VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by a at 2011-09-12 16:10:35
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 98 GB (64%) free of 153 GB
Total RAM: 959 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:58, on 12.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Miranda IM KP v5.0.9.16\miranda32.exe
C:\Program Files\iolo\System Mechanic Professional\SMTrayNotify.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\ChromePlus\chrome.exe
C:\Program Files\ChromePlus\chrome.exe
C:\Program Files\ChromePlus\chrome.exe
C:\Program Files\ChromePlus\chrome.exe
C:\Documents and Settings\a\Plocha\RSIT.exe
C:\Program Files\trend micro\a.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {11222041-111B-46E3-BD29-EFB2449479B1} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {586fe353-65fd-afd7-c688-9e16b044531f} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: (no name) - {F3A54897-9E68-B11E-A37A-4D1422CE9CAA} - (no file)
O2 - BHO: BlingeeTb - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Miranda IM] C:\Program Files\Miranda IM KP v5.0.9.16\launcher.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe (file missing)
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 11665 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Install_NSS.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-05-01 63048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{586fe353-65fd-afd7-c688-9e16b044531f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-05-20 1258808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-05-01 161352]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-05-20 1258808]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{D1121FE0-0145-44C9-AA35-72071AC20A9B}
{855F3B16-6D32-4FE6-8A56-BBB695989046}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-07 8523776]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Miranda IM"=C:\Program Files\Miranda IM KP v5.0.9.16\launcher.exe [2011-01-27 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-07-10 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Philips GoGear VIBE Device Manager.lnk]
C:\PROGRA~1\Philips\GOGEAR~1\GOGEAR~1.EXE []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Miranda IM KP v5.0.9.16\miranda32.exe"="C:\Program Files\Miranda IM KP v5.0.9.16\miranda32.exe:*:Enabled:Miranda IM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codec"=l3codecp.acm
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2011-09-12 16:10:37 ----D---- C:\Program Files\trend micro
2011-09-12 16:10:35 ----D---- C:\rsit
2011-09-11 18:18:38 ----D---- C:\Documents and Settings\a\Data aplikací\Help
2011-09-07 21:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-08-24 21:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$

======List of files/folders modified in the last 1 month======

2011-09-12 16:10:37 ----RD---- C:\Program Files
2011-09-12 16:09:40 ----D---- C:\WINDOWS\Prefetch

Zdravim, pekny vecer preji a vitam Vas u nas na foru

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 13.9.2011 19:32:45 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

959,48 Mb Total Physical Memory | 195,15 Mb Available Physical Memory | 20,34% Memory free
2,85 Gb Paging File | 2,03 Gb Available in Paging File | 71,25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,34 Gb Free Space | 63,97% Space Free | Partition Type: NTFS
Drive D: | 564,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: RENATKA | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.13 19:29:14 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
PRC - [2011.09.05 14:47:09 | 001,285,040 | ---- | M] (Maple Studio) -- C:\Program Files\ChromePlus\chrome.exe
PRC - [2010.01.04 14:39:04 | 000,650,672 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2009.09.12 00:34:00 | 002,524,416 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodtray.exe
PRC - [2009.08.05 11:35:22 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.06.09 17:37:00 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 08:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004.12.08 18:57:36 | 000,550,912 | ---- | M] () -- C:\WINDOWS\mHotkey.exe
PRC - [2004.11.02 21:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

========== Modules (No Company Name) ==========

MOD - [2011.09.05 14:47:07 | 004,118,072 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\pdf.dll
MOD - [2011.09.05 14:47:05 | 000,339,888 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\locales\cs.dll
MOD - [2011.09.05 14:47:04 | 006,338,720 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\gcswf32.dll
MOD - [2011.09.05 14:47:01 | 001,846,344 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\avcodec-52.dll
MOD - [2011.09.05 14:47:01 | 000,203,848 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\avformat-52.dll
MOD - [2011.09.05 14:47:01 | 000,104,520 | ---- | M] () -- C:\Program Files\ChromePlus\1.6.3.0\avutil-50.dll
MOD - [2010.01.04 14:39:04 | 000,650,672 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
MOD - [2009.01.28 16:03:49 | 000,326,401 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.11.07 01:00:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007.11.07 01:00:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007.01.22 12:22:28 | 000,470,016 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll
MOD - [2007.01.22 12:22:14 | 000,859,648 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
MOD - [2007.01.22 12:22:12 | 000,018,432 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
MOD - [2006.02.14 16:36:10 | 000,155,648 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll
MOD - [2006.02.14 16:35:54 | 000,827,392 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll
MOD - [2004.12.08 18:57:36 | 000,550,912 | ---- | M] () -- C:\WINDOWS\mHotkey.exe
MOD - [2003.05.16 21:09:32 | 000,011,776 | ---- | M] () -- C:\WINDOWS\HIDMNT.dll
MOD - [2001.07.02 21:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ICQ Service)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2010.01.04 14:39:04 | 000,650,672 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2010.01.04 14:39:04 | 000,650,672 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2009.08.05 11:35:22 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.06.09 17:37:00 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

