prosím o kontrlolu logu

Zpráva

Loutka · #1 Příspěvek od **Loutka** » 20 říj 2011 10:59

Logfile of random's system information tool 1.09 (written by random/random)
Run by Bajuska at 2011-10-20 11:55:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (20%) free of 70 GB
Total RAM: 2047 MB (75% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Home.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-02-10 119808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-05-10 3459712]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-07-21 17357448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-02-26 16125440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileyCentralIE_1w Browser Plugin Loader]
C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbrmon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
D-Link AirPlus.lnk - C:\Program Files\D-Link AirPlus\AirPlus.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-10-04 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Landwirtschafts Simulator 2011\game.exe"="C:\Program Files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Disabled:Skype Extras Manager"
"C:\Documents and Settings\Home.HOME-58B74E775F\Plocha\Stronghold Crusader\Stronghold Crusader.exe"="C:\Documents and Settings\Home.HOME-58B74E775F\Plocha\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.ACDV"=ACDV.dll
"vidc.ffds"=ffdshow.ax
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2011-10-20 11:55:31 ----D---- C:\rsit
2011-10-20 11:55:31 ----D---- C:\Program Files\trend micro
2011-10-20 11:25:55 ----A---- C:\Program Files\Uninstall SmileyCentral.dll
2011-10-20 11:10:18 ----D---- C:\Program Files\CCleaner
2011-10-15 10:44:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-15 10:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-15 10:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-07 15:07:19 ----D---- C:\Program Files\Mozilla Firefox
2011-09-26 09:43:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-09-26 09:42:53 ----D---- C:\WINDOWS\Logs
2011-09-26 09:41:38 ----D---- C:\Program Files\Landwirtschafts Simulator 2011
2011-09-25 20:59:03 ----D---- C:\Program Files\18 Wheels of Steel American Long Haul
2011-09-25 20:39:21 ----D---- C:\Program Files\Popeláři

======List of files/folders modified in the last 1 month======

2011-10-20 11:55:31 ----RD---- C:\Program Files
2011-10-20 11:53:54 ----D---- C:\WINDOWS\Temp
2011-10-20 11:53:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-20 11:53:03 ----D---- C:\WINDOWS
2011-10-20 11:52:48 ----D---- C:\WINDOWS\system32
2011-10-20 11:26:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-20 11:22:23 ----HD---- C:\WINDOWS\inf
2011-10-20 11:22:18 ----D---- C:\WINDOWS\twain_32
2011-10-20 11:21:45 ----SHD---- C:\WINDOWS\Installer
2011-10-20 11:21:45 ----HD---- C:\Config.Msi
2011-10-20 11:21:34 ----D---- C:\Program Files\HP
2011-10-20 11:18:54 ----RSD---- C:\WINDOWS\assembly
2011-10-20 11:18:50 ----D---- C:\WINDOWS\WinSxS
2011-10-20 11:18:45 ----D---- C:\Program Files\Common Files
2011-10-20 11:18:25 ----A---- C:\WINDOWS\win.ini
2011-10-20 11:16:50 ----D---- C:\WINDOWS\Prefetch
2011-10-20 11:16:11 ----D---- C:\Program Files\Google
2011-10-20 11:16:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-10-20 11:11:18 ----D---- C:\WINDOWS\Debug
2011-10-20 11:11:17 ----D---- C:\WINDOWS\Minidump
2011-10-20 11:06:25 ----D---- C:\Documents and Settings
2011-10-19 20:07:26 ----SH---- C:\boot.ini
2011-10-19 20:07:26 ----A---- C:\WINDOWS\system.ini
2011-10-15 19:00:37 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-10-15 12:33:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-15 11:09:37 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-15 10:44:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-15 10:41:26 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-15 10:41:11 ----D---- C:\WINDOWS\system32\drivers
2011-10-15 10:41:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-15 10:41:01 ----D---- C:\Program Files\Internet Explorer
2011-10-15 10:40:52 ----D---- C:\WINDOWS\ie8updates
2011-10-13 17:29:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-10-12 18:35:57 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-08 18:33:48 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-09-26 09:43:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-26 09:43:48 ----D---- C:\WINDOWS\system32\DirectX
2011-09-25 15:42:29 ----D---- C:\Documents and Settings\Bajuska\Data aplikací\Skype
2011-09-23 13:44:00 ----D---- C:\Documents and Settings\Bajuska\Data aplikací\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 AIRPLUS;D-Link AirPlus Wireless Adapter; C:\WINDOWS\system32\DRIVERS\airplus.sys [2003-09-08 255360]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-10-04 1754624]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-01 4484608]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-09-25 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-01-05 1714176]
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-10-04 425984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-05-10 42184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow\ScsiAccess.exe [2010-02-19 181312]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-10-03 520192]
S2 gupdate1ca4991c3dca6c6;Služba Google Update (gupdate1ca4991c3dca6c6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 20 říj 2011 12:21

