VIRY.CZ

Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radunka at 2011-12-28 19:51:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 232 GB (76%) free of 305 GB
Total RAM: 895 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:50, on 28.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Radunka\Plocha\RSIT.exe
C:\Program Files\trend micro\Radunka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 8657 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for hp.job
C:\WINDOWS\tasks\Norton Security Scan for Radunka.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-25 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-13 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-29 1545512]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-10-26 2078048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"SystemKey"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Radunka\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-18 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-09-24 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2\metin2.exe"="C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\EverStep\Program\EverStep.exe"="C:\Program Files\EverStep\Program\EverStep.exe:*:Enabled:EverStep"
"C:\Program Files\QuadCoreM2\pack\core.bin"="C:\Program Files\QuadCoreM2\pack\core.bin:*:Enabled:core"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-28 19:52:00 ----D---- C:\Program Files\trend micro
2011-12-28 19:51:59 ----D---- C:\rsit
2011-12-25 21:05:48 ----D---- C:\Program Files\uTorrent
2011-12-15 11:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 11:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 11:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 11:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 11:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 11:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 11:54:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-05 15:06:38 ----D---- C:\Program Files\Microsoft.NET

======List of files/folders modified in the last 1 month======

2011-12-28 19:52:00 ----RD---- C:\Program Files
2011-12-28 19:51:49 ----D---- C:\WINDOWS\Prefetch
2011-12-28 19:34:56 ----D---- C:\WINDOWS\Debug
2011-12-28 19:34:49 ----D---- C:\WINDOWS
2011-12-28 19:34:24 ----D---- C:\WINDOWS\Temp
2011-12-28 19:18:25 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-28 19:18:23 ----D---- C:\Documents and Settings\Radunka\Data aplikací\uTorrent
2011-12-28 17:55:11 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-12-27 21:50:25 ----D---- C:\WINDOWS\system32\config
2011-12-27 18:31:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-25 19:44:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-25 19:15:55 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-12-24 16:26:51 ----D---- C:\Documents and Settings\Radunka\Data aplikací\Skype
2011-12-24 16:26:01 ----D---- C:\WINDOWS\system32
2011-12-24 16:17:26 ----SHD---- C:\WINDOWS\Installer
2011-12-24 16:17:26 ----SD---- C:\Documents and Settings\Radunka\Data aplikací\Microsoft
2011-12-24 16:17:25 ----D---- C:\Config.Msi
2011-12-24 16:14:05 ----D---- C:\Program Files\Metin2
2011-12-15 11:59:35 ----HD---- C:\WINDOWS\inf
2011-12-15 11:59:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-15 11:58:57 ----D---- C:\Program Files\Internet Explorer
2011-12-15 11:58:22 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-15 11:55:19 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-11 19:45:50 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-11 19:45:49 ----RSD---- C:\WINDOWS\assembly
2011-12-11 18:16:37 ----D---- C:\Documents and Settings\Radunka\Data aplikací\.minecraft
2011-12-08 07:17:18 ----D---- C:\WINDOWS\WinSxS
2011-12-08 07:16:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-05 15:24:52 ----SD---- C:\WINDOWS\Tasks
2011-12-05 15:17:54 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-05 15:06:50 ----D---- C:\WINDOWS\system32\en-US

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-09-24 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-09-12 29712]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-05-06 243152]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-01-02 1160320]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-18 2849280]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-06-05 175104]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2010-09-21 1391104]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-02-14 530861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-02-14 30459]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-02-14 149123]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-07-29 213680]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HP24X;HP PC Card Smart Card Reader; C:\WINDOWS\system32\DRIVERS\HP24X.sys [2007-07-17 35072]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-18 512000]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-09-24 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-09-24 308136]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-13 153376]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-30 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-30 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

HJT najdeš zde :

C:\Program Files\trend micro\Radunka.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)

Služba Google Update (gupdatem)

NBService - Nero AG

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
www.malwarebytes.org

Verze databáze: v2011.12.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Radunka :: PC-9C2D890101BD [administrátor]

Ochrana: Povolena

29.12.2011 15:17:20
mbam-log-2011-12-29 (15-17-20).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 266821
Uplynulý čas: 5 hodin, 52 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Nyní se pro jistotu podíváme hlouběji, tak pozorně čti, protože tenhle softík netoleruje chyby.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Snad jsem všechno udělala správně, ale nevidím žádné výraznější změny, PC se velmi dlouho zapíná a stále pracuje pomalu...

ComboFix 11-12-31.02 - Radunka 31.12.2011 15:20:14.1.2 - x86
Spuštěný z: c:\documents and settings\Radunka\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Setup.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET38.tmp
c:\windows\system32\SET3C.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-28 do 2011-12-31 )))))))))))))))))))))))))))))))
.
.
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\documents and settings\Radunka\Data aplikací\Malwarebytes
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-29 14:13 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 20:20 . 2011-12-28 20:20 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-12-28 18:52 . 2011-12-29 14:08 -------- d-----w- c:\program files\trend micro
2011-12-28 18:51 . 2011-12-28 18:52 -------- d-----w- C:\rsit
2011-12-25 20:05 . 2011-12-25 20:05 -------- d-----w- c:\program files\uTorrent
2011-12-25 20:05 . 2011-12-25 20:05 -------- d-----w- c:\documents and settings\Radunka\Local Settings\Data aplikací\uTorrent
2011-12-24 15:26 . 2011-12-24 15:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-08 06:11 . 2011-12-08 06:11 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2011-12-05 14:06 . 2011-12-05 14:06 -------- d-----w- c:\program files\Microsoft.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2008-04-14 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 17:24 . 2011-11-21 17:24 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-11-21 17:24 . 2011-11-21 17:24 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-11-04 19:13 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-13 15:14 . 2011-10-13 15:15 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-13 15:14 . 2011-10-13 15:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-10 14:22 . 2010-09-21 06:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2008-02-05 13:50 . 2008-02-05 13:50 4608 ----a-w- c:\program files\RelInfo.sys
2008-02-05 13:42 . 2008-02-05 13:42 1102 ----a-w- c:\program files\layout.bin
2006-04-25 08:54 . 2006-04-25 08:54 40960 ----a-w- c:\program files\AEEnable.exe
2005-06-24 08:30 . 2005-06-24 08:30 35328 ----a-w- c:\program files\DevSetup.exe
.
.

d.otrosinova píše:Snad jsem všechno udělala správně

Skoro princezno až na to že bych log z ComboFix potřeboval úplně celý.