========== Driver Services (SafeList) ==========

DRV - [2010.03.11 18:24:58 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.07 19:12:36 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.09 17:37:00 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.31 08:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.10.29 11:29:06 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.06.21 05:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 05:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2007.07.18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.02.18 01:15:34 | 000,232,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2007.01.29 07:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006.11.27 17:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.11.27 17:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.18 17:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.07.24 17:51:34 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2006.06.19 00:59:28 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6
IE - HKLM\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: No CLSID value found. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iamwired.net/websearch ... ps&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.7&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.qip.ru/search?from=FF&query="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2008.12.17 19:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\a\Data aplikací\Mozilla\Extensions
[2011.06.27 22:01:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions
[2010.08.02 20:48:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.02 20:48:49 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.08.02 20:48:54 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com
[2010.01.10 22:34:43 | 000,002,235 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\askcom.xml
[2010.09.12 09:45:02 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\daemon-search.xml
[2011.06.25 14:15:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-1.xml
[2011.01.16 14:41:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-2.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin.xml
[2010.05.02 15:34:42 | 000,000,266 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\Search.xml
[2009.06.29 22:45:54 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\sweetim.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM

O1 HOSTS File: ([2011.01.12 22:01:52 | 000,000,901 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {11222041-111B-46E3-BD29-EFB2449479B1} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {586fe353-65fd-afd7-c688-9e16b044531f} - No CLSID value found.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (no name) - {F3A54897-9E68-B11E-A37A-4D1422CE9CAA} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKU\S-1-5-21-823518204-583907252-682003330-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-823518204-583907252-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-823518204-583907252-682003330-1004..\Run: [Miranda IM] C:\Program Files\Miranda IM KP v5.0.9.16\launcher.exe (Woobind Software & .:LynX:. Studio)
O4 - HKU\S-1-5-21-823518204-583907252-682003330-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C72C8017-3824-4DED-91CC-0F9167EBDF51}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.29 11:19:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{20071341-a5d3-11dd-8a65-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{20071341-a5d3-11dd-8a65-806d6172696f}\Shell\AutoRun\command - "" = D:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.09.13 19:29:09 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2011.09.12 16:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.09.12 16:10:35 | 000,000,000 | ---D | C] -- C:\rsit
[2011.09.11 18:18:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\a\Data aplikací\Help
[2008.11.19 20:57:59 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\a\Data aplikací\pcouffin.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.09.13 19:42:45 | 336,564,869 | ---- | M] () -- C:\Documents and Settings\a\Plocha\Never-back-down-2-CZ-titulky.avi.crdownload
[2011.09.13 19:37:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.09.13 19:29:14 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2011.09.13 19:01:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.09.13 17:36:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.13 17:36:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.13 17:36:11 | 000,648,497 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011.09.12 16:08:28 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\a\Plocha\RSIT.exe
[2011.09.11 21:48:07 | 725,628,618 | ---- | M] () -- C:\Documents and Settings\a\Plocha\Na_tuhle_nemam(2010)CZ.avi
[2011.09.11 18:14:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.09.10 14:52:00 | 000,230,912 | ---- | M] () -- C:\Documents and Settings\a\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.09.13 19:37:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.09.13 17:52:28 | 330,165,757 | ---- | C] () -- C:\Documents and Settings\a\Plocha\Never-back-down-2-CZ-titulky.avi.crdownload
[2011.09.12 16:08:22 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\a\Plocha\RSIT.exe
[2011.09.11 16:13:23 | 725,628,618 | ---- | C] () -- C:\Documents and Settings\a\Plocha\Na_tuhle_nemam(2010)CZ.avi
[2011.07.15 09:59:08 | 000,000,244 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.07.29 17:13:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.05.09 16:18:07 | 002,169,256 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2010.05.09 16:17:48 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\iolobtdfg.exe
[2010.05.09 16:17:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\smrgdf.exe
[2010.05.09 16:15:49 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010.03.28 15:51:11 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.01.31 22:36:32 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.01.31 22:36:31 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.07.02 15:14:29 | 000,302,592 | ---- | C] () -- C:\WINDOWS\mauninst.exe
[2009.03.05 13:30:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.01.23 10:42:14 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009.01.23 10:42:14 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009.01.23 10:42:14 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008.12.29 13:13:23 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.12.17 19:58:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.11.21 22:28:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.20 19:37:37 | 000,550,912 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2008.11.20 19:37:37 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2008.11.20 19:37:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\stophid.exe
[2008.11.20 19:37:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2008.11.20 19:37:37 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2008.11.19 21:42:08 | 000,230,912 | ---- | C] () -- C:\Documents and Settings\a\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.19 20:57:59 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\a\Data aplikací\inst.exe
[2008.11.19 20:57:59 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\a\Data aplikací\pcouffin.cat