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

#3 Příspěvek od **Mc_Murphy** » 20 říj 2011 12:32

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary!

Skype bych doporučil odebrat ze spouštění po startu systému a spouštět ho ručně až po náběhu.

Log není úplný, vyčistíme něco pomocí OTM a pak mi sem hodíš ještě log z OTL, abych mrknul na zbytek.

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

http://oldtimer.geekstogo.com/OTM.exe
http://oldtimer.geekstogo.com/OTM.com
http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script:

Kód: Vybrat vše

:Services
Nero BackItUp Scheduler 3
NMIndexingService
gupdate1ca4991c3dca6c6
gupdatem

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileyCentralIE_1w Browser Plugin Loader]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Home.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job

:Commands
[Purity]
[ResetHosts]
[EmptyTemp]
[EmptyFlash]
[ClearAllRestorePoints]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

A potom tedy stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*nocd* /s
*AutoKMS* /s
*minodlogin* /s
*tnod* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Loutka · #4 Příspěvek od **Loutka** » 20 říj 2011 15:49

ok dnes to nestihnu tak zítra to sem dodám....

#5 Příspěvek od **Mc_Murphy** » 20 říj 2011 17:56

Není vůbec problém, počkám si.

Loutka · #6 Příspěvek od **Loutka** » 20 říj 2011 19:45

Tak jsem to dneska stihnul ale log s OTM jsem nenašel nikde to tu nemám...

Loutka · #7 Příspěvek od **Loutka** » 20 říj 2011 19:55

OTL logfile created on: 20.10.2011 20:43:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bajuska\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 76,11% Memory free
3,85 Gb Paging File | 3,46 Gb Available in Paging File | 89,96% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 13,48 Gb Free Space | 19,72% Space Free | Partition Type: NTFS
Drive G: | 397,40 Gb Total Space | 396,80 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

Computer Name: HOME-58B74E775F | User Name: Bajuska | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.10.20 20:37:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bajuska\Plocha\OTL.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.24 19:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.02.19 22:15:28 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShow\scsiaccess.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.14 08:02:10 | 001,080,264 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\TC UP\TOTALCMD.EXE
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.20 19:06:39 | 001,599,488 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11102002\algo.dll
MOD - [2011.10.20 01:24:36 | 000,239,432 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11102002\aswRep.dll
MOD - [2011.10.15 11:09:02 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.15 11:07:42 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.15 10:46:37 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.15 10:46:32 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.15 10:46:21 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.15 10:45:14 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.15 10:45:07 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.15 10:44:25 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.10.15 10:44:24 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2010.02.19 22:15:28 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShow\scsiaccess.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010.02.19 22:15:28 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShow\scsiaccess.exe -- (ScsiAccess)
SRV - [2004.03.18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.01.05 13:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2009.09.25 16:44:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2008.04.14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.03.01 11:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.10.11 05:33:58 | 000,010,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio)
DRV - [2006.10.04 03:43:22 | 001,754,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2004.12.14 17:55:22 | 000,009,472 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2003.09.08 10:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0C 89 16 16 21 00 CB 01 [binary data]
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.07 15:07:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.10.07 15:07:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.09.29 09:07:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 03:30:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.29 03:30:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.29 03:30:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.29 03:30:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.29 03:30:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

Loutka · #8 Příspěvek od **Loutka** » 20 říj 2011 19:56

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_MattWMoore = C:\Documents and Settings\Bajuska\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhfnkfaeekjcmeadbdcohacjdjdmlmia\3_0\

