Zavirovany NB

Zpráva

solaris104 · #1 Příspěvek od **solaris104** » 02 srp 2011 09:00

Dostal se mi do ruky NB, kde se nespusti antivir Avast. Zde je log z HijackThis, prosim poradte.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:53:56, on 2.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\windows\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\FreeCommander\FreeCommander.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\windows\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca0176657a4ba) (gupdate1ca0176657a4ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 9402 bytes

#2 Příspěvek od **vyosek** » 02 srp 2011 09:11

Zdravim a pekny den preji

Dejte prosim log z RSIT - viz muj podpis a pravidla fora - je podrobnejsi nez HJT

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

solaris104 · #3 Příspěvek od **solaris104** » 02 srp 2011 10:08

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-08-02 11:04:27
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (13%) free of 20 GB
Total RAM: 2039 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\AWC AutoSweep.job
C:\windows\tasks\AWC Update.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\rpbrowserrecordplugin.dll [2009-07-10 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-28 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-28 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-06 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-03-20 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} -
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-03-20 2349080]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-28 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-06 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-06 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-06 138008]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-11-06 16384512]
"SkyTel"=C:\windows\SkyTel.EXE [2007-11-06 1826816]
"Alcmtr"=C:\windows\ALCMTR.EXE [2007-11-06 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-06 148888]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-10 198160]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-11 241664]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-03-13 75048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2004-08-17 15360]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Matuštík jr^Nabídka Start^Programy^Po spuštění^TransBar.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Matuštík jr^Nabídka Start^Programy^Po spuštění^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Matuštík jr^Nabídka Start^Programy^Po spuštění^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\YzShadow\YzShadow.exe [2006-05-21 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2007-11-06 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Hry\Counter-Strike 1.6\hlds.exe"="D:\Hry\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Hry\Counter-Strike 1.6\hl.exe"="D:\Hry\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Torrent\uTorrent\utorrent.exe"="C:\Program Files\Torrent\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Hry\Flat Out 2\FlatOut2\FlatOut2.exe"="D:\Hry\Flat Out 2\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"D:\Hry\Warcraft 3 the frozen throne 1.17\Warcraft III L T\War3.exe"="D:\Hry\Warcraft 3 the frozen throne 1.17\Warcraft III L T\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe"="C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe:*:Enabled:CyberLink PowerDVD 10.0"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Steam\steamapps\matushhh\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\matushhh\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Steam\steamapps\capslock8\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\capslock8\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2011-08-02 11:04:27 ----D---- C:\rsit
2011-08-02 11:04:27 ----D---- C:\Program Files\trend micro
2011-08-02 11:03:06 ----D---- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Sun
2011-08-02 09:53:35 ----D---- C:\Clean
2011-08-02 09:40:20 ----D---- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Real
2011-08-02 09:40:10 ----D---- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Identities
2011-08-02 09:38:51 ----SD---- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Microsoft
2011-08-02 09:38:51 ----ASH---- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\desktop.ini
2011-07-28 23:02:39 ----A---- C:\windows\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2011-08-02 11:04:27 ----RD---- C:\Program Files
2011-08-02 11:03:50 ----AD---- C:\windows\system32
2011-08-02 11:03:08 ----D---- C:\windows\Prefetch
2011-08-02 09:50:33 ----D---- C:\windows\system32\CatRoot2
2011-08-02 09:42:17 ----D---- C:\windows\Temp
2011-08-02 09:40:16 ----SHD---- C:\windows\Installer
2011-08-02 09:40:13 ----A---- C:\windows\OEWABLog.txt
2011-08-02 09:40:11 ----D---- C:\WINDOWS
2011-08-02 09:38:50 ----D---- C:\Documents and Settings
2011-08-02 09:37:46 ----D---- C:\windows\pss
2011-08-02 09:37:46 ----A---- C:\windows\win.ini
2011-08-02 09:37:46 ----A---- C:\windows\system.ini
2011-08-02 09:31:06 ----A---- C:\windows\SchedLgU.Txt
2011-08-02 09:23:00 ----D---- C:\Program Files\Steam
2011-07-28 23:13:26 ----D---- C:\windows\system32\config
2011-07-28 23:13:04 ----D---- C:\windows\system32\wbem
2011-07-28 23:13:02 ----D---- C:\windows\Registration
2011-07-28 23:11:42 ----D---- C:\windows\system32\drivers
2011-07-28 23:11:00 ----D---- C:\Program Files\TeamSpeak 3 Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2008-12-11 277784]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-12-13 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/06 11:45:56]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2007-11-06 1161888]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2010-07-18 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 ialm;ialm; C:\windows\system32\DRIVERS\igxpmp32.sys [2007-11-06 5761760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-11-06 4608000]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8187B.sys [2007-11-06 264576]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 aauy69dq;aauy69dq; C:\windows\system32\drivers\aauy69dq.sys []
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2007-02-11 13824]
S3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\MATUTK~1\LOCALS~1\Temp\VCV9F.tmp []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0102;RsFx0102 Driver; C:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-11-06 9216]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-06 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 gupdate1ca0176657a4ba;Služba Google Update (gupdate1ca0176657a4ba); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-10 133104]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-10 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2004-08-17 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.WGNAWE
----- EOF -----