[2008.11.19 20:57:59 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\a\Data aplikací\pcouffin.inf
[2008.11.19 20:32:33 | 000,003,508 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.19 20:28:55 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.11.07 14:05:46 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.11.04 16:24:51 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008.10.29 18:04:35 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.10.29 18:03:38 | 000,290,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.10.29 11:28:09 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.10.29 11:25:15 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008.10.29 11:21:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.10.29 11:17:30 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,436,546 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,434,430 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,080,434 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 14:00:00 | 000,069,442 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.10.31 08:35:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.31 08:35:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.10.31 08:35:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.31 08:35:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.10.31 08:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.31 08:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.31 08:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.31 08:35:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.10.31 08:35:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.10.31 08:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.11 14:33:19 | 000,280,064 | ---- | C] () -- C:\WINDOWS\cncs232.dll
[1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2009.01.27 21:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools
[2009.05.23 09:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools Lite
[2009.01.27 21:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools Pro
[2010.08.13 20:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\gtk-2.0
[2010.05.09 18:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\iolo
[2008.12.16 16:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\LangSoft
[2011.01.15 14:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Local
[2011.07.17 15:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Miranda
[2009.03.29 19:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\QIP
[2010.03.25 13:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Thinstall
[2010.01.10 22:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Trillian
[2008.11.19 21:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Vso
[2009.01.24 19:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\YoudaGames
[2009.01.10 10:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2C4E
[2009.02.01 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.03.11 18:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.02.01 19:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.07.09 14:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.05.09 18:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\iolo
[2008.12.16 16:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.02.20 17:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\phenomedia
[2008.12.22 12:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TechSmith
[2009.01.24 20:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.02.12 14:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WhiteCap (Holiday Edition)
[2011.07.09 14:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\XML
[2010.05.09 16:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\iolo
[2010.11.14 22:10:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\Install_NSS.job
[2011.09.13 19:01:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.10.18 17:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.26 14:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Adobe
[2008.11.19 20:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Ahead
[2011.08.04 17:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Apple Computer
[2009.12.25 00:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\ArcSoft
[2008.11.14 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\CyberLink
[2009.01.27 21:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools
[2009.05.23 09:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools Lite
[2009.01.27 21:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DAEMON Tools Pro
[2010.10.03 21:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\DivX
[2011.09.04 15:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\dvdcss
[2010.08.13 20:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\gtk-2.0
[2011.09.11 18:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Help
[2008.10.29 11:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Identities
[2008.10.29 11:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\InstallShield
[2010.05.09 18:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\iolo
[2008.12.16 16:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\LangSoft
[2011.01.15 14:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Local
[2008.11.21 15:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Macromedia
[2010.12.12 14:22:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\a\Data aplikací\Microsoft
[2011.07.17 15:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Miranda
[2008.12.17 19:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Mozilla
[2011.04.22 10:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\OpenOffice.org2
[2009.03.29 19:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\QIP
[2011.06.18 15:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Skype
[2011.06.19 00:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\skypePM
[2009.03.14 23:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Sun
[2010.03.25 13:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Thinstall
[2010.01.10 22:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Trillian
[2011.09.12 18:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\vlc
[2008.11.19 21:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\Vso
[2009.05.24 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\WinRAR
[2009.01.24 19:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\a\Data aplikací\YoudaGames

< %APPDATA%\*.exe /s >
[2008.11.19 20:57:59 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\inst.exe
[2010.05.30 13:30:17 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Thinstall\Ask Toolbar\1000000500002i\regsvr32.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.11 18:24:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.10.29 18:02:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.10.29 18:02:50 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.10.29 18:02:49 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.09.13 17:36:11 | 000,648,497 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2011.09.13 17:36:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG)
"Miranda IM" = C:\Program Files\Miranda IM KP v5.0.9.16\launcher.exe -- [2011.01.27 19:24:56 | 000,077,824 | ---- | M] (Woobind Software & .:LynX:. Studio)