Když tak ho najdeš na C:/Combofix.txt

Moc se omlouvám, říkala jsem si, že je to nějaký krátký

ComboFix 11-12-31.02 - Radunka 31.12.2011 15:20:14.1.2 - x86
Spuštěný z: c:\documents and settings\Radunka\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Setup.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET38.tmp
c:\windows\system32\SET3C.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-28 do 2011-12-31 )))))))))))))))))))))))))))))))
.
.
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\documents and settings\Radunka\Data aplikací\Malwarebytes
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-29 14:13 . 2011-12-29 14:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-29 14:13 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 20:20 . 2011-12-28 20:20 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-12-28 18:52 . 2011-12-29 14:08 -------- d-----w- c:\program files\trend micro
2011-12-28 18:51 . 2011-12-28 18:52 -------- d-----w- C:\rsit
2011-12-25 20:05 . 2011-12-25 20:05 -------- d-----w- c:\program files\uTorrent
2011-12-25 20:05 . 2011-12-25 20:05 -------- d-----w- c:\documents and settings\Radunka\Local Settings\Data aplikací\uTorrent
2011-12-24 15:26 . 2011-12-24 15:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-08 06:11 . 2011-12-08 06:11 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2011-12-05 14:06 . 2011-12-05 14:06 -------- d-----w- c:\program files\Microsoft.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2008-04-14 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 17:24 . 2011-11-21 17:24 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-11-21 17:24 . 2011-11-21 17:24 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-11-04 19:13 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-13 15:14 . 2011-10-13 15:15 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-13 15:14 . 2011-10-13 15:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-10 14:22 . 2010-09-21 06:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2008-02-05 13:50 . 2008-02-05 13:50 4608 ----a-w- c:\program files\RelInfo.sys
2008-02-05 13:42 . 2008-02-05 13:42 1102 ----a-w- c:\program files\layout.bin
2006-04-25 08:54 . 2006-04-25 08:54 40960 ----a-w- c:\program files\AEEnable.exe
2005-06-24 08:30 . 2005-06-24 08:30 35328 ----a-w- c:\program files\DevSetup.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2011-10-26 2078048]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-09-24 05:58 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\EverStep\\Program\\EverStep.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57649:TCP"= 57649:TCP:Pando Media Booster
"57649:UDP"= 57649:UDP:Pando Media Booster
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [21.9.2010 15:00 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [21.9.2010 15:00 243152]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [24.9.2010 6:58 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [24.9.2010 6:58 308136]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [29.12.2011 15:13 652872]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [21.9.2010 14:17 228408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [29.12.2011 15:13 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17.7.2007 0:24 35072]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2011 17:15 135664]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2011 17:15 135664]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 16:15]
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 16:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SystemKey - (no file)
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-31 15:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\TEMP\87e27dd7-b9f6-4340-8d08-1f335d5cd82b
c:\windows\TEMP\c21255e6-5707-4eda-93d0-4dec005f2032
c:\windows\TEMP\880e7c1f-a248-496a-ba50-3018f700a46f
c:\windows\TEMP\88a6ab68-0040-48b8-9147-10e50828e256
c:\windows\TEMP\892163ef-048a-48c0-bb20-a2fcfad1089f
c:\windows\TEMP\8985fb06-911e-4d9e-8e94-aecf1381f414
c:\windows\TEMP\8a6b4fbc-1e29-4fec-a972-08a79694afcd
c:\windows\TEMP\8b7acca7-0f9c-4bd8-a03a-c782a2fda6ac