O1 HOSTS File: ([2011.03.24 16:52:00 | 000,000,822 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.smileycentral.com/one-to ... 2010121113 File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{041D7AA6-FD76-4CDD-A289-2C12ADE36645}: NameServer = 192.168.150.237,194.228.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD2AB3F4-1677-4D55-958F-9CB4C149DAA5}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bajuska\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bajuska\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.24 15:51:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

Loutka · #9 Příspěvek od **Loutka** » 20 říj 2011 19:56

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - VfWWDM32.dll File not found
Drivers32: VIDC.ACDV - C:\WINDOWS\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - ffdshow.ax File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.10.20 20:37:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bajuska\Plocha\OTL.exe
[2011.10.20 20:31:51 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bajuska\Plocha\OTM.exe
[2011.10.20 11:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.20 11:55:31 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.20 11:11:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bajuska\Recent
[2011.10.20 11:11:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bajuska\IECompatCache
[2011.10.20 11:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.20 11:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bajuska\Nabídka Start\Programy\CCleaner
[2011.10.20 11:04:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bajuska\Plocha\Tedynka
[2011.10.19 20:16:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bajuska\Dokumenty\Přijaté soubory
[2009.09.28 10:06:19 | 000,622,592 | ---- | C] (TSoft) -- C:\Program Files\Vypinac.exe
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.10.20 20:44:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.20 20:44:00 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job
[2011.10.20 20:37:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bajuska\Plocha\OTL.exe
[2011.10.20 20:34:58 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.20 20:34:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.20 20:31:55 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bajuska\Plocha\OTM.exe
[2011.10.20 20:31:31 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011.10.20 11:10:18 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Bajuska\Plocha\CCleaner.lnk
[2011.10.20 11:06:13 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.19 19:00:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011.10.19 18:24:24 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\Bajuska\Plocha\word ard.lnk
[2011.10.17 14:25:59 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Home.job
[2011.10.15 12:33:31 | 000,116,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.15 10:44:39 | 000,923,948 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.10.15 10:44:39 | 000,436,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.15 10:44:39 | 000,326,214 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.10.15 10:44:39 | 000,225,548 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.14 15:02:27 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.20 20:44:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.20 11:10:29 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Bajuska\Plocha\RSIT.exe
[2011.10.20 11:10:18 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Bajuska\Plocha\CCleaner.lnk
[2011.05.15 10:20:22 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2011.03.24 16:52:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.01.07 17:24:35 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Bajuska\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.18 16:39:02 | 000,000,497 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010.01.29 16:40:16 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2010.01.02 13:23:29 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009.12.08 22:22:17 | 000,214,528 | ---- | C] () -- C:\WINDOWS\acroinst.exe
[2009.10.28 18:49:47 | 000,104,257 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2009.10.28 18:49:47 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2009.10.17 17:32:07 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez9543.dat
[2009.10.10 12:14:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.09.29 17:10:14 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.28 10:06:19 | 000,492,336 | ---- | C] () -- C:\Program Files\vypinac.zip
[2009.09.28 10:06:19 | 000,000,134 | ---- | C] () -- C:\Program Files\Vypinac.ini
[2009.09.25 16:47:10 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.09.25 16:45:48 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.09.25 16:45:48 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009.09.25 16:45:47 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.09.24 17:39:05 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.09.24 17:36:19 | 000,116,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.09.24 17:12:15 | 000,000,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\RADIO15.bin
[2009.09.24 17:12:14 | 000,040,636 | R--- | C] () -- C:\WINDOWS\System32\drivers\WLANGEN.bin
[2009.09.24 17:12:14 | 000,000,964 | R--- | C] () -- C:\WINDOWS\System32\drivers\RADIO11.bin
[2009.09.24 17:12:14 | 000,000,936 | R--- | C] () -- C:\WINDOWS\System32\drivers\RADIO0d.bin
[2009.09.24 16:53:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.09.24 16:50:48 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.09.24 16:50:35 | 002,515,656 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.09.24 16:50:34 | 000,136,650 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.09.24 16:45:45 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.09.24 16:05:36 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.09.24 15:52:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.09.24 15:49:39 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,923,948 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,436,298 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,326,214 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 14:00:00 | 000,225,548 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.10.02 22:15:20 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2004.11.29 16:43:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2004.10.12 07:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2004.10.12 07:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004.10.12 07:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2004.10.09 07:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2004.10.05 09:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL

========== LOP Check ==========

[2009.09.25 16:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.09.23 12:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.06.10 13:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canon IJ Network Tool
[2011.06.10 13:51:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.06.10 13:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2011.06.10 19:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2011.06.10 19:09:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX
[2011.06.10 13:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2011.06.10 13:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2011.06.10 13:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2011.10.13 17:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2011.06.27 20:49:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2011.06.10 13:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2011.06.10 13:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2010.01.29 18:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.05 06:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\STORMWARE
[2011.10.15 19:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.06.13 10:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Canon Easy-WebPrint EX
[2011.09.23 13:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\ICQ
[2010.09.12 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Photodex
[2010.08.11 06:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Zoner
[2011.08.13 15:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Canon Easy-WebPrint EX
[2011.01.06 22:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\ICQ
[2009.09.25 17:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\ACD Systems
[2009.09.25 16:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\HEXelon
[2010.02.12 15:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\ICQ
[2009.10.03 17:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\QIP
[2009.12.15 07:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\STORMWARE
[2009.12.04 20:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\Zoner
[2011.10.19 19:00:00 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2011.10.20 20:44:00 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job

========== Purity Check ==========

Loutka · #10 Příspěvek od **Loutka** » 20 říj 2011 19:57

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008.04.14 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NTFS.SYS >
[2008.04.14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2010.08.25 05:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAE.DLL
[2010.08.25 05:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAE.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2006.10.04 03:13:32 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2006.08.23 23:26:58 | 000,655,842 | R--- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.cpa
[2006.08.23 23:26:58 | 000,000,929 | R--- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.vp
[2006.08.23 23:26:56 | 000,002,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\ativckxx.vp
[2006.08.23 23:26:56 | 000,002,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\ativdkxx.vp
[2006.10.04 04:51:24 | 000,035,680 | R--- | M] () -- C:\WINDOWS\system32\drivers\ativvpxx.vp
[2008.04.14 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2008.04.14 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2003.07.25 04:24:32 | 000,000,936 | R--- | M] () -- C:\WINDOWS\system32\drivers\RADIO0d.bin
[2003.07.27 04:02:16 | 000,000,964 | R--- | M] () -- C:\WINDOWS\system32\drivers\RADIO11.bin
[2003.05.18 13:04:46 | 000,000,912 | R--- | M] () -- C:\WINDOWS\system32\drivers\RADIO15.bin
[2008.04.14 09:52:06 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vfwwdm32.dll
[2003.09.02 08:33:30 | 000,040,636 | R--- | M] () -- C:\WINDOWS\system32\drivers\WLANGEN.bin

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2009.09.24 17:35:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.09.24 17:35:29 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.09.24 17:35:28 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[12 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[2 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2009.09.24 17:38:41 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.10.20 11:25:05 | 000,003,598 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\hpzinstall.log

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.05.14 20:04:37 | 000,526,512 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2009.10.03 12:32:54 | 001,886,320 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\NOS\Adobe_Downloads\GoogleToolbarInstaller_en_signed.exe
[2009.10.03 12:32:58 | 001,962,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\NOS\Adobe_Downloads\install_flash_player_ax.exe
[2009.11.11 11:34:38 | 010,662,632 | ---- | M] (STORMWARE s.r.o.) -- C:\Documents and Settings\All Users\Data Aplikací\STORMWARE\POHODA\Update\File\StwPh.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2010.06.07 19:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Adobe
[2010.05.22 19:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\ATI
[2011.06.13 10:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Canon Easy-WebPrint EX
[2010.07.25 18:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\CyberLink
[2010.05.22 20:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Google
[2011.09.23 13:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\ICQ
[2010.05.22 19:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Identities
[2010.05.22 21:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Macromedia
[2010.09.25 19:46:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Microsoft
[2010.09.12 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Photodex
[2011.09.25 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Skype
[2011.04.18 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\skypePM
[2010.08.11 06:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bajuska\Data aplikací\Zoner

< %APPDATA%\*.* >
[2009.09.24 17:38:41 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Bajuska\Data aplikací\desktop.ini
[2011.03.08 18:19:42 | 000,017,224 | ---- | M] () -- C:\Documents and Settings\Bajuska\Data aplikací\GDIPFONTCACHEV1.DAT