#4 Příspěvek od **vyosek** » 02 srp 2011 10:32

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

solaris104 · #5 Příspěvek od **solaris104** » 02 srp 2011 11:40

Prikladam pozadovane logy

OTL logfile created on: 2.8.2011 12:26:21 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Administrator.MATU-8196748980\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 79,24% Memory free
3,84 Gb Paging File | 3,52 Gb Available in Paging File | 91,60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,68 Gb Free Space | 13,74% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 28,45 Gb Free Space | 17,06% Space Free | Partition Type: NTFS
Drive F: | 7,44 Gb Total Space | 7,44 Gb Free Space | 99,97% Space Free | Partition Type: FAT32

Computer Name: MATU-8196748980 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.08.02 12:18:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\OTL.exe
PRC - [2010.09.07 18:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.13 13:58:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 01:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.07.01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.02.17 21:34:16 | 001,392,128 | ---- | M] (Marek Jasinski - www.FreeCommander.com) -- C:\Program Files\FreeCommander\FreeCommander.exe
PRC - [2007.11.06 16:38:44 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007.02.11 00:07:32 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2004.08.17 14:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011.08.02 12:18:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\OTL.exe
MOD - [2004.08.17 14:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.04.02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2007.11.06 16:38:44 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

========== Driver Services (SafeList) ==========

DRV - [2010.09.07 17:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 17:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 17:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 17:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 17:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 17:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.18 19:06:57 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.03.13 13:58:52 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/06 11:45:56] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2008.12.13 14:08:42 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.07.10 03:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2007.11.06 16:41:42 | 000,264,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007.11.06 16:40:10 | 004,608,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.11.06 16:38:44 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.02.11 01:55:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.01.24 19:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-796845957-1284227242-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\browserrecord [2009.07.10 17:50:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.05 17:32:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.27 19:55:00 | 000,000,000 | ---D | M]