c:\windows\TEMP\8ba873de-abc8-4fd2-b1cd-7dce29df5658
c:\windows\TEMP\8bf40892-94e0-48ec-8bac-fed7ce92c26f
c:\windows\TEMP\c22bb5fc-e3a6-49ad-a522-ec8158c3a0dc
c:\windows\TEMP\c25c3a0c-07b1-4149-8845-983063c8cb9a
c:\windows\TEMP\c2e711f9-7de9-498d-a776-e575a13519be
c:\windows\TEMP\c3455b39-71c2-48a9-ac2b-03ad481f5473
c:\windows\TEMP\c3eba900-b614-4e32-a09b-08107c602d8e
c:\windows\TEMP\c5fb9aa3-c9ca-4a1b-b7b9-e4bb1f65b127
c:\windows\TEMP\c60e1904-0eba-4b0f-8f18-0f6894976817
c:\windows\TEMP\c75b671a-eb68-41e8-a2a3-c3e95913b87c
c:\windows\TEMP\c7bee05b-7bd7-4f81-bbc1-fd0ec066f1c7
c:\windows\TEMP\9c0b4c0f-a301-4452-94c0-147e8456212c
c:\windows\TEMP\9c1f6417-a868-4b3d-b7f3-70d73abce35c
c:\windows\TEMP\9c8fe3d3-efc3-4ba5-a4e4-5d76503f2da2
c:\windows\TEMP\9c96b98e-02c2-4b74-a9fb-e48154cbc52b
c:\windows\TEMP\9cb45f74-28a6-4935-a4b2-6cbe76b28663
c:\windows\TEMP\9dd4061a-500a-4c39-b942-3a8a632dc05f
c:\windows\TEMP\9e4bc6c6-a3e2-4174-a95e-30187b70e57a
c:\windows\TEMP\9ec8557f-bf3b-4422-8c6f-d234993d88f3
c:\windows\TEMP\9fa30fd5-1492-4b64-8cf5-c71a7559ff88
c:\windows\TEMP\9fdf4692-5875-4e36-894c-ba7d3d55b58b
c:\windows\TEMP\df9704ad-d330-40eb-aa3b-8e354c120edf
c:\windows\TEMP\dfee7d46-796a-4d8d-a136-747241aa601f
c:\windows\TEMP\e26d03d2-23a0-46ad-9dcd-ef67d5b586f2
c:\windows\TEMP\e29b79f1-c05b-43ef-9246-814022cccd03
c:\windows\TEMP\e2fabd85-69b7-40ae-85d8-c5fdcbb4ee8e
c:\windows\TEMP\e497080c-29c4-4e10-9cb0-be652a240aca
c:\windows\TEMP\e49ccbab-74cc-47ed-b725-a72d268c9b1d
c:\windows\TEMP\e4b5325c-aa51-493c-91cb-e1012cf8dcc4
c:\windows\TEMP\e5478510-4ee4-4681-b730-e613551f3ce8
c:\windows\TEMP\e5e69895-d136-4a93-b997-bb0385a15358
c:\windows\TEMP\e5ea6407-d868-4c86-a850-a27e608a084b
c:\windows\TEMP\e5f8bd5d-e0a0-44f0-87d1-75f26d9cdaaa
c:\windows\TEMP\e69fa37d-f181-4c39-a567-03b4c220a0c7
c:\windows\TEMP\6677e5e9-6aed-40df-ab00-c6547757ce50
c:\windows\TEMP\6697399d-c6c0-4f08-af48-3eca0ff4d574
c:\windows\TEMP\66e7cb19-ae22-4f4a-9aa6-ba3fe021e33a
c:\windows\TEMP\66f881d8-eba0-4846-b926-fdce4e28f917
c:\windows\TEMP\67234748-ac3a-4001-83ec-95dfe02d8a15
c:\windows\TEMP\6769bf97-b6da-48ca-9ed7-422d16cc092a
c:\windows\TEMP\67d9a0e7-6c46-491b-a843-575db8d2b85a
c:\windows\TEMP\ASPNETSetup_00000.log 5158 bytes
c:\windows\TEMP\ASPNETSetup_00001.log 5158 bytes
c:\windows\TEMP\ASPNETSetup_00002.log 5158 bytes
c:\windows\TEMP\ASPNETSetup_00003.log 5158 bytes
c:\windows\TEMP\ASPNETSetup_00004.log 5158 bytes
c:\windows\TEMP\ASPNETSetup_00005.log 6880 bytes
c:\windows\TEMP\ASPNETSetup_00006.log 6880 bytes
c:\windows\TEMP\f0705624-2af7-4741-a25f-7d5230b349da
c:\windows\TEMP\f0b325d1-3874-4df9-9035-f4df1a2aa270
c:\windows\TEMP\f0cbc3b2-0d77-45b5-b71e-9654539e170f
c:\windows\TEMP\f0e2fc4b-37d5-45c9-b6b5-15cae0f2eae4
c:\windows\TEMP\f1dd917f-404c-4fa0-b047-971ce086f207
c:\windows\TEMP\f2001606-d017-44e6-b0ac-1a5f16ccc578
c:\windows\TEMP\f208123e-500b-4bf8-8871-577323b40e0c
c:\windows\TEMP\f2541ce8-4d33-444a-a8d9-19d6562288e3
c:\windows\TEMP\f303fc86-bb11-4d04-9ca0-5e34b3a33a34
c:\windows\TEMP\f32dde18-3861-4402-b76c-028eb7c14060
c:\windows\TEMP\f3374965-4577-4b73-90fa-6c36aa473316
c:\windows\TEMP\f346a95c-ddf7-4539-ae8e-64f249b1e5f2
c:\windows\TEMP\f3b32f37-9933-4975-a6f8-bee9dfcb13c2
c:\windows\TEMP\f41f157f-4cf9-4a9e-9c44-5246004398ea
c:\windows\TEMP\f5099641-36aa-49a9-bd14-4734ce108c00
c:\windows\TEMP\d1a619e1-5409-4098-b781-dc11d2dd8525
c:\windows\TEMP\d1a6dffd-78f5-4f6a-a169-79ff7e39154d
c:\windows\TEMP\d2251b57-7808-4f25-b3a6-26086c94d5d8
c:\windows\TEMP\d2e3e143-3976-442e-b398-bd44f872f19d
c:\windows\TEMP\d31bd898-6116-45d3-bbad-87d356cae3ec
c:\windows\TEMP\d3beac01-1455-4a61-b570-8b079c6f306c
c:\windows\TEMP\d4d5953b-0b03-407d-a64c-e9947cb919e4
c:\windows\TEMP\7acc54f5-53a9-44c9-a96b-712b89fd6885
c:\windows\TEMP\7b0c9b96-5fcd-44b5-a1e3-fe3b8497c76e
c:\windows\TEMP\7bb50de1-fd52-4ca3-be39-0fa7c629722f
c:\windows\TEMP\7c156c37-d2be-44cf-b5d1-41188fe8949a
c:\windows\TEMP\7c73e6f5-40eb-479d-bcdc-f958c5d5ced5
c:\windows\TEMP\7d229549-77c0-4862-8065-aaed5c14cd31
c:\windows\TEMP\7d2c3d62-d9ef-483f-ac7e-ad616ff7b913
c:\windows\TEMP\7da7b9ff-2d52-44fb-a5ed-b23b85a05558
c:\windows\TEMP\7db34c84-c47a-4a0f-b343-8d7268c7545c