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2008.04.19 13:49:27 | 002,277,811 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\Downloads\eav_3.0.636_enu_32bit_cracked.rar
[2005.03.16 23:22:25 | 000,610,208 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\cracked.rar
[2003.11.30 15:22:46 | 000,018,918 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\Total commander\Total_Commander_Universal_Crack_All_Versions_v3.51_-_v5.50_-.zip

< *keygen* /s >
[2005.01.21 11:55:42 | 000,016,896 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Anti-Trojan_v5.5.420_keygen.exe
[2005.01.21 11:15:30 | 000,061,486 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\keygen_tno.exe
[2004.11.03 11:37:44 | 000,021,345 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\keygen.rar
[2004.11.03 11:37:32 | 000,024,064 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\keygen\keygen.exe
[2003.05.27 17:49:50 | 000,038,359 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\KeyGen_EVE11.zip
[2003.05.27 17:49:30 | 000,037,821 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\KeyGen_MPEG131.zip
[2003.11.28 00:19:00 | 000,035,888 | ---- | M] () -- \Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\KG\keygen.exe

< *nocd* /s >

< *AutoKMS* /s >

< *minodlogin* /s >

< *tnod* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-15 08:45:00

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.20 20:44:57 | 000,000,512 | ---- | M] () MD5=FCB814E9C1B2224695A63CA21AC79298 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

Loutka · #11 Příspěvek od **Loutka** » 20 říj 2011 19:58

OTL Extras logfile created on: 20.10.2011 20:43:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bajuska\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 76,11% Memory free
3,85 Gb Paging File | 3,46 Gb Available in Paging File | 89,96% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 13,48 Gb Free Space | 19,72% Space Free | Partition Type: NTFS
Drive G: | 397,40 Gb Total Space | 396,80 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

Computer Name: HOME-58B74E775F | User Name: Bajuska | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\8.0.Pro\ACDSee8Pro.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe" = C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011 -- (GIANTS Software GmbH)
"C:\Program Files\Landwirtschafts Simulator 2011\game.exe" = C:\Program Files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011 -- (GIANTS Software GmbH)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Disabled:Skype Extras Manager
"C:\Documents and Settings\Home.HOME-58B74E775F\Plocha\Stronghold Crusader\Stronghold Crusader.exe" = C:\Documents and Settings\Home.HOME-58B74E775F\Plocha\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04D296A9-236A-4CE0-BA7B-54275340FA32}_is1" = Morská Panna Svadba
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{2933831A-7F63-433A-82EC-4A7882FCFA8B}_is1" = Popeláři
"{31610C80-309D-40C5-8CF4-9D1EA19DBA0B}_is1" = 18 Wheels of Steel American Long Haul
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3CE5D820-34E8-4362-BA66-02C50E1AF75E}" = ATI Catalyst Control Center
"{3fce1d61-123b-41f3-b494-ac4000ffe112}" = Nero 9 Lite
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{ADD801DD-8D28-494E-A63C-B8EED2B2670B}" = STORMWARE POHODA CZ Standard
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}" = D-Link AirPlus
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F99F74B4-972B-4B06-B893-6B3B0DB0128B}" = ACDSee Pro
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"AcroPDF_is1" = AcroPDF 3.00
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Amazing Photo Editor V7.8.6" = Amazing Photo Editor V7.8.6
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner (remove only)
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Network Play System (Patching)" = Network Play System (Patching)
"NSS" = Norton Security Scan
"ProShow" = ProShow
"Registrace uživatele zařízení Canon MG5200 series" = Registrace uživatele zařízení Canon MG5200 series
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 5.0.0.614
"TC UP" = Total Commander Ultima Prime 3.4
"The Sims" = The Sims
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12.6.2010 6:02:54 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 21.6.2010 8:26:38 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 6.7.2010 9:06:19 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 6.7.2010 9:06:19 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 18.7.2010 7:24:54 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 18.7.2010 7:24:54 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 18.7.2010 9:17:19 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 21.7.2010 5:43:56 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 23.7.2010 15:39:51 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

Error - 5.9.2010 6:16:35 | Computer Name = HOME-58B74E775F | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 23.9.2011 13:43:40 | Computer Name = HOME-58B74E775F | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19120, adresa chyby 0x000f9a7a.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

