %systemroot%\system32\*.* /3 >
[2010.07.08 11:42:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

[vyosek]

Zkontrolujte jestli mate v G Chrome Nastaveni-Moznosti-Zaklady-Vychozi vyhledavani nasteno Google

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  O4 - HKLM..\Run: [KernelFaultCheck] File not found
  O33 - MountPoints2\{354774b9-7e2e-11df-88dd-00112f32ec3e}\Shell - "" = AutoRun
  O33 - MountPoints2\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}\Shell - "" = AutoRun
  [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->  ]
  
  :files
  C:\WINDOWS\system32\*.tmp.dll /s
  C:\WINDOWS\system32\SET*.tmp /s
  C:\WINDOWS\*.tmp /s
  C:\WINDOWS\tasks\At*.job
  
  :commands
  [EMPTYTEMP]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[SIDILKO]

tady je..


All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{354774b9-7e2e-11df-88dd-00112f32ec3e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354774b9-7e2e-11df-88dd-00112f32ec3e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6e08cf6-47e1-11df-87e6-00112f32ec3e}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Installer\MSI4.tmp moved successfully.
C:\WINDOWS\Temp\abbb.tmp folder moved successfully.
C:\WINDOWS\Temp\agmg.tmp folder moved successfully.
C:\WINDOWS\Temp\akfx.tmp folder moved successfully.
C:\WINDOWS\Temp\aoub.tmp folder moved successfully.
C:\WINDOWS\Temp\apya.tmp folder moved successfully.
C:\WINDOWS\Temp\aqxd.tmp folder moved successfully.
C:\WINDOWS\Temp\arcb.tmp folder moved successfully.
C:\WINDOWS\Temp\asyc.tmp folder moved successfully.
C:\WINDOWS\Temp\auyh.tmp folder moved successfully.
C:\WINDOWS\Temp\belo.tmp folder moved successfully.
C:\WINDOWS\Temp\bfpa.tmp folder moved successfully.
C:\WINDOWS\Temp\bgwb.tmp folder moved successfully.
C:\WINDOWS\Temp\bjni.tmp folder moved successfully.
C:\WINDOWS\Temp\bmci.tmp folder moved successfully.
C:\WINDOWS\Temp\bmse.tmp folder moved successfully.
C:\WINDOWS\Temp\bvxo.tmp folder moved successfully.
C:\WINDOWS\Temp\bwxa.tmp folder moved successfully.
C:\WINDOWS\Temp\cgre.tmp folder moved successfully.
C:\WINDOWS\Temp\cgyy.tmp folder moved successfully.
C:\WINDOWS\Temp\chho.tmp folder moved successfully.
C:\WINDOWS\Temp\chrr.tmp folder moved successfully.
C:\WINDOWS\Temp\cirv.tmp folder moved successfully.
C:\WINDOWS\Temp\cqsp.tmp folder moved successfully.
C:\WINDOWS\Temp\crbs.tmp folder moved successfully.
C:\WINDOWS\Temp\csdb.tmp folder moved successfully.
C:\WINDOWS\Temp\ctty.tmp folder moved successfully.
C:\WINDOWS\Temp\ddnx.tmp folder moved successfully.
C:\WINDOWS\Temp\dncn.tmp folder moved successfully.
C:\WINDOWS\Temp\doeo.tmp folder moved successfully.
C:\WINDOWS\Temp\dpdu.tmp folder moved successfully.
C:\WINDOWS\Temp\eafr.tmp folder moved successfully.
C:\WINDOWS\Temp\efnq.tmp folder moved successfully.
C:\WINDOWS\Temp\ehll.tmp folder moved successfully.
C:\WINDOWS\Temp\eioh.tmp folder moved successfully.
C:\WINDOWS\Temp\ejsh.tmp folder moved successfully.
C:\WINDOWS\Temp\elba.tmp folder moved successfully.
C:\WINDOWS\Temp\eles.tmp folder moved successfully.
C:\WINDOWS\Temp\emhk.tmp folder moved successfully.
C:\WINDOWS\Temp\esru.tmp folder moved successfully.
C:\WINDOWS\Temp\euei.tmp folder moved successfully.
C:\WINDOWS\Temp\fdrn.tmp folder moved successfully.
C:\WINDOWS\Temp\flcu.tmp folder moved successfully.
C:\WINDOWS\Temp\fpff.tmp folder moved successfully.