[2011.07.21 20:19:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008.12.13 14:12:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.27 19:54:54 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.27 19:54:54 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.06.27 19:54:54 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.27 19:54:54 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.27 19:54:54 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - Reg Error: Value error. File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\windows\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-1284227242-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Value error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.08.02 12:24:54 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\OTL.exe
[2011.08.02 11:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.02 11:04:27 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.02 11:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Sun
[2011.08.02 09:53:35 | 000,000,000 | ---D | C] -- C:\Clean
[2011.08.02 09:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Real
[2011.08.02 09:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Identities
[2011.08.02 09:40:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Dokumenty\Hudba
[2011.08.02 09:40:06 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Dokumenty\Obrázky
[2011.08.02 09:38:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Oblíbené položky
[2011.08.02 09:38:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Microsoft
[2011.08.02 09:38:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Dokumenty
[2011.08.02 09:38:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Cookies
[2011.08.02 09:38:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\SendTo
[2011.08.02 09:38:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací
[2011.08.02 09:38:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start\Programy\Příslušenství
[2011.08.02 09:38:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start\Programy\Po spuštění
[2011.08.02 09:38:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start
[2011.08.02 09:38:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Recent
[2011.08.02 09:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Šablony
[2011.08.02 09:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Okolní tiskárny
[2011.08.02 09:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Okolní síť
[2011.08.02 09:38:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Local Settings
[2011.08.02 09:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha
[2011.08.02 09:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.MATU-8196748980\Local Settings\Data aplikací\Microsoft
[2009.07.10 17:50:46 | 000,692,224 | ---- | C] ( ) -- C:\Program Files\dtdr3260.dll
[2009.07.10 17:50:46 | 000,014,336 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\wmdmhelper.dll
[2009.07.10 17:50:45 | 000,659,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjbres.dll
[2009.07.10 17:50:45 | 000,339,968 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjdlg.dll
[2009.07.10 17:50:45 | 000,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\DUNZIP32.dll
[2009.07.10 17:50:45 | 000,041,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\mmcdda32.dll
[2009.07.10 17:50:45 | 000,036,352 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\ierjplug.dll
[2009.07.10 17:50:45 | 000,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tnetdtct.dll
[2009.07.10 17:50:45 | 000,019,456 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjprog.dll
[2009.07.10 17:50:45 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\fixrjb.exe
[2009.07.10 17:50:44 | 000,081,920 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tsasdk.dll
[2009.07.10 17:50:44 | 000,057,344 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tpasdk.dll
[2009.07.10 17:50:43 | 000,153,152 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RecordingManager.exe
[2009.07.10 17:50:43 | 000,043,056 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshellsearch.dll
[2009.07.10 17:50:43 | 000,032,768 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpwa3260.dll
[2009.07.10 17:50:42 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2009.07.10 17:50:42 | 000,312,928 | ---- | C] (RealPlayer) -- C:\Program Files\rpbrowserrecordplugin.dll
[2009.07.10 17:50:42 | 000,245,760 | ---- | C] (RealPlayer) -- C:\Program Files\rpchromebrowserrecordplugin.dll
[2009.07.10 17:50:42 | 000,065,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjwmapln.dll
[2009.07.10 17:50:40 | 000,053,248 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpau3260.dll
[2009.07.10 17:50:36 | 000,098,304 | ---- | C] (RealPlayer) -- C:\Program Files\rpshellextension.dll
[2009.07.10 17:50:36 | 000,095,784 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rdsf3260.dll