[ Application Events ]
Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:09:14 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 13:34:23 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 23.9.2011 13:43:40 | Computer Name = HOME-58B74E775F | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19120, adresa chyby 0x000f9a7a.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 23.9.2011 14:28:27 | Computer Name = HOME-58B74E775F | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

[ System Events ]
Error - 20.10.2011 5:57:18 | Computer Name = HOME-58B74E775F | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.8,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 20.10.2011 14:26:11 | Computer Name = HOME-58B74E775F | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.10.2011 14:26:18 | Computer Name = HOME-58B74E775F | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.8,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 20.10.2011 14:26:20 | Computer Name = HOME-58B74E775F | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 20.10.2011 14:26:20 | Computer Name = HOME-58B74E775F | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 20.10.2011 14:34:55 | Computer Name = HOME-58B74E775F | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.10.2011 14:34:58 | Computer Name = HOME-58B74E775F | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 192.168.1.8,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 20.10.2011 14:35:06 | Computer Name = HOME-58B74E775F | Source = NetBT | ID = 4307
Description = Inicializace se nezdařila, protože přenos odmítl otevřít počáteční
adresy.

Error - 20.10.2011 14:35:06 | Computer Name = HOME-58B74E775F | Source = ati2mtag | ID = 44044
Description = I2c return failed

Error - 20.10.2011 14:35:06 | Computer Name = HOME-58B74E775F | Source = ati2mtag | ID = 44044
Description = I2c return failed

< End of report >

#12 Příspěvek od **Mc_Murphy** » 21 říj 2011 10:25

Nevadí, zkusíme to tedy rovnou přes OTL.

Následující soubory otestuj na stránkách VirusTotal.

C:\WINDOWS\dsez9543.dat
Klikni na Procházet.
Soubor nehledej, jen vlož cestu souboru, který chci otestovat.
Klikni na Send File.
Pokud na Tebe vyskočí obrazovka jako je níže, klikni na Reanalyse.
Výsledek analýzy mi sem vlož (jako odkaz).

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0C 89 16 16 21 00 CB 01 [binary data]
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O1 - Hosts: ::1 localhost
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-1035525444-682003330-1006\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O8 - Extra context menu item: &Search - http://tbedits.smileycentral.com/one-to ... 2010121113 File not found
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[12 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[2 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES /d
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\Total commander\Total_Commander_Universal_Crack_All_Versions_v3.51_-_v5.50_-.zip /d
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan /d
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1 /d
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept /d
C:\WINDOWS\tasks\Norton Security Scan for Home.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\System32\CleanMFT32.exe

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Loutka · #13 Příspěvek od **Loutka** » 21 říj 2011 10:56