C:\WINDOWS\Temp\fpvo.tmp folder moved successfully.
C:\WINDOWS\Temp\frfe.tmp folder moved successfully.
C:\WINDOWS\Temp\ftko.tmp folder moved successfully.
C:\WINDOWS\Temp\fwev.tmp folder moved successfully.
C:\WINDOWS\Temp\fwsm.tmp folder moved successfully.
C:\WINDOWS\Temp\fxsh.tmp folder moved successfully.
C:\WINDOWS\Temp\fywk.tmp folder moved successfully.
C:\WINDOWS\Temp\gije.tmp folder moved successfully.
C:\WINDOWS\Temp\gmwf.tmp folder moved successfully.
C:\WINDOWS\Temp\gqax.tmp folder moved successfully.
C:\WINDOWS\Temp\gqhu.tmp folder moved successfully.
C:\WINDOWS\Temp\grba.tmp folder moved successfully.
C:\WINDOWS\Temp\gtyl.tmp folder moved successfully.
C:\WINDOWS\Temp\guav.tmp folder moved successfully.
C:\WINDOWS\Temp\gvjr.tmp folder moved successfully.
C:\WINDOWS\Temp\gvre.tmp folder moved successfully.
C:\WINDOWS\Temp\gyyx.tmp folder moved successfully.
C:\WINDOWS\Temp\hqih.tmp folder moved successfully.
C:\WINDOWS\Temp\hsbb.tmp folder moved successfully.
C:\WINDOWS\Temp\hsqk.tmp folder moved successfully.
C:\WINDOWS\Temp\hytm.tmp folder moved successfully.
C:\WINDOWS\Temp\hyyk.tmp folder moved successfully.
C:\WINDOWS\Temp\iboi.tmp folder moved successfully.
C:\WINDOWS\Temp\ifqe.tmp folder moved successfully.
C:\WINDOWS\Temp\iomu.tmp folder moved successfully.
C:\WINDOWS\Temp\ipyk.tmp folder moved successfully.
C:\WINDOWS\Temp\iqns.tmp folder moved successfully.
C:\WINDOWS\Temp\iwts.tmp folder moved successfully.
C:\WINDOWS\Temp\ixjq.tmp folder moved successfully.
C:\WINDOWS\Temp\ixtq.tmp folder moved successfully.
C:\WINDOWS\Temp\iycn.tmp folder moved successfully.
C:\WINDOWS\Temp\jcdm.tmp folder moved successfully.
C:\WINDOWS\Temp\jijv.tmp folder moved successfully.
C:\WINDOWS\Temp\jjev.tmp folder moved successfully.
C:\WINDOWS\Temp\jlqt.tmp folder moved successfully.
C:\WINDOWS\Temp\jltj.tmp folder moved successfully.
C:\WINDOWS\Temp\jnem.tmp folder moved successfully.
C:\WINDOWS\Temp\jrfv.tmp folder moved successfully.
C:\WINDOWS\Temp\jwsv.tmp folder moved successfully.
C:\WINDOWS\Temp\jyis.tmp folder moved successfully.
C:\WINDOWS\Temp\kgiw.tmp folder moved successfully.
C:\WINDOWS\Temp\kkab.tmp folder moved successfully.
C:\WINDOWS\Temp\kkmd.tmp folder moved successfully.
C:\WINDOWS\Temp\kkmt.tmp folder moved successfully.
C:\WINDOWS\Temp\kkyx.tmp folder moved successfully.
C:\WINDOWS\Temp\kmeh.tmp folder moved successfully.
C:\WINDOWS\Temp\ksjv.tmp folder moved successfully.
C:\WINDOWS\Temp\kvgk.tmp folder moved successfully.
C:\WINDOWS\Temp\kxdv.tmp folder moved successfully.
C:\WINDOWS\Temp\kxhb.tmp folder moved successfully.
C:\WINDOWS\Temp\kxpj.tmp folder moved successfully.
C:\WINDOWS\Temp\kywp.tmp folder moved successfully.
C:\WINDOWS\Temp\lgau.tmp folder moved successfully.
C:\WINDOWS\Temp\losp.tmp folder moved successfully.
C:\WINDOWS\Temp\lsgc.tmp folder moved successfully.
C:\WINDOWS\Temp\ltdh.tmp folder moved successfully.
C:\WINDOWS\Temp\ltpy.tmp folder moved successfully.
C:\WINDOWS\Temp\lymb.tmp folder moved successfully.
C:\WINDOWS\Temp\mgsj.tmp folder moved successfully.
C:\WINDOWS\Temp\mjso.tmp folder moved successfully.
C:\WINDOWS\Temp\mkkh.tmp folder moved successfully.
C:\WINDOWS\Temp\mkmh.tmp folder moved successfully.
C:\WINDOWS\Temp\mnna.tmp folder moved successfully.
C:\WINDOWS\Temp\moyk.tmp folder moved successfully.
C:\WINDOWS\Temp\msqm.tmp folder moved successfully.
C:\WINDOWS\Temp\mucn.tmp folder moved successfully.