[2009.07.10 17:50:36 | 000,086,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpplugprot.dll
[2009.07.10 17:50:36 | 000,063,016 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshell.dll
[2009.07.10 17:50:34 | 000,214,536 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realplay.exe
[2009.07.10 17:50:34 | 000,009,216 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rphelperapp.exe
[2009.07.10 17:50:34 | 000,007,168 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realjbox.exe
[2009.07.09 15:24:08 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71.DLL
[2009.07.09 15:24:08 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSVCR71.DLL
[2009.07.09 15:24:07 | 000,909,312 | ---- | C] (Langsoft & METEOR Software) -- C:\Program Files\WTRAN32c.DLL
[2009.07.09 15:24:07 | 000,827,392 | ---- | C] (LangSoft s.r.o.) -- C:\Program Files\WDICT32c.DLL
[2009.07.09 15:24:03 | 000,246,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNICOWS.DLL
[2009.07.09 15:24:03 | 000,244,736 | ---- | C] (Sequiter Software Inc.) -- C:\Program Files\C4DLL320.DLL
[2009.07.09 15:24:02 | 000,225,280 | ---- | C] (Polar) -- C:\Program Files\POLSPELL.DLL
[2009.07.09 15:24:02 | 000,155,648 | ---- | C] (POLAR) -- C:\Program Files\AutoCorrectDLL.DLL
[2009.07.09 15:23:59 | 000,174,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\RICHED32.DLL
[2009.07.09 15:23:59 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSWD6_32.WPC
[2009.07.09 15:23:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WRITE.WPC
[2009.07.09 15:23:58 | 000,548,864 | ---- | C] (Sequiter Software Inc.) -- C:\Program Files\C4DLL323.DLL
[8 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.08.02 12:27:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.02 12:18:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\OTL.exe
[2011.08.02 11:34:31 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.02 10:15:36 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\CKScanner.exe
[2011.08.02 09:40:04 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.02 09:40:04 | 000,000,388 | ---- | M] () -- C:\windows\tasks\AWC AutoSweep.job
[2011.08.02 09:38:38 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2011.08.02 09:22:36 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[8 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.02 12:27:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.02 11:04:12 | 000,459,264 | ---- | C] () -- C:\Documents and Settings\Administrator.MATU-8196748980\Plocha\CKScanner.exe
[2011.08.02 09:40:10 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start\Programy\Outlook Express.lnk
[2011.08.02 09:38:51 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2011.08.02 09:38:51 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator.MATU-8196748980\Nabídka Start\Programy\Windows Media Player.lnk
[2010.12.11 15:01:49 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2010.02.27 16:32:41 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2009.12.31 15:04:24 | 000,073,728 | ---- | C] () -- C:\windows\System32\vbzlib1.dll
[2009.12.21 16:18:44 | 000,054,552 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2009.10.25 22:07:52 | 000,159,032 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.10 17:50:46 | 000,000,568 | ---- | C] () -- C:\Program Files\fpsectbl
[2009.07.10 17:50:45 | 000,002,851 | ---- | C] () -- C:\Program Files\cdroms.cfg
[2009.07.10 17:50:43 | 000,119,808 | ---- | C] () -- C:\Program Files\waiting.avi
[2009.07.10 17:50:43 | 000,057,762 | ---- | C] () -- C:\Program Files\howto.chm
[2009.07.10 17:50:43 | 000,040,154 | ---- | C] () -- C:\Program Files\realplay.chm
[2009.07.10 17:50:43 | 000,016,296 | ---- | C] () -- C:\Program Files\realtfon.fon
[2009.07.10 17:50:43 | 000,011,444 | ---- | C] () -- C:\Program Files\frw.bmp
[2009.07.10 17:50:43 | 000,001,209 | ---- | C] () -- C:\Program Files\flvplay.swf
[2009.07.10 17:50:42 | 000,008,704 | ---- | C] () -- C:\Program Files\rpchromebrowserrecordhelper.dll
[2009.07.10 17:50:40 | 000,052,609 | ---- | C] () -- C:\Program Files\RealNetworks License.html
[2009.07.10 17:50:40 | 000,052,609 | ---- | C] () -- C:\Program Files\playrlic.html
[2009.07.10 17:50:39 | 000,053,098 | ---- | C] () -- C:\Program Files\presets.rnx
[2009.07.10 17:50:39 | 000,000,480 | ---- | C] () -- C:\Program Files\keys.dat
[2009.07.10 17:50:38 | 000,637,394 | ---- | C] () -- C:\Program Files\normal.vs
[2009.07.10 17:50:38 | 000,061,495 | ---- | C] () -- C:\Program Files\ssimages.vs
[2009.07.10 17:50:36 | 000,102,400 | ---- | C] () -- C:\Program Files\HXAudioDeviceHook.dll
[2009.07.10 17:50:35 | 000,001,030 | ---- | C] () -- C:\Program Files\autoplaylist.dat
[2009.07.10 17:50:35 | 000,000,050 | ---- | C] () -- C:\Program Files\strs23.dat
[2009.07.10 17:50:35 | 000,000,013 | ---- | C] () -- C:\Program Files\strs26.dat