http://www.virustotal.com/file-scan/rep ... 1319190404

Loutka · #14 Příspěvek od **Loutka** » 21 říj 2011 11:03

All processes killed
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
HKU\S-1-5-21-1214440339-1035525444-682003330-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1214440339-1035525444-682003330-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1214440339-1035525444-682003330-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
::1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\Home\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}\ deleted successfully.
File WebPrint EX\ewpexhlp.dll not found.
Registry value HKEY_USERS\S-1-5-21-1214440339-1035525444-682003330-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1214440339-1035525444-682003330-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}\ not found.
File WebPrint EX\ewpexhlp.dll not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP102.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2073.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2127.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP220B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2228.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22AC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A.tmp\System.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI115.tmp deleted successfully.
C:\WINDOWS\Installer\MSI14F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI152.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI18E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1BD.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1C2.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2C4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI44.tmp deleted successfully.
C:\WINDOWS\system32\ConduitEngine.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET2E.tmp deleted successfully.
C:\WINDOWS\system32\SET2F.tmp deleted successfully.
C:\WINDOWS\system32\SET32.tmp deleted successfully.
C:\WINDOWS\system32\SET33.tmp deleted successfully.
C:\WINDOWS\system32\SET34.tmp deleted successfully.
C:\WINDOWS\system32\SET37.tmp deleted successfully.
C:\WINDOWS\system32\SET39.tmp deleted successfully.
C:\WINDOWS\system32\SET53.tmp deleted successfully.
C:\WINDOWS\system32\SET56.tmp deleted successfully.
C:\WINDOWS\system32\SET5B.tmp deleted successfully.
C:\WINDOWS\system32\SET62.tmp deleted successfully.
C:\WINDOWS\system32\SET64.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_CAF91.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_CAF91.tmp folder deleted successfully.
C:\WINDOWS\Temp\sig10.tmp deleted successfully.
C:\WINDOWS\Temp\sig11.tmp deleted successfully.
C:\WINDOWS\Temp\sig4.tmp deleted successfully.
C:\WINDOWS\Temp\sig5.tmp deleted successfully.
C:\WINDOWS\Temp\sig6.tmp deleted successfully.
C:\WINDOWS\Temp\sig7.tmp deleted successfully.
C:\WINDOWS\Temp\sig8.tmp deleted successfully.
C:\WINDOWS\Temp\sig9.tmp deleted successfully.
C:\WINDOWS\Temp\sigA.tmp deleted successfully.
C:\WINDOWS\Temp\sigB.tmp deleted successfully.
C:\WINDOWS\Temp\sigC.tmp deleted successfully.
C:\WINDOWS\Temp\sigD.tmp deleted successfully.
C:\WINDOWS\Temp\sigE.tmp deleted successfully.
C:\WINDOWS\Temp\sigF.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp155706057.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp160899101.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgends.tmp deleted successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Temp\sig12.tmp moved successfully.
C:\WINDOWS\Temp\sig13.tmp moved successfully.
C:\WINDOWS\Temp\sig14.tmp moved successfully.
C:\WINDOWS\Temp\sig15.tmp moved successfully.
C:\WINDOWS\Temp\sig16.tmp moved successfully.
C:\WINDOWS\Temp\sig17.tmp moved successfully.
C:\WINDOWS\Temp\sig18.tmp moved successfully.
C:\WINDOWS\Temp\sig19.tmp moved successfully.
C:\WINDOWS\Temp\sig1A.tmp moved successfully.
C:\WINDOWS\Temp\sig1B.tmp moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{06237C08-7D4B-4309-BAB9-BA84D908AEED}.job moved successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\Crack\CORE10k.EXE deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\Crack\nod32.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\Crack\nod32kui.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\Crack\ps_upd.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\Crack folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\advheur.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\archs.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\CA6D~1 deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\engine.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\info.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\main.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\mainlang.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\mfc42.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\mfc42u.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\msvcrt.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\readme.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\setup.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\setup.xml deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze\_sn.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\plná verze folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\nod32 verze 2\nentczst.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\nod32 verze 2 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\advheur.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\archs.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\engine.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\main.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\mfc42.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\mfc42u.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\msvcrt.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\nentenst.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\ntbaseen.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\ntineten.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\ntstden.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\pwscan.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\readme.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\setup.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test\setup.xml deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nod32 v2.12.3 test folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\advheur0.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\archs0.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\archs1.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\archs2.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\engine0.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\pwscan0.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\pwscan1.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\pwscan2.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles\UPDATE.ver deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\updfiles folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\advheur.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\archs.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\engine.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\main.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\mainlang.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\mfc42.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\mfc42u.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\msvcrt.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\ndntczst.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\ntbasecz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\ntinetcz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\ntstdcz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\pwscan.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\readme.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\setup.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\setup.xml deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2\_sn.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\Nod32 v2.12.2 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\9down.jpg deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\CORE.NFO deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\CORE10k.EXE deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\cracked.rar deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\FILE_ID.DIZ deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\nentenst.001 deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack\nentenst.002 deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\crack folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\advheur.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\archs.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\engine.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\info.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\main.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\mainlang.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\mfc42.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\mfc42u.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\msvcrt.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\nentczst.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\ntbasecz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\ntinetcz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\ntstdcz.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\pwscan.nup deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\readme.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\setup.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE\setup.xml deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\ESET.NOD32.AntiVirus.v2.12.1.WinNT2kXP.CRACKED-CORE folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Crack\nod32.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Crack\nod32kui.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Crack\ps_upd.dll deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Crack folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\des.nfo deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\heslo pro aktualizaci.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Heslo pro stažení a zároveň na registraci.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\nod 32 servry.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\NOD heslo - Funkční (200604).txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Nod32 2.0 serial.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\NOD32 Un-trial key.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\NOD32-seriall.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\NOD32_AntiVirus_Passwords - april 2003.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\NOD32_UPDATE_SERVER.reg deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\serial nod32.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\Serial.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES\sn.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\Eset.NOD32.Antivirus.WinNT2kXP.v2.0.CZECH-DES folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\Total commander\Total_Commander_Universal_Crack_All_Versions_v3.51_-_v5.50_-.zip deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Key Gen\kadets.gif deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Key Gen\TNO.NFO deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Key Gen\tno_at55.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Key Gen folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Anti-Trojan v5.5\Serial.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Anti-Trojan v5.5 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\anti-trojan\Anti-Trojan Shield1.0.0.12.reg deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\anti-trojan\ats1.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\anti-trojan folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Anti-Trojan_v5.5.420.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Anti-Trojan_v5.5.420_keygen.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\ATro55en.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\keygen_tno.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan\Serial.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\antivir\AntiTrojan folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\keygen\keygen.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\keygen folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\divx.htm deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\DivXPro511GAINBundle.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\file_id.diz deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\ghetto.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\keygen.rar deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\paranoia.nfo deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\ssg.nfo deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1\usux.nfo deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\DivX Pro v5.1 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\Mpeg encoder folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\MainConcept mpeg encoder 1.4\mpegencoderv1.4.0.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\MainConcept mpeg encoder 1.4\Serial.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\MainConcept mpeg encoder 1.4 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\Setup\dvcprov3[1].0.9.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\Setup\SN.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\Setup folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\KG\keygen.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\KG\ror.nfo deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\KG\SN.txt deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50\KG folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\DVCPro 25.50 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\dvcodecv2.4.4\dvcodecv2.4.4.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\dvcodecv2.4.4\kdv.2.4.4.zip deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\dvcodecv2.4.4 folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec\dvdemocodecv2[1].1.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\DV codec folder deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\asa-mcdvc-204.zip deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\evev1[1].1.0.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\KeyGen_EVE11.zip deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\KeyGen_MPEG131.zip deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept\mpegencoder.exe deleted successfully.
C:\Documents and Settings\Home\Plocha\zaloha\zaloha Martin\záloha martin\programy\kodeky\MainConcept folder deleted successfully.
C:\WINDOWS\tasks\Norton Security Scan for Home.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\RMSchedule.job moved successfully.
C:\WINDOWS\System32\CleanMFT32.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 117707 bytes