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.09.13 19:37:18 | 000,000,512 | ---- | M] () MD5=8E1DF2256F3121F20822EB0C5E322D02 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:54D9AD66

< End of report >

OTL Extras logfile created on: 13.9.2011 19:32:45 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

959,48 Mb Total Physical Memory | 195,15 Mb Available Physical Memory | 20,34% Memory free
2,85 Gb Paging File | 2,03 Gb Available in Paging File | 71,25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 95,34 Gb Free Space | 63,97% Space Free | Partition Type: NTFS
Drive D: | 564,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: RENATKA | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM
"C:\Program Files\Miranda IM KP v5.0.9.16\miranda32.exe" = C:\Program Files\Miranda IM KP v5.0.9.16\miranda32.exe:*:Enabled:Miranda IM -- ( )

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{08DA21BF-9912-409E-B802-943C6DC2DA81}" = USB Multimedia Keyboard Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{4F2CE68F-EDBB-4592-BF07-5AC930A51033}" = Nero 7 Premium
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2ED62F4-4F0B-44DF-B630-DD02FD7E8C60}" = OpenOffice.org 2.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{DA0BF7AB-88EB-4675-8FA1-531EAD938821}" = SnagIt 8
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}" = O&O Defrag Professional
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Akimbo" = Akimbo
"ATF" = ATF
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVDFab Platinum_is1" = DVDFab Platinum 3.1.7.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FBrowsingAdvisor_is1" = FBrowsingAdvisor
"Heart Of Darkness" = Heart Of Darkness
"hp deskjet 3320 series" = hp deskjet 3320 series (Pouze odstranit)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM KenDASS Pack_is1" = Miranda IM KenDASS Pack v5.0.9.16
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"pc_screen_nesquik2" = pc_screen_nesquik2 Screen Saver
"Revo Uninstaller" = Revo Uninstaller 1.92
"Totalcmd" = Total Commander (Remove or Repair)
"VisualTool" = VisualTool
"VLC media player" = VLC media player 1.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.8.2011 10:32:50 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

Error - 11.8.2011 5:28:32 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

Error - 26.8.2011 6:04:58 | Computer Name = RENATKA | Source = nview_info | ID = 11141121
Description =

Error - 26.8.2011 11:02:48 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

Error - 27.8.2011 6:56:11 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

Error - 29.8.2011 6:25:11 | Computer Name = RENATKA | Source = nview_info | ID = 11141121
Description =

Error - 31.8.2011 14:16:10 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.5721.5145, chybující modul
nemp4splitter.ax, verze 4.9.4.1, adresa chyby 0x0002a65b.

Error - 1.9.2011 13:02:01 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

Error - 3.9.2011 16:50:28 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
ntdll.dll, verze 5.1.2600.6055, adresa chyby 0x000101b3.

Error - 11.9.2011 9:42:52 | Computer Name = RENATKA | Source = Application Error | ID = 1000
Description = Chybující aplikace miranda32.exe, verze 0.9.16.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x555687a0.

[ System Events ]
Error - 8.9.2011 13:38:29 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 9.9.2011 8:21:42 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 9.9.2011 11:04:12 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 9.9.2011 13:36:08 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 10.9.2011 3:47:28 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 11.9.2011 6:46:29 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 12.9.2011 10:43:02 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače KAY-PC, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-3824-4DED-91.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 12.9.2011 11:54:25 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 12.9.2011 13:06:27 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 12.9.2011 14:16:27 | Computer Name = RENATKA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETR-6CC5891F99,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C72C8017-382. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

< End of report >

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Nahrady za Spybota:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Auto | Stopped] -- -- (ICQ Service)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6
IE - HKLM\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: - Reg Error: CLSID key missing. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - Reg Error: No CLSID value found. File not found
IE - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.qip.ru/search?from=FF&query="
[2010.08.02 20:48:49 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.08.02 20:48:54 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com
[2010.01.10 22:34:43 | 000,002,235 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\askcom.xml
[2010.09.12 09:45:02 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\daemon-search.xml
[2011.06.25 14:15:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-1.xml
[2011.01.16 14:41:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-2.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin.xml
[2010.05.02 15:34:42 | 000,000,266 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\Search.xml
[2009.06.29 22:45:54 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\sweetim.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\A\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\71MUG241.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
O2 - BHO: (no name) - {11222041-111B-46E3-BD29-EFB2449479B1} - No CLSID value found.
O2 - BHO: (no name) - {586fe353-65fd-afd7-c688-9e16b044531f} - No CLSID value found.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (no name) - {F3A54897-9E68-B11E-A37A-4D1422CE9CAA} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D1121FE0-0145-44C9-AA35-72071AC20A9B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-583907252-682003330-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found.
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
[2011.09.13 19:01:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2010.05.30 13:30:17 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\a\Data aplikací\Thinstall\Ask Toolbar\1000000500002i\regsvr32.exe
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:54D9AD66