c:\windows\TEMP\7ecf6d52-1667-4d00-a6a3-4b2cb38ed9cd
c:\windows\TEMP\7f4d70d3-efc1-4e4b-965e-7f61994a6012
c:\windows\TEMP\00d92332-f0e5-4bd4-9b6f-a75500ce2065
c:\windows\TEMP\4d444d55-fe34-43c3-9ce6-b7a6e570ab59
c:\windows\TEMP\61af84f8-3079-4dc5-a2e3-8a862e10cba5
c:\windows\TEMP\938d618a-529e-4f83-aef4-80b4c10d7e20
c:\windows\TEMP\9476dd78-69bb-4074-be9a-4b1b33c14428
c:\windows\TEMP\95739724-057a-402e-9110-8e5997aee20e
c:\windows\TEMP\96ed9062-a7db-47bc-85bc-4d29dc229fea
c:\windows\TEMP\971e94fb-9ea0-4bea-9d83-7f711ff777cc
c:\windows\TEMP\98913702-1a59-4258-88ff-b2c6b3612ac4
c:\windows\TEMP\99137124-14dc-4afa-8c41-9146ae908be3
c:\windows\TEMP\996bc401-602f-4e60-aad6-67e7c252ac2e
c:\windows\TEMP\99a74fd1-0e7c-46a8-9f44-aaac384f8852
c:\windows\TEMP\99fc622e-bd6c-4d60-a384-5727cdcb7059
c:\windows\TEMP\b3dc27e4-0508-48af-ab43-82a0ea8ade39
c:\windows\TEMP\b49db46d-f53a-424f-aa48-0bdad79181c8
c:\windows\TEMP\b5da0133-5aa1-42ef-a6f8-914c3612e2b9
c:\windows\TEMP\b61ebb57-574c-4fde-8a1b-96cf5c79871e
c:\windows\TEMP\b6bf6d36-d0d0-4567-81b2-cde6cf25e493
c:\windows\TEMP\b6c18dd3-b0fd-4e8f-b026-a43611bd2fe5
c:\windows\TEMP\b6ebd100-82c1-4157-a12d-fb2a85adb97a
c:\windows\TEMP\fe638270-3acb-48c0-b178-c2b1eae107a0
c:\windows\TEMP\febf2fb0-ec6b-47dc-9435-a938f8e25557
c:\windows\TEMP\ff5256c2-c8c5-4d2a-a4b4-fedeb3c70167
c:\windows\TEMP\ff5fc379-656d-4d21-8dd4-893a641f7749
c:\windows\TEMP\Google Toolbar
c:\windows\TEMP\GoogleToolbarInstaller1.log 30173 bytes
c:\windows\TEMP\GoogleToolbarInstaller2.log 1441 bytes
c:\windows\TEMP\da3de2f3-6ee1-4d6c-9869-eab613ac0309
c:\windows\TEMP\da9273e6-b775-4b38-a251-68e88aefd518
c:\windows\TEMP\dae97690-2e01-4483-8c83-98d6d6193817
c:\windows\TEMP\dbd6434d-edc3-44d2-b236-30e399f88c28
c:\windows\TEMP\dbdae909-6fe0-4fa7-a3d8-31eb1a662a53
c:\windows\TEMP\dcd8394d-d98a-4a21-a415-82f1f3aa3d93
c:\windows\TEMP\dd3516a5-9750-4b78-a2e0-23d67ac3f81c
c:\windows\TEMP\ddeb9da7-1a39-428a-9a7d-0f586c97521d
c:\windows\TEMP\dd_clwireg.txt 109542 bytes
c:\windows\TEMP\dd_wcf_CA_smci_20111207_070112_765.txt 3592 bytes
c:\windows\TEMP\dd_wcf_CA_smci_20111207_070641_562.txt 3592 bytes
c:\windows\TEMP\a513a50c-729d-42a2-b682-b736516b4bd3
c:\windows\TEMP\a717cb11-caf2-4e4a-b7a1-8465d53d10e4
c:\windows\TEMP\a736303f-4de5-4945-880a-15f485b3386e
c:\windows\TEMP\a742bb1e-7ff2-49de-bcfc-a1b84e273dc8
c:\windows\TEMP\a7d96068-a755-4b24-8e12-ad1d390fc001
c:\windows\TEMP\a87dc589-94db-4016-b4e8-14690ea01a05
c:\windows\TEMP\a87f166b-d162-40d3-97cf-8a626f78fc03
c:\windows\TEMP\a8a15878-bbbc-4c11-930d-d06869babc02
c:\windows\TEMP\ab531e68-b8ab-400b-996f-df667e9eb5ff
c:\windows\TEMP\ab54620e-b52b-49af-9775-cce28170f366
c:\windows\TEMP\ab5d4212-d9d0-459c-9265-bd71cc456f9f
c:\windows\TEMP\6d905d46-cbf0-47ca-a9d6-6427cb88036e
c:\windows\TEMP\6db1317e-1fcf-4225-a8f8-6c16f5f29c6d
c:\windows\TEMP\6e2c000d-3ae8-447b-9335-fc5241d46a6d
c:\windows\TEMP\6e3424fb-2d61-49e7-8ca2-bff94b43c378
c:\windows\TEMP\6f2e4e07-fd69-4cfa-bba9-3e91d7f3c417
c:\windows\TEMP\70295fcc-cab0-4bc6-a293-657132f19c13
c:\windows\TEMP\7084ab84-c29a-4cb8-9b69-0da50173bd71
c:\windows\TEMP\70db66cf-2b3e-4e81-a26f-2c7da3d38bfc
c:\windows\TEMP\715a8153-39e0-427a-b949-9dc31d1e9c93
c:\windows\TEMP\720a07f2-020a-4325-bca4-94bad87c8c95
c:\windows\TEMP\7fb94eb5-41c8-42f9-b6e7-49b3f52273e8
c:\windows\TEMP\80499d88-4502-4860-9ba4-0e2af99266ff
c:\windows\TEMP\809f6c3a-239f-4156-858e-a4ff05e0f672
c:\windows\TEMP\80cea168-0449-4bf5-a550-0fc090683c17
c:\windows\TEMP\81106f1a-f24e-404d-ac6b-46613f88b311
c:\windows\TEMP\813de73f-64dc-40ac-bc35-026313fa124e
c:\windows\TEMP\81aa2e15-b7ba-4ae1-9425-5f1c5840e44f
c:\windows\TEMP\836d39e9-8eb2-4f18-8215-145da49db417
c:\windows\TEMP\8e7f8fdf-dfc1-48bc-9775-3bb7492ea115
c:\windows\TEMP\93834482-bbe6-4e0e-9598-fcfce717a1e1
c:\windows\TEMP\9b874b16-5ec1-49fb-8588-48a1b939d369
c:\windows\TEMP\a02096c7-281c-48bb-9059-56c301aab4f3
c:\windows\TEMP\a503b629-56b0-4f78-bb49-8c2e3aad3dc6
c:\windows\TEMP\ab91bd4f-4d66-40a4-9e39-005836167af4
c:\windows\TEMP\afb6461c-be5a-4311-aaf3-4963731ad7f7
c:\windows\TEMP\b31ff690-1385-4e66-991a-f82cd40237cf
c:\windows\TEMP\b6ec1a4c-f5eb-4a3a-9705-98f8ff25f8de
c:\windows\TEMP\bbd1d235-4bf8-4295-8675-d0f93fde9bc5