[2009.07.10 17:50:34 | 000,017,846 | ---- | C] () -- C:\Program Files\videotest.rm
[2009.07.10 17:50:34 | 000,000,221 | ---- | C] () -- C:\Program Files\subscription.rnx
[2009.07.10 17:50:34 | 000,000,177 | ---- | C] () -- C:\Program Files\freeoffers.rnx
[2009.07.09 15:31:58 | 000,000,093 | ---- | C] () -- C:\Program Files\CZCS.INI
[2009.07.09 15:31:58 | 000,000,093 | ---- | C] () -- C:\Program Files\ANCS.INI
[2009.07.09 15:24:08 | 000,001,304 | ---- | C] () -- C:\Program Files\NEMECKY.RTF
[2009.07.09 15:24:08 | 000,000,036 | ---- | C] () -- C:\Program Files\TRANSLAT.INI
[2009.07.09 15:24:07 | 000,548,864 | ---- | C] () -- C:\Program Files\WEN.DLL
[2009.07.09 15:24:03 | 000,057,344 | ---- | C] () -- C:\Program Files\ZLIB.DLL
[2009.07.09 15:24:03 | 000,021,987 | ---- | C] () -- C:\Program Files\CORRECT.CZA
[2009.07.09 15:24:02 | 000,013,022 | ---- | C] () -- C:\Program Files\ANCS.GRM
[2009.07.09 15:24:02 | 000,012,909 | ---- | C] () -- C:\Program Files\PRONAN.DAT
[2009.07.09 15:24:01 | 000,062,111 | ---- | C] () -- C:\Program Files\PRONAN.DBF
[2009.07.09 15:24:01 | 000,016,384 | ---- | C] () -- C:\Program Files\PRONAN.CDX
[2009.07.09 15:24:01 | 000,001,433 | ---- | C] () -- C:\Program Files\ANGLICKY.RTF
[2009.07.09 15:24:00 | 000,380,672 | ---- | C] () -- C:\Program Files\ANCS.DBF
[2009.07.09 15:24:00 | 000,079,872 | ---- | C] () -- C:\Program Files\CSAN.CDX
[2009.07.09 15:24:00 | 000,057,856 | ---- | C] () -- C:\Program Files\ANCS.CDX
[2009.07.09 15:24:00 | 000,016,791 | ---- | C] () -- C:\Program Files\ANCS2.DBF
[2009.07.09 15:23:58 | 000,131,233 | ---- | C] () -- C:\Program Files\WDICT32c.CHM
[2009.07.09 15:23:57 | 000,499,878 | ---- | C] () -- C:\Program Files\WINTRAN.DCZ
[2009.07.09 15:23:57 | 000,326,134 | ---- | C] () -- C:\Program Files\WTRAN32c.CHM
[2009.07.09 15:23:56 | 003,600,384 | ---- | C] () -- C:\Program Files\WTRAN32.EXE
[2009.07.09 15:23:56 | 002,568,192 | ---- | C] () -- C:\Program Files\WDICT32.EXE
[2009.07.07 19:56:06 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2008.12.15 06:57:13 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008.12.14 18:59:50 | 000,000,390 | ---- | C] () -- C:\windows\ODBC.INI
[2008.12.13 17:03:41 | 000,491,520 | ---- | C] () -- C:\windows\WebIE.dll2
[2008.12.13 17:03:40 | 000,200,704 | ---- | C] () -- C:\windows\TRNOET.DLL
[2008.12.13 17:03:40 | 000,045,056 | ---- | C] () -- C:\windows\TRNOEH.DLL
[2008.12.13 17:03:40 | 000,026,624 | ---- | C] () -- C:\windows\OETRN.EXE
[2008.12.13 17:03:16 | 000,000,054 | ---- | C] () -- C:\windows\WTRDCTM.INI
[2008.12.13 17:01:56 | 000,516,096 | ---- | C] () -- C:\windows\UN32.EXE
[2008.12.13 17:01:56 | 000,004,559 | ---- | C] () -- C:\windows\UN32P.INI
[2008.12.13 17:01:12 | 000,001,678 | ---- | C] () -- C:\windows\MAILTRAN.INI
[2008.12.13 17:01:11 | 000,002,476 | ---- | C] () -- C:\windows\TRNCOM.INI
[2008.12.13 17:00:56 | 000,004,192 | ---- | C] () -- C:\windows\WTRAN32.INI
[2008.12.13 17:00:56 | 000,001,581 | ---- | C] () -- C:\windows\WDICT32.INI
[2008.12.11 21:27:41 | 000,004,249 | ---- | C] () -- C:\windows\ODBCINST.INI
[2008.12.11 21:26:26 | 000,271,784 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2008.12.11 20:41:31 | 000,002,048 | --S- | C] () -- C:\windows\bootstat.dat
[2008.12.11 20:35:34 | 000,021,812 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2008.12.11 15:23:01 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2008.12.11 14:49:01 | 000,049,152 | ---- | C] () -- C:\windows\System32\ChCfg.exe
[2008.12.11 14:41:07 | 000,910,464 | ---- | C] () -- C:\windows\System32\igmedkrn.dll
[2008.12.11 14:41:07 | 000,204,800 | ---- | C] () -- C:\windows\System32\igfxCoIn_v4833.dll
[2008.12.11 14:40:10 | 000,002,389 | ---- | C] () -- C:\windows\wincmd.ini
[2005.10.14 12:56:50 | 000,092,672 | ---- | C] () -- C:\windows\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,021,504 | ---- | C] () -- C:\windows\System32\ogg.dll
[2004.08.17 14:58:58 | 000,001,788 | ---- | C] () -- C:\windows\System32\Dcache.bin
[2004.08.17 14:49:10 | 000,081,920 | ---- | C] () -- C:\windows\System32\ieencode.dll
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\windows\System32\secupd.dat
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\windows\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2001.10.25 15:00:00 | 000,500,906 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,497,822 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\windows\System32\dssec.dat
[2001.10.25 15:00:00 | 000,103,820 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,092,892 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\windows\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\windows\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\noise.dat
[2001.01.12 11:52:26 | 000,044,032 | ---- | C] () -- C:\windows\System32\vbpng1.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\windows\System32\zlib.dll