User: All Users

User: Bajuska
->Temp folder emptied: 30590588 bytes
->Temporary Internet Files folder emptied: 6111354 bytes
->Google Chrome cache emptied: 87140670 bytes
->Flash cache emptied: 806 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 881146 bytes
->Temporary Internet Files folder emptied: 21665786 bytes
->Flash cache emptied: 4872 bytes

User: Home
->Temp folder emptied: 941146822 bytes
->Temporary Internet Files folder emptied: 54118685 bytes
->Google Chrome cache emptied: 13079353 bytes
->Flash cache emptied: 62366 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3725174 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 103569 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 156341167 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 254,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Bajuska
->Flash cache emptied: 0 bytes

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Home
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: TEMP

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 10212011_115747

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF382.tmp not found!
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF3A6.tmp not found!
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF450.tmp not found!
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF483.tmp not found!
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF5B0.tmp not found!
File\Folder C:\Documents and Settings\Bajuska\Local Settings\Temp\~DF5D5.tmp not found!
C:\Documents and Settings\Bajuska\Local Settings\Temporary Internet Files\Content.IE5\W52H60Z8\report[1].html moved successfully.
C:\Documents and Settings\Bajuska\Local Settings\Temporary Internet Files\Content.IE5\N9EFFFJZ\afr[2].htm moved successfully.
C:\Documents and Settings\Bajuska\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

#15 Příspěvek od **Mc_Murphy** » 21 říj 2011 11:20

OK. První soubor je čistý.

OTL provedlo, co mělo.

Dáme ještě pro jisotu scan s MBAM, protože jsem mazal i nějakou tu havěť.

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

VIRY.CZ

prosím o kontrlolu logu

prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu

Re: prosím o kontrlolu logu