c:\windows\TEMP\avg-9b0bc11e-4f75-4821-ba4b-9e184b2cbc1a.tmp 102537933 bytes
c:\windows\TEMP\e79fc16b-69ec-4fbf-a457-0abe6b78c766
c:\windows\TEMP\e820f106-5ffc-4b09-8c8e-5a32273ec1cf
c:\windows\TEMP\e95c0c8e-4890-43b5-ac0f-000f2c28aa78
c:\windows\TEMP\eb4dc47e-232b-4b60-8997-41766e2dacee
c:\windows\TEMP\ec731969-e2af-4d54-8842-00367873f11d
c:\windows\TEMP\ec752b85-b55a-4fc8-b1d7-3362bee3fc89
c:\windows\TEMP\ee6ea5c9-2ffb-4015-af92-83d79986d3a0
c:\windows\TEMP\efe51ed6-766a-420f-985b-acdcd292dd09
c:\windows\TEMP\bc1f0223-981c-450c-ada8-4e070be45ece
c:\windows\TEMP\bc4528b7-54d2-4849-8d98-63ec864bb209
c:\windows\TEMP\bc91e32e-7c34-4681-b89d-7f9bf0226e95
c:\windows\TEMP\bcdb762e-1d02-4a58-8ab2-6f4a35eb9995
c:\windows\TEMP\bd677558-fcd4-41df-b8f1-ed3229a1106c
c:\windows\TEMP\bd71bfca-38f1-4eed-bcd7-5b03e36f37ca
c:\windows\TEMP\bdaf37fa-4d72-45a9-a305-61786013e712
c:\windows\TEMP\be1dcd09-5c78-45da-a917-efed513f96dd
c:\windows\TEMP\be646cd5-c75a-4a64-97bc-bd5a52edc2c7
c:\windows\TEMP\beb5bc94-311c-4580-9f01-4d020ba71b96
c:\windows\TEMP\bfea460c-d905-4a1f-92c3-847b9632c44b
c:\windows\TEMP\c065f6b3-5b3a-488f-9755-cdc1ff648811
c:\windows\TEMP\c1206bc4-c0a8-4b7b-8da4-ad18ef13e03b
c:\windows\TEMP\c13f545b-9d42-43e0-9970-d8067f771887
c:\windows\TEMP\f527b029-31af-45e4-b0de-91f4080496c1
c:\windows\TEMP\f619f7f9-d0a8-48b2-b681-857e370db8a0
c:\windows\TEMP\f7661e59-33f7-42ef-89ea-e977e05bf673
c:\windows\TEMP\f76f9273-1cae-43d6-9d75-92bdedb9f164
c:\windows\TEMP\f7adcae5-aeb5-482b-810f-e06f3244e99a
c:\windows\TEMP\fa783f18-2c81-4273-b5e2-74a0a37a0327
c:\windows\TEMP\fb5cfd3c-cb2a-48a1-ba3c-80c574df67ea
c:\windows\TEMP\fb6cd222-9832-4400-8614-fac6db5c0a23
c:\windows\TEMP\fbe23807-589b-42c8-92b3-056182f3d18f
c:\windows\TEMP\fbef2c1b-8900-45a7-a433-dffe69421b51
c:\windows\TEMP\fc48d686-5c58-4a26-b8d2-0613dddd38c3
c:\windows\TEMP\fd174c96-ab83-456f-b275-7baa0a14a74b
c:\windows\TEMP\fd4a4656-0b70-4028-bb2f-b920c7663f45
c:\windows\TEMP\fdd4aa40-a6ae-4db0-83d4-79eece2142c5
c:\windows\TEMP\8eecc1a1-57e6-4621-9dfe-502d8a458e7b
c:\windows\TEMP\8f5f8777-dfae-4c71-8b1d-343bad70d1e7
c:\windows\TEMP\8f9ae8dd-d12d-421b-9718-6113c8fc5a7e
c:\windows\TEMP\8faab7e3-1646-4da0-9e30-c64f865c9918
c:\windows\TEMP\90182b1d-33dc-430f-a9e0-1901047799f0
c:\windows\TEMP\9067e069-2172-43f1-b768-7b3a44bf350f
c:\windows\TEMP\915df4aa-c1c3-4a70-8d4a-8c4b2f0b0bc6
c:\windows\TEMP\92395f89-6925-4a7b-ba7c-2bed6821238a
c:\windows\TEMP\929383ca-df56-4e4e-b8dd-7216313cb477
c:\windows\TEMP\92ba8783-daa2-4feb-a193-ec02d1dd41ad
c:\windows\TEMP\92fd48b4-b64b-4e4e-8456-b48a652f75a6
c:\windows\TEMP\93278700-f56c-46bb-b2a9-61cff2b49767
c:\windows\TEMP\935a80d2-fccb-4a96-a7ab-aa781fa689a7
c:\windows\TEMP\936cc09c-2fed-4edc-be96-41983e3e95fa
c:\windows\TEMP\a0d61235-f912-4df7-97ce-94ef87b773c8
c:\windows\TEMP\a193f06f-9cc9-45e8-b822-42f70aefd592
c:\windows\TEMP\a26d6139-864f-46cb-bd24-ab9257ce8aa1
c:\windows\TEMP\a27ad3d7-9048-437c-a4c3-d5be949283a2
c:\windows\TEMP\a3644044-a1be-4afb-8d04-c8f62ac30ce1
c:\windows\TEMP\a406e569-eaed-4d72-945f-969711ddbe7d
c:\windows\TEMP\a409325d-d99c-42d3-a183-aead21a0fff9
c:\windows\TEMP\a42acb7d-15f5-4e83-98ef-18414c4bddab
c:\windows\TEMP\a4fe9dab-f13f-4765-b8c8-ee2c9852d71a
c:\windows\TEMP\abade5f6-47b9-44ce-be15-12c3645345a0
c:\windows\TEMP\ac478ea3-184d-42b7-a7fe-b3d328be2b86
c:\windows\TEMP\ad06cd32-44fd-45d7-bf8f-fbce7ea6746c
c:\windows\TEMP\ad8283b3-7a4d-4f03-ad90-2eaf089a82a3
c:\windows\TEMP\ada9d0f8-da90-49bd-b252-69f218d2d043
c:\windows\TEMP\ae78186c-47e5-49f1-8ecd-b926bc16aa36
c:\windows\TEMP\ae8d8b2e-1fab-490e-a3f5-804a59d68e4d
c:\windows\TEMP\af159d0b-2652-443f-8dd4-1bdf39ec83da
c:\windows\TEMP\af636a9e-1b84-46aa-82f4-a0c6ca8c49b6
c:\windows\TEMP\afb4eca0-ddc7-4a1a-9f32-032182df3717
.
sken byl úspešně dokončen
skryté soubory: 236
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(968)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-31 15:46:51
ComboFix-quarantined-files.txt 2011-12-31 14:46
.
Před spuštěním: Volných bajtů: 243 648 344 064
Po spuštění: Volných bajtů: 244 526 600 192
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - FBDDDC6C6B430B91AE6E6AF7E03BF5D1