========== LOP Check ==========

[2010.04.06 20:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.12.13 14:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.02.13 10:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Enkord
[2010.02.26 19:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.03.28 20:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.13 14:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2010.01.10 14:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.12.06 12:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2009.08.24 12:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\AD ON Multimedia
[2011.07.11 18:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\BSplayer
[2010.02.26 19:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\BSplayer Pro
[2008.12.13 14:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\DAEMON Tools
[2008.12.13 14:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\DAEMON Tools Lite
[2008.12.13 14:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\DAEMON Tools Pro
[2009.12.31 15:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Desktopicon
[2009.12.09 12:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Dev-Cpp
[2010.05.30 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\FileZilla
[2010.08.30 10:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\HLSW
[2011.04.21 09:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\ICQ
[2010.02.21 15:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\IObit
[2009.07.09 15:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\LangSoft
[2010.01.04 22:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Leawo
[2010.01.08 15:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Mumble
[2009.12.14 15:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Nvu
[2010.04.22 20:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape
[2010.05.17 21:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Publish Providers
[2010.05.17 21:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\Sony
[2010.03.14 21:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\TeamViewer
[2011.07.28 23:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\TS3Client
[2011.08.02 09:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\uTorrent
[2010.01.24 16:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matuštík jr\Data aplikací\XnView
[2011.08.02 09:40:04 | 000,000,388 | ---- | M] () -- C:\windows\Tasks\AWC AutoSweep.job
[2011.07.21 20:08:23 | 000,000,400 | ---- | M] () -- C:\windows\Tasks\AWC Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.17 14:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.12.11 12:45:51 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\001\iastor.sys
[2008.12.11 12:48:06 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\002\iastor.sys
[2008.12.11 12:48:06 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2001.10.24 12:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 12:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
[1 C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.08.02 09:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Identities
[2011.08.02 09:40:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Microsoft
[2011.08.02 09:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Real
[2011.08.02 11:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.MATU-8196748980\Data aplikací\Sun

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.12.13 14:08:42 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.12.11 21:25:46 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2008.12.11 21:25:46 | 000,663,552 | ---- | M] () -- C:\windows\System32\config\software.sav
[2008.12.11 21:25:46 | 000,475,136 | ---- | M] () -- C:\windows\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.08.02 09:22:36 | 000,002,206 | ---- | M] () -- C:\windows\system32\wpa.dbl
[8 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.08.02 12:27:19 | 000,000,512 | ---- | M] () MD5=C7F279E486FFC898C204EDB5FF70A336 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6762 bytes -> C:\windows\Prefetch\SYSTEM32:SVCHOST.EXE-0D6710D4.pf
@Alternate Data Stream - 3898960 bytes -> C:\windows\system32:svchost

< End of report >

OTL Extras logfile created on: 2.8.2011 12:26:21 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Administrator.MATU-8196748980\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 79,24% Memory free
3,84 Gb Paging File | 3,52 Gb Available in Paging File | 91,60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,68 Gb Free Space | 13,74% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 28,45 Gb Free Space | 17,06% Space Free | Partition Type: NTFS
Drive F: | 7,44 Gb Total Space | 7,44 Gb Free Space | 99,97% Space Free | Partition Type: FAT32