C:\WINDOWS\Temp\mwll.tmp folder moved successfully.
C:\WINDOWS\Temp\nach.tmp folder moved successfully.
C:\WINDOWS\Temp\ncmu.tmp folder moved successfully.
C:\WINDOWS\Temp\nhts.tmp folder moved successfully.
C:\WINDOWS\Temp\noun.tmp folder moved successfully.
C:\WINDOWS\Temp\nrvd.tmp folder moved successfully.
C:\WINDOWS\Temp\nssm.tmp folder moved successfully.
C:\WINDOWS\Temp\nxmp.tmp folder moved successfully.
C:\WINDOWS\Temp\obsq.tmp folder moved successfully.
C:\WINDOWS\Temp\ocri.tmp folder moved successfully.
C:\WINDOWS\Temp\ohvj.tmp folder moved successfully.
C:\WINDOWS\Temp\ojkp.tmp folder moved successfully.
C:\WINDOWS\Temp\ojve.tmp folder moved successfully.
C:\WINDOWS\Temp\omba.tmp folder moved successfully.
C:\WINDOWS\Temp\ooqv.tmp folder moved successfully.
C:\WINDOWS\Temp\orax.tmp folder moved successfully.
C:\WINDOWS\Temp\orwt.tmp folder moved successfully.
C:\WINDOWS\Temp\otmt.tmp folder moved successfully.
C:\WINDOWS\Temp\ovok.tmp folder moved successfully.
C:\WINDOWS\Temp\oxpf.tmp folder moved successfully.
C:\WINDOWS\Temp\pksl.tmp folder moved successfully.
C:\WINDOWS\Temp\plao.tmp folder moved successfully.
C:\WINDOWS\Temp\plcs.tmp folder moved successfully.
C:\WINDOWS\Temp\psjv.tmp folder moved successfully.
C:\WINDOWS\Temp\pynd.tmp folder moved successfully.
C:\WINDOWS\Temp\qbse.tmp folder moved successfully.
C:\WINDOWS\Temp\qdnl.tmp folder moved successfully.
C:\WINDOWS\Temp\qebi.tmp folder moved successfully.
C:\WINDOWS\Temp\qebs.tmp folder moved successfully.
C:\WINDOWS\Temp\qgum.tmp folder moved successfully.
C:\WINDOWS\Temp\qhua.tmp folder moved successfully.
C:\WINDOWS\Temp\qhxn.tmp folder moved successfully.
C:\WINDOWS\Temp\qitg.tmp folder moved successfully.
C:\WINDOWS\Temp\qmhy.tmp folder moved successfully.
C:\WINDOWS\Temp\qohx.tmp folder moved successfully.
C:\WINDOWS\Temp\qowl.tmp folder moved successfully.
C:\WINDOWS\Temp\qrtp.tmp folder moved successfully.
C:\WINDOWS\Temp\qukn.tmp folder moved successfully.
C:\WINDOWS\Temp\reci.tmp folder moved successfully.
C:\WINDOWS\Temp\riox.tmp folder moved successfully.
C:\WINDOWS\Temp\root.tmp folder moved successfully.
C:\WINDOWS\Temp\rpau.tmp folder moved successfully.
C:\WINDOWS\Temp\rrek.tmp folder moved successfully.
C:\WINDOWS\Temp\rxvi.tmp folder moved successfully.
C:\WINDOWS\Temp\sbft.tmp folder moved successfully.
C:\WINDOWS\Temp\sbnh.tmp folder moved successfully.
C:\WINDOWS\Temp\seqi.tmp folder moved successfully.
C:\WINDOWS\Temp\sksr.tmp folder moved successfully.
C:\WINDOWS\Temp\smip.tmp folder moved successfully.
C:\WINDOWS\Temp\snig.tmp folder moved successfully.
C:\WINDOWS\Temp\ssdc.tmp folder moved successfully.
C:\WINDOWS\Temp\svcp.tmp folder moved successfully.
C:\WINDOWS\Temp\sxcq.tmp folder moved successfully.
C:\WINDOWS\Temp\sywb.tmp folder moved successfully.
C:\WINDOWS\Temp\teiw.tmp folder moved successfully.
C:\WINDOWS\Temp\tekm.tmp folder moved successfully.
C:\WINDOWS\Temp\tgwg.tmp folder moved successfully.
C:\WINDOWS\Temp\thjo.tmp folder moved successfully.
C:\WINDOWS\Temp\tjcf.tmp folder moved successfully.
C:\WINDOWS\Temp\tlra.tmp folder moved successfully.
C:\WINDOWS\Temp\tpvy.tmp folder moved successfully.
C:\WINDOWS\Temp\trrr.tmp folder moved successfully.
C:\WINDOWS\Temp\tthg.tmp folder moved successfully.
C:\WINDOWS\Temp\ughp.tmp folder moved successfully.
C:\WINDOWS\Temp\uhgk.tmp folder moved successfully.
C:\WINDOWS\Temp\uigy.tmp folder moved successfully.