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Omouvám se za prodlevu, zkouškové

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\*.tmp not found.
c:\WINDOWS\System32\CONFIG.TMP moved successfully.
c:\WINDOWS\SET3.tmp moved successfully.
c:\WINDOWS\SET4.tmp moved successfully.
c:\WINDOWS\SET8.tmp moved successfully.
c:\windows\TEMP\87e27dd7-b9f6-4340-8d08-1f335d5cd82b folder moved successfully.
c:\windows\TEMP\c21255e6-5707-4eda-93d0-4dec005f2032 folder moved successfully.
c:\windows\TEMP\880e7c1f-a248-496a-ba50-3018f700a46f folder moved successfully.
c:\windows\TEMP\88a6ab68-0040-48b8-9147-10e50828e256 folder moved successfully.
c:\windows\TEMP\892163ef-048a-48c0-bb20-a2fcfad1089f folder moved successfully.
c:\windows\TEMP\8985fb06-911e-4d9e-8e94-aecf1381f414 folder moved successfully.
c:\windows\TEMP\8a6b4fbc-1e29-4fec-a972-08a79694afcd folder moved successfully.
c:\windows\TEMP\8b7acca7-0f9c-4bd8-a03a-c782a2fda6ac folder moved successfully.
c:\windows\TEMP\8ba873de-abc8-4fd2-b1cd-7dce29df5658 folder moved successfully.
c:\windows\TEMP\8bf40892-94e0-48ec-8bac-fed7ce92c26f folder moved successfully.
c:\windows\TEMP\c22bb5fc-e3a6-49ad-a522-ec8158c3a0dc folder moved successfully.
c:\windows\TEMP\c25c3a0c-07b1-4149-8845-983063c8cb9a folder moved successfully.
c:\windows\TEMP\c2e711f9-7de9-498d-a776-e575a13519be folder moved successfully.
c:\windows\TEMP\c3455b39-71c2-48a9-ac2b-03ad481f5473 folder moved successfully.
c:\windows\TEMP\c3eba900-b614-4e32-a09b-08107c602d8e folder moved successfully.
c:\windows\TEMP\c5fb9aa3-c9ca-4a1b-b7b9-e4bb1f65b127 folder moved successfully.
c:\windows\TEMP\c60e1904-0eba-4b0f-8f18-0f6894976817 folder moved successfully.
c:\windows\TEMP\c75b671a-eb68-41e8-a2a3-c3e95913b87c folder moved successfully.
c:\windows\TEMP\c7bee05b-7bd7-4f81-bbc1-fd0ec066f1c7 folder moved successfully.
c:\windows\TEMP\9c0b4c0f-a301-4452-94c0-147e8456212c folder moved successfully.
c:\windows\TEMP\9c1f6417-a868-4b3d-b7f3-70d73abce35c folder moved successfully.
c:\windows\TEMP\9c8fe3d3-efc3-4ba5-a4e4-5d76503f2da2 folder moved successfully.
c:\windows\TEMP\9c96b98e-02c2-4b74-a9fb-e48154cbc52b folder moved successfully.
c:\windows\TEMP\9cb45f74-28a6-4935-a4b2-6cbe76b28663 folder moved successfully.
c:\windows\TEMP\9dd4061a-500a-4c39-b942-3a8a632dc05f folder moved successfully.
c:\windows\TEMP\9e4bc6c6-a3e2-4174-a95e-30187b70e57a folder moved successfully.
c:\windows\TEMP\9ec8557f-bf3b-4422-8c6f-d234993d88f3 folder moved successfully.
c:\windows\TEMP\9fa30fd5-1492-4b64-8cf5-c71a7559ff88 folder moved successfully.
c:\windows\TEMP\9fdf4692-5875-4e36-894c-ba7d3d55b58b folder moved successfully.
c:\windows\TEMP\df9704ad-d330-40eb-aa3b-8e354c120edf folder moved successfully.
c:\windows\TEMP\dfee7d46-796a-4d8d-a136-747241aa601f folder moved successfully.
c:\windows\TEMP\e26d03d2-23a0-46ad-9dcd-ef67d5b586f2 folder moved successfully.
c:\windows\TEMP\e29b79f1-c05b-43ef-9246-814022cccd03 folder moved successfully.
c:\windows\TEMP\e2fabd85-69b7-40ae-85d8-c5fdcbb4ee8e folder moved successfully.
c:\windows\TEMP\e497080c-29c4-4e10-9cb0-be652a240aca folder moved successfully.
c:\windows\TEMP\e49ccbab-74cc-47ed-b725-a72d268c9b1d folder moved successfully.
c:\windows\TEMP\e4b5325c-aa51-493c-91cb-e1012cf8dcc4 folder moved successfully.
c:\windows\TEMP\e5478510-4ee4-4681-b730-e613551f3ce8 folder moved successfully.
c:\windows\TEMP\e5e69895-d136-4a93-b997-bb0385a15358 folder moved successfully.
c:\windows\TEMP\e5ea6407-d868-4c86-a850-a27e608a084b folder moved successfully.
c:\windows\TEMP\e5f8bd5d-e0a0-44f0-87d1-75f26d9cdaaa folder moved successfully.
c:\windows\TEMP\e69fa37d-f181-4c39-a567-03b4c220a0c7 folder moved successfully.
c:\windows\TEMP\6677e5e9-6aed-40df-ab00-c6547757ce50 folder moved successfully.
c:\windows\TEMP\6697399d-c6c0-4f08-af48-3eca0ff4d574 folder moved successfully.
c:\windows\TEMP\66e7cb19-ae22-4f4a-9aa6-ba3fe021e33a folder moved successfully.
c:\windows\TEMP\66f881d8-eba0-4846-b926-fdce4e28f917 folder moved successfully.
c:\windows\TEMP\67234748-ac3a-4001-83ec-95dfe02d8a15 folder moved successfully.
c:\windows\TEMP\6769bf97-b6da-48ca-9ed7-422d16cc092a folder moved successfully.
c:\windows\TEMP\67d9a0e7-6c46-491b-a843-575db8d2b85a folder moved successfully.
c:\windows\TEMP\ASPNETSetup_00000.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00001.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00002.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00003.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00004.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00005.log moved successfully.
c:\windows\TEMP\ASPNETSetup_00006.log moved successfully.
c:\windows\TEMP\f0705624-2af7-4741-a25f-7d5230b349da folder moved successfully.
c:\windows\TEMP\f0b325d1-3874-4df9-9035-f4df1a2aa270 folder moved successfully.