Computer Name: MATU-8196748980 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- Reg Error: Value error.
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Hry\Counter-Strike 1.6\hlds.exe" = D:\Hry\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher -- (Valve)
"D:\Hry\Counter-Strike 1.6\hl.exe" = D:\Hry\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Torrent\uTorrent\utorrent.exe" = C:\Program Files\Torrent\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Hry\Flat Out 2\FlatOut2\FlatOut2.exe" = D:\Hry\Flat Out 2\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2 -- ()
"D:\Hry\Warcraft 3 the frozen throne 1.17\Warcraft III L T\War3.exe" = D:\Hry\Warcraft 3 the frozen throne 1.17\Warcraft III L T\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe" = C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Matuštík jr\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe" = C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe:*:Enabled:CyberLink PowerDVD 10.0 -- (CyberLink Corp.)
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"C:\Program Files\Steam\steamapps\matushhh\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\matushhh\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Program Files\Steam\steamapps\capslock8\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\capslock8\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.4 - Czech
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"µTorrent CZ_is1" = µTorrent CZ 1.8.3 (build 15638)
"7-Zip" = 7-Zip 4.62
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2005
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ask Toolbar_is1" = Ask Toolbar
"avast5" = avast! Free Antivirus
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"CyberLink PowerDVD 10.0.1516.51" = CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"eBay Icon" = eBay Icon
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESL GUI" = ESL GUI 1.15.2 (CS)
"Foxit Reader" = Foxit Reader
"FreeCommander_is1" = FreeCommander 2009.02
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nvu" = Nvu 1.0
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"PC Translator" = PC Translator
"PC Translator 2007 DEMO" = PC Translator 2007 DEMO
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"Seven Remix XP" = Seven Remix XP 2.2
"Steam App 10" = Counter-Strike
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 4" = TeamViewer 4
"Televize_-_SychrovNET_vlc-0.9.8a" = Televize - SychrovNET vlc-0.9.8a
"The KMPlayer" = The KMPlayer (remove only)
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Ultra AVI Converter_is1" = Ultra AVI Converter 5.2.0326
"Veetle TV" = Veetle TV 0.9.18
"VorbisCodec" = Ogg Vorbis ACM Codec
"WheelMouse" = X7-Office 7.80
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ OSession Events ]
Error - 14.12.2010 14:26:41 | Computer Name = MATU-8196748980 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1674
seconds with 1320 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2.8.2011 5:03:07 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 2.8.2011 5:03:07 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 2.8.2011 5:18:08 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 30 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 2.8.2011 5:18:08 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 30 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 2.8.2011 6:24:36 | Computer Name = MATU-8196748980 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 5.60.246.18 pro síťovou kartu se síťovou
adresou 7A79053CF612 byla ukončena.

Error - 2.8.2011 6:24:37 | Computer Name = MATU-8196748980 | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 7A79053CF612. Došlo k následující chybě: %%1223. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 2.8.2011 6:24:39 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 2.8.2011 6:24:39 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 2.8.2011 6:24:40 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 2.8.2011 6:24:40 | Computer Name = MATU-8196748980 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

< End of report >

#6 Příspěvek od **vyosek** » 02 srp 2011 11:54

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.04.02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
[2008.12.13 14:12:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - Reg Error: Value error. File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll (Conduit Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Value error. File not found
[8 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2011.08.02 09:40:04 | 000,000,388 | ---- | M] () -- C:\windows\Tasks\AWC AutoSweep.job
[2011.07.21 20:08:23 | 000,000,400 | ---- | M] () -- C:\windows\Tasks\AWC Update.job
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
[1 C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
@Alternate Data Stream - 6762 bytes -> C:\windows\Prefetch\SYSTEM32:SVCHOST.EXE-0D6710D4.pf
@Alternate Data Stream - 3898960 bytes -> C:\windows\system32:svchost

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"TkBellExe"=-
"WinampAgent"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"RemoteControl10"=-
"BDRegion"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]

:services
gupdate
gupdatem
JavaQuickStarterService
gusvc

:files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\AskBarDis
C:\Program Files\ICQ6Toolbar
C:\Program Files\Winamp Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