:services
NBService
NMIndexingService

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}"=-
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}"=-
"DAEMON Tools Toolbar"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"Miranda IM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
 
:files
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\SweetIM
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
Service ACDaemon stopped successfully!
Service ACDaemon deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-823518204-583907252-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://flvdirect.iamwired.net/websearch ... ps&search=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.7&q=" removed from keyword.URL
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\Search.xml moved successfully.
C:\Documents and Settings\a\Data aplikací\Mozilla\Firefox\Profiles\71mug241.default\searchplugins\sweetim.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11222041-111B-46E3-BD29-EFB2449479B1}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{586fe353-65fd-afd7-c688-9e16b044531f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{586fe353-65fd-afd7-c688-9e16b044531f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A54897-9E68-B11E-A37A-4D1422CE9CAA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D1121FE0-0145-44C9-AA35-72071AC20A9B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1121FE0-0145-44C9-AA35-72071AC20A9B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-823518204-583907252-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\CDBurn deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\WINDOWS\NV15721516.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV15721516.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP206.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP233.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CA.tmp folder deleted successfully.
C:\Documents and Settings\a\Data aplikací\Thinstall\Ask Toolbar\1000000500002i\regsvr32.exe moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:54D9AD66 deleted successfully.
========== SERVICES/DRIVERS ==========
Service NBService stopped successfully!
Service NBService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\DAEMON Tools Toolbar not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Miranda IM deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM\ deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\SweetIM\Toolbars folder moved successfully.
C:\Program Files\SweetIM folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: a
->Temp folder emptied: 28546762 bytes
->Temporary Internet Files folder emptied: 20095619 bytes
->Java cache emptied: 14568483 bytes
->FireFox cache emptied: 44849309 bytes
->Flash cache emptied: 9686 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 588953 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1733510 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 116427576 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 12555408 bytes

Total Files Cleaned = 228,00 mb

[EMPTYFLASH]

User: a
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.28.0 log created on 09132011_210327

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste jak se chova PC

Všechno je v pořádku, jen mě nejdou odstranit nějaké složky píše to :Ze zdrojového souboru nebo disku nelze číst.

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Je mozne, ze disk bude poskozeny

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
chkdsk /f /r
```
Kliknete na OK
pokud se PC zepta, zda-li provest kontrolu po restartu, tak souhlaste

Restrart PC a provede se kontrola disku, pak napiste jak dopadla

Provedla jsem kontrolu, ale stále nejdou smazat složky píše to :Zadaný soubor nelze nalézt.Zkontrolujte zadaní názvu souboru a cesty.

Kontrola neco nasla

Otestujte HD pomoci HD Tune http://www.stahuj.centrum.cz/utility_a_ ... g/hd-tune/

Udelejte testy Benchmark a Error Scan - dejte screeny
Dejte screen ze zalozky Health
Scree udelate kdyz klilknete na tu modrou disketku a pak jej sem dejte dle tohoto navdou http://www.viry.cz/forum/viewtopic.php?f=15&t=14114 - zajima Vas jen cast "zaslani na forum" samozrejme

http://imageshack.us/photo/my-images/81 ... 600aa.png/

Delala jste i ten Error scan - byly nektere ctverecky cervene?

Muze mi sem dat umisteni te slozky co chcete odstranit

Všechny čtverečky byly zelené. c:\složka\313259114\ReceivedFiles\

Stahnete SytemLook (viz muj podpis) a ulozte jej na plochu

Do okna vlozte skript nize
Kód: Vybrat vše
```
:folderfind
313259114
```
Kliknete na Look
Tlacitko Look se zmeni na Scanning a zsedne
Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

SystemLook 30.07.11 by jpshortstuff
Log created at 20:43 on 14/09/2011 by a
Administrator - Elevation successful

========== folderfind ==========

Searching for "313259114"
C:\Documents and Settings\a\Data aplikací\Miranda\313259114 d------ [13:10 17/07/2011]
C:\Documents and Settings\a\Data aplikací\Miranda\Profiles\313259114 d------ [16:05 02/09/2009]
C:\Program Files\Miranda IM KP v5.0.9.16\Data_profile\313259114 d------ [19:07 17/07/2011]
C:\složka\313259114 d------ [18:30 16/07/2011]

-= EOF =-

VIRY.CZ

Prosím o kontrolu PC

Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC

Re: Prosím o kontrolu PC