c:\windows\TEMP\f0cbc3b2-0d77-45b5-b71e-9654539e170f folder moved successfully.
c:\windows\TEMP\f0e2fc4b-37d5-45c9-b6b5-15cae0f2eae4 folder moved successfully.
c:\windows\TEMP\f1dd917f-404c-4fa0-b047-971ce086f207 folder moved successfully.
c:\windows\TEMP\f2001606-d017-44e6-b0ac-1a5f16ccc578 folder moved successfully.
c:\windows\TEMP\f208123e-500b-4bf8-8871-577323b40e0c folder moved successfully.
c:\windows\TEMP\f2541ce8-4d33-444a-a8d9-19d6562288e3 folder moved successfully.
c:\windows\TEMP\f303fc86-bb11-4d04-9ca0-5e34b3a33a34 folder moved successfully.
c:\windows\TEMP\f32dde18-3861-4402-b76c-028eb7c14060 folder moved successfully.
c:\windows\TEMP\f3374965-4577-4b73-90fa-6c36aa473316 folder moved successfully.
c:\windows\TEMP\f346a95c-ddf7-4539-ae8e-64f249b1e5f2 folder moved successfully.
c:\windows\TEMP\f3b32f37-9933-4975-a6f8-bee9dfcb13c2 folder moved successfully.
c:\windows\TEMP\f41f157f-4cf9-4a9e-9c44-5246004398ea folder moved successfully.
c:\windows\TEMP\f5099641-36aa-49a9-bd14-4734ce108c00 folder moved successfully.
c:\windows\TEMP\d1a619e1-5409-4098-b781-dc11d2dd8525 folder moved successfully.
c:\windows\TEMP\d1a6dffd-78f5-4f6a-a169-79ff7e39154d folder moved successfully.
c:\windows\TEMP\d2251b57-7808-4f25-b3a6-26086c94d5d8 folder moved successfully.
c:\windows\TEMP\d2e3e143-3976-442e-b398-bd44f872f19d folder moved successfully.
c:\windows\TEMP\d31bd898-6116-45d3-bbad-87d356cae3ec folder moved successfully.
c:\windows\TEMP\d3beac01-1455-4a61-b570-8b079c6f306c folder moved successfully.
c:\windows\TEMP\d4d5953b-0b03-407d-a64c-e9947cb919e4 folder moved successfully.
c:\windows\TEMP\7acc54f5-53a9-44c9-a96b-712b89fd6885 folder moved successfully.
c:\windows\TEMP\7b0c9b96-5fcd-44b5-a1e3-fe3b8497c76e folder moved successfully.
c:\windows\TEMP\7bb50de1-fd52-4ca3-be39-0fa7c629722f folder moved successfully.
c:\windows\TEMP\7c156c37-d2be-44cf-b5d1-41188fe8949a folder moved successfully.
c:\windows\TEMP\7c73e6f5-40eb-479d-bcdc-f958c5d5ced5 folder moved successfully.
c:\windows\TEMP\7d229549-77c0-4862-8065-aaed5c14cd31 folder moved successfully.
c:\windows\TEMP\7d2c3d62-d9ef-483f-ac7e-ad616ff7b913 folder moved successfully.
c:\windows\TEMP\7da7b9ff-2d52-44fb-a5ed-b23b85a05558 folder moved successfully.
c:\windows\TEMP\7db34c84-c47a-4a0f-b343-8d7268c7545c folder moved successfully.
c:\windows\TEMP\7ecf6d52-1667-4d00-a6a3-4b2cb38ed9cd folder moved successfully.
c:\windows\TEMP\7f4d70d3-efc1-4e4b-965e-7f61994a6012 folder moved successfully.
c:\windows\TEMP\00d92332-f0e5-4bd4-9b6f-a75500ce2065 folder moved successfully.
c:\windows\TEMP\4d444d55-fe34-43c3-9ce6-b7a6e570ab59 folder moved successfully.
c:\windows\TEMP\61af84f8-3079-4dc5-a2e3-8a862e10cba5 folder moved successfully.
c:\windows\TEMP\938d618a-529e-4f83-aef4-80b4c10d7e20 folder moved successfully.
c:\windows\TEMP\9476dd78-69bb-4074-be9a-4b1b33c14428 folder moved successfully.
c:\windows\TEMP\95739724-057a-402e-9110-8e5997aee20e folder moved successfully.
c:\windows\TEMP\96ed9062-a7db-47bc-85bc-4d29dc229fea folder moved successfully.
c:\windows\TEMP\971e94fb-9ea0-4bea-9d83-7f711ff777cc folder moved successfully.
c:\windows\TEMP\98913702-1a59-4258-88ff-b2c6b3612ac4 folder moved successfully.
c:\windows\TEMP\99137124-14dc-4afa-8c41-9146ae908be3 folder moved successfully.
c:\windows\TEMP\996bc401-602f-4e60-aad6-67e7c252ac2e folder moved successfully.
c:\windows\TEMP\99a74fd1-0e7c-46a8-9f44-aaac384f8852 folder moved successfully.
c:\windows\TEMP\99fc622e-bd6c-4d60-a384-5727cdcb7059 folder moved successfully.
c:\windows\TEMP\b3dc27e4-0508-48af-ab43-82a0ea8ade39 folder moved successfully.
c:\windows\TEMP\b49db46d-f53a-424f-aa48-0bdad79181c8 folder moved successfully.
c:\windows\TEMP\b5da0133-5aa1-42ef-a6f8-914c3612e2b9 folder moved successfully.
c:\windows\TEMP\b61ebb57-574c-4fde-8a1b-96cf5c79871e folder moved successfully.
c:\windows\TEMP\b6bf6d36-d0d0-4567-81b2-cde6cf25e493 folder moved successfully.
c:\windows\TEMP\b6c18dd3-b0fd-4e8f-b026-a43611bd2fe5 folder moved successfully.
c:\windows\TEMP\b6ebd100-82c1-4157-a12d-fb2a85adb97a folder moved successfully.
c:\windows\TEMP\fe638270-3acb-48c0-b178-c2b1eae107a0 folder moved successfully.
c:\windows\TEMP\febf2fb0-ec6b-47dc-9435-a938f8e25557 folder moved successfully.
c:\windows\TEMP\ff5256c2-c8c5-4d2a-a4b4-fedeb3c70167 folder moved successfully.
c:\windows\TEMP\ff5fc379-656d-4d21-8dd4-893a641f7749 folder moved successfully.
c:\windows\TEMP\Google Toolbar folder moved successfully.
c:\windows\TEMP\GoogleToolbarInstaller1.log moved successfully.
c:\windows\TEMP\GoogleToolbarInstaller2.log moved successfully.
c:\windows\TEMP\da3de2f3-6ee1-4d6c-9869-eab613ac0309 folder moved successfully.
c:\windows\TEMP\da9273e6-b775-4b38-a251-68e88aefd518 folder moved successfully.