C:\WINDOWS\Temp\uins.tmp folder moved successfully.
C:\WINDOWS\Temp\ujue.tmp folder moved successfully.
C:\WINDOWS\Temp\umgs.tmp folder moved successfully.
C:\WINDOWS\Temp\uoyy.tmp folder moved successfully.
C:\WINDOWS\Temp\uxxq.tmp folder moved successfully.
C:\WINDOWS\Temp\vegc.tmp folder moved successfully.
C:\WINDOWS\Temp\vnex.tmp folder moved successfully.
C:\WINDOWS\Temp\vwft.tmp folder moved successfully.
C:\WINDOWS\Temp\vxou.tmp folder moved successfully.
C:\WINDOWS\Temp\vykl.tmp folder moved successfully.
C:\WINDOWS\Temp\waci.tmp folder moved successfully.
C:\WINDOWS\Temp\watp.tmp folder moved successfully.
C:\WINDOWS\Temp\wfhp.tmp folder moved successfully.
C:\WINDOWS\Temp\wgnl.tmp folder moved successfully.
C:\WINDOWS\Temp\wkyw.tmp folder moved successfully.
C:\WINDOWS\Temp\wrsc.tmp folder moved successfully.
C:\WINDOWS\Temp\wutu.tmp folder moved successfully.
C:\WINDOWS\Temp\xbdj.tmp folder moved successfully.
C:\WINDOWS\Temp\xbox.tmp folder moved successfully.
C:\WINDOWS\Temp\xcqj.tmp folder moved successfully.
C:\WINDOWS\Temp\xdyd.tmp folder moved successfully.
C:\WINDOWS\Temp\xeio.tmp folder moved successfully.
C:\WINDOWS\Temp\xfbc.tmp folder moved successfully.
C:\WINDOWS\Temp\xfcm.tmp folder moved successfully.
C:\WINDOWS\Temp\xikr.tmp folder moved successfully.
C:\WINDOWS\Temp\xjeg.tmp folder moved successfully.
C:\WINDOWS\Temp\xkoo.tmp folder moved successfully.
C:\WINDOWS\Temp\xlmm.tmp folder moved successfully.
C:\WINDOWS\Temp\xpqt.tmp folder moved successfully.
C:\WINDOWS\Temp\xpss.tmp folder moved successfully.
C:\WINDOWS\Temp\xtng.tmp folder moved successfully.
C:\WINDOWS\Temp\ybbt.tmp folder moved successfully.
C:\WINDOWS\Temp\ydby.tmp folder moved successfully.
C:\WINDOWS\Temp\yeuo.tmp folder moved successfully.
C:\WINDOWS\Temp\yfwo.tmp folder moved successfully.
C:\WINDOWS\Temp\ygms.tmp folder moved successfully.
C:\WINDOWS\Temp\yixh.tmp folder moved successfully.
C:\WINDOWS\Temp\ymhg.tmp folder moved successfully.
C:\WINDOWS\Temp\yoae.tmp folder moved successfully.
C:\WINDOWS\Temp\yqca.tmp folder moved successfully.
C:\WINDOWS\Temp\yvdq.tmp folder moved successfully.
C:\WINDOWS\Temp\ywmw.tmp folder moved successfully.
C:\WINDOWS\Temp\yygq.tmp folder moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At25.job moved successfully.
C:\WINDOWS\tasks\At26.job moved successfully.
C:\WINDOWS\tasks\At27.job moved successfully.
C:\WINDOWS\tasks\At28.job moved successfully.
C:\WINDOWS\tasks\At29.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At30.job moved successfully.
C:\WINDOWS\tasks\At31.job moved successfully.
C:\WINDOWS\tasks\At32.job moved successfully.
C:\WINDOWS\tasks\At33.job moved successfully.
C:\WINDOWS\tasks\At34.job moved successfully.
C:\WINDOWS\tasks\At35.job moved successfully.
C:\WINDOWS\tasks\At36.job moved successfully.
C:\WINDOWS\tasks\At37.job moved successfully.
C:\WINDOWS\tasks\At38.job moved successfully.
C:\WINDOWS\tasks\At39.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At40.job moved successfully.
C:\WINDOWS\tasks\At41.job moved successfully.
C:\WINDOWS\tasks\At42.job moved successfully.
C:\WINDOWS\tasks\At43.job moved successfully.
C:\WINDOWS\tasks\At44.job moved successfully.
C:\WINDOWS\tasks\At45.job moved successfully.
C:\WINDOWS\tasks\At46.job moved successfully.
C:\WINDOWS\tasks\At47.job moved successfully.
C:\WINDOWS\tasks\At48.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes

User: OSTATNI
->Temp folder emptied: 8021508 bytes
->Temporary Internet Files folder emptied: 215264205 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 39896188 bytes
->Flash cache emptied: 12699 bytes

User: SIDILKO
->Temp folder emptied: 794257355 bytes
->Temporary Internet Files folder emptied: 278837850 bytes
->Java cache emptied: 16782 bytes
->FireFox cache emptied: 61775884 bytes
->Google Chrome cache emptied: 109745438 bytes
->Flash cache emptied: 1995007 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81920 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 104824 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 440,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: OSTATNI
->Flash cache emptied: 0 bytes

User: SIDILKO
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.8.1 log created on 07082010_190244

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\SIDILKO\Local Settings\Temporary Internet Files\Content.IE5\OJ2LGBLM\02 - taťaka mi udělal čepici not found!

Registry entries deleted on Reboot...

[vyosek]

No hezkou sbirku balastu v podobe tempu jste tam mel

Jak se chova ted PC co ten G chrome

[SIDILKO]

no s pc to vypada lepe:) DEKUJI
Jdu stahnout a nainstalovat ten chrome..

[vyosek]

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Poprosim o novy log ze RSITu a dejte info co ten chrome

[SIDILKO]

tak GChrome jsem stahnul a zapnul ale nenacte zadnou stranku..

[vyosek]

Nenacte po zapnuti nebo zadnou (napr. kdyz zadate www.viry.cz)

[SIDILKO]

at dam viry.cz nebo www.viry.cz nebo domu nebo nova karta vubec nic..

log za chvilku..

[vyosek]

Vypisuje nejakou chybu Zkuste jej reinstalovat, mozna si postavil hlavu