solaris104 · #7 Příspěvek od **solaris104** » 02 srp 2011 12:05

All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Service ASKUpgrade stopped successfully!
Service ASKUpgrade deleted successfully!
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
C:\Program Files\rpbrowserrecordplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
C:\Program Files\BS_Player\tbBS_1.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File C:\Program Files\BS_Player\tbBS_1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
C:\windows\System32\CONFIG.TMP deleted successfully.
C:\windows\System32\msxml3.dll.tmp deleted successfully.
C:\windows\System32\SET660.tmp deleted successfully.
C:\windows\System32\SET662.tmp deleted successfully.
C:\windows\System32\SET666.tmp deleted successfully.
C:\windows\System32\SET667.tmp deleted successfully.
C:\windows\System32\SET66E.tmp deleted successfully.
C:\windows\System32\SET670.tmp deleted successfully.
C:\windows\SET3.tmp deleted successfully.
C:\windows\SET4.tmp deleted successfully.
C:\windows\SET8.tmp deleted successfully.
C:\windows\Tasks\AWC AutoSweep.job moved successfully.
C:\windows\Tasks\AWC Update.job moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP221.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FBC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCB.tmp folder deleted successfully.
C:\windows\system32\config\systemprofile\Local Settings\Temp\CR_EE7C0.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\windows\system32\config\systemprofile\Local Settings\Temp\CR_EE7C0.tmp folder deleted successfully.
ADS C:\windows\Prefetch\SYSTEM32:SVCHOST.EXE-0D6710D4.pf deleted successfully.
ADS C:\windows\system32:svchost deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BDRegion deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8\ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files\AskBarDis\PopSwatter\History folder moved successfully.
C:\Program Files\AskBarDis\PopSwatter folder moved successfully.
C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
C:\Program Files\AskBarDis\bar\History folder moved successfully.
C:\Program Files\AskBarDis\bar\Cache folder moved successfully.
C:\Program Files\AskBarDis\bar\bin folder moved successfully.
C:\Program Files\AskBarDis\bar folder moved successfully.
C:\Program Files\AskBarDis folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Winamp Toolbar folder moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 32768 bytes

User: Administrator.MATU-8196748980
->Temp folder emptied: 603954 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6133115 bytes

User: Matuštík jr
->Temp folder emptied: 3027170 bytes
->Temporary Internet Files folder emptied: 33282 bytes
->Java cache emptied: 36572428 bytes
->FireFox cache emptied: 6160803 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 393216 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 51,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.MATU-8196748980

User: All Users

User: Default User

User: LocalService

User: Matuštík jr
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 08022011_130048

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#8 Příspěvek od **vyosek** » 02 srp 2011 12:24

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

solaris104 · #9 Příspěvek od **solaris104** » 02 srp 2011 13:28

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

2.8.2011 14:28:06
mbam-log-2011-08-02 (14-27-58).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 223033
Uplynulý čas: 25 minut, 15 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 5

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\matuštík jr\data aplikací\ad on multimedia\ebay shortcuts\ebayshortcuts.exe (Adware.ADON) -> No action taken.
c:\documents and settings\matuštík jr\data aplikací\desktopicon\ebayshortcuts.exe (Adware.ADON) -> No action taken.
c:\WINDOWS\bricopacks\vista inspirat 2\packfiles\79_iexplore.exe (Trojan.FakeMS) -> No action taken.
c:\program files\rpchromebrowserrecordhelper.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\ZLIB.DLL (Spyware.OnlineGames) -> No action taken.

#10 Příspěvek od **vyosek** » 02 srp 2011 16:36

Nalezy smazte - bude nasledovat log - ten sem vlozte

solaris104 · #11 Příspěvek od **solaris104** » 03 srp 2011 05:38

Antivir se porad nechce spustit

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

3.8.2011 6:30:08
mbam-log-2011-08-03 (06-30-08).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 223033
Uplynulý čas: 25 minut, 15 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 5

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\matuštík jr\data aplikací\ad on multimedia\ebay shortcuts\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\matuštík jr\data aplikací\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\WINDOWS\bricopacks\vista inspirat 2\packfiles\79_iexplore.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\program files\rpchromebrowserrecordhelper.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\program files\ZLIB.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.

#12 Příspěvek od **vyosek** » 03 srp 2011 06:50

Pustte tam jeste tohle http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

solaris104 · #13 Příspěvek od **solaris104** » 03 srp 2011 09:44

Tak se mi vzdy AVPTool pri skenovani zasekl kolem 25%. Pustil jsem kontrolu disku a zjistil jsem, ze jsou tam vadne sektory. Budu muset koupit novy HDD a instalovat Windows znovu. Dekuji za pomoc.

#14 Příspěvek od **vyosek** » 03 srp 2011 19:42

Takze chybu tedy mame...Neni zac, rado se stalo

VIRY.CZ

Zavirovany NB

Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB

Re: Zavirovany NB