c:\windows\TEMP\dae97690-2e01-4483-8c83-98d6d6193817 folder moved successfully.
c:\windows\TEMP\dbd6434d-edc3-44d2-b236-30e399f88c28 folder moved successfully.
c:\windows\TEMP\dbdae909-6fe0-4fa7-a3d8-31eb1a662a53 folder moved successfully.
c:\windows\TEMP\dcd8394d-d98a-4a21-a415-82f1f3aa3d93 folder moved successfully.
c:\windows\TEMP\dd3516a5-9750-4b78-a2e0-23d67ac3f81c folder moved successfully.
c:\windows\TEMP\ddeb9da7-1a39-428a-9a7d-0f586c97521d folder moved successfully.
c:\windows\TEMP\dd_clwireg.txt moved successfully.
c:\windows\TEMP\dd_wcf_CA_smci_20111207_070112_765.txt moved successfully.
c:\windows\TEMP\dd_wcf_CA_smci_20111207_070641_562.txt moved successfully.
c:\windows\TEMP\a513a50c-729d-42a2-b682-b736516b4bd3 folder moved successfully.
c:\windows\TEMP\a717cb11-caf2-4e4a-b7a1-8465d53d10e4 folder moved successfully.
c:\windows\TEMP\a736303f-4de5-4945-880a-15f485b3386e folder moved successfully.
c:\windows\TEMP\a742bb1e-7ff2-49de-bcfc-a1b84e273dc8 folder moved successfully.
c:\windows\TEMP\a7d96068-a755-4b24-8e12-ad1d390fc001 folder moved successfully.
c:\windows\TEMP\a87dc589-94db-4016-b4e8-14690ea01a05 folder moved successfully.
c:\windows\TEMP\a87f166b-d162-40d3-97cf-8a626f78fc03 folder moved successfully.
c:\windows\TEMP\a8a15878-bbbc-4c11-930d-d06869babc02 folder moved successfully.
c:\windows\TEMP\ab531e68-b8ab-400b-996f-df667e9eb5ff folder moved successfully.
c:\windows\TEMP\ab54620e-b52b-49af-9775-cce28170f366 folder moved successfully.
c:\windows\TEMP\ab5d4212-d9d0-459c-9265-bd71cc456f9f folder moved successfully.
c:\windows\TEMP\6d905d46-cbf0-47ca-a9d6-6427cb88036e folder moved successfully.
c:\windows\TEMP\6db1317e-1fcf-4225-a8f8-6c16f5f29c6d folder moved successfully.
c:\windows\TEMP\6e2c000d-3ae8-447b-9335-fc5241d46a6d folder moved successfully.
c:\windows\TEMP\6e3424fb-2d61-49e7-8ca2-bff94b43c378 folder moved successfully.
c:\windows\TEMP\6f2e4e07-fd69-4cfa-bba9-3e91d7f3c417 folder moved successfully.
c:\windows\TEMP\70295fcc-cab0-4bc6-a293-657132f19c13 folder moved successfully.
c:\windows\TEMP\7084ab84-c29a-4cb8-9b69-0da50173bd71 folder moved successfully.
c:\windows\TEMP\70db66cf-2b3e-4e81-a26f-2c7da3d38bfc folder moved successfully.
c:\windows\TEMP\715a8153-39e0-427a-b949-9dc31d1e9c93 folder moved successfully.
c:\windows\TEMP\720a07f2-020a-4325-bca4-94bad87c8c95 folder moved successfully.
c:\windows\TEMP\7fb94eb5-41c8-42f9-b6e7-49b3f52273e8 folder moved successfully.
c:\windows\TEMP\80499d88-4502-4860-9ba4-0e2af99266ff folder moved successfully.
c:\windows\TEMP\809f6c3a-239f-4156-858e-a4ff05e0f672 folder moved successfully.
c:\windows\TEMP\80cea168-0449-4bf5-a550-0fc090683c17 folder moved successfully.
c:\windows\TEMP\81106f1a-f24e-404d-ac6b-46613f88b311 folder moved successfully.
c:\windows\TEMP\813de73f-64dc-40ac-bc35-026313fa124e folder moved successfully.
c:\windows\TEMP\81aa2e15-b7ba-4ae1-9425-5f1c5840e44f folder moved successfully.
c:\windows\TEMP\836d39e9-8eb2-4f18-8215-145da49db417 folder moved successfully.
c:\windows\TEMP\8e7f8fdf-dfc1-48bc-9775-3bb7492ea115 folder moved successfully.
c:\windows\TEMP\93834482-bbe6-4e0e-9598-fcfce717a1e1 folder moved successfully.
c:\windows\TEMP\9b874b16-5ec1-49fb-8588-48a1b939d369 folder moved successfully.
c:\windows\TEMP\a02096c7-281c-48bb-9059-56c301aab4f3 folder moved successfully.
c:\windows\TEMP\a503b629-56b0-4f78-bb49-8c2e3aad3dc6 folder moved successfully.
c:\windows\TEMP\ab91bd4f-4d66-40a4-9e39-005836167af4 folder moved successfully.
c:\windows\TEMP\afb6461c-be5a-4311-aaf3-4963731ad7f7 folder moved successfully.
c:\windows\TEMP\b31ff690-1385-4e66-991a-f82cd40237cf folder moved successfully.
c:\windows\TEMP\b6ec1a4c-f5eb-4a3a-9705-98f8ff25f8de folder moved successfully.
c:\windows\TEMP\bbd1d235-4bf8-4295-8675-d0f93fde9bc5 folder moved successfully.
c:\windows\TEMP\avg-9b0bc11e-4f75-4821-ba4b-9e184b2cbc1a.tmp moved successfully.
c:\windows\TEMP\e79fc16b-69ec-4fbf-a457-0abe6b78c766 folder moved successfully.
c:\windows\TEMP\e820f106-5ffc-4b09-8c8e-5a32273ec1cf folder moved successfully.
c:\windows\TEMP\e95c0c8e-4890-43b5-ac0f-000f2c28aa78 folder moved successfully.
c:\windows\TEMP\eb4dc47e-232b-4b60-8997-41766e2dacee folder moved successfully.
c:\windows\TEMP\ec731969-e2af-4d54-8842-00367873f11d folder moved successfully.
c:\windows\TEMP\ec752b85-b55a-4fc8-b1d7-3362bee3fc89 folder moved successfully.
c:\windows\TEMP\ee6ea5c9-2ffb-4015-af92-83d79986d3a0 folder moved successfully.
c:\windows\TEMP\efe51ed6-766a-420f-985b-acdcd292dd09 folder moved successfully.
c:\windows\TEMP\bc1f0223-981c-450c-ada8-4e070be45ece folder moved successfully.
c:\windows\TEMP\bc4528b7-54d2-4849-8d98-63ec864bb209 folder moved successfully.
c:\windows\TEMP\bc91e32e-7c34-4681-b89d-7f9bf0226e95 folder moved successfully.
c:\windows\TEMP\bcdb762e-1d02-4a58-8ab2-6f4a35eb9995 folder moved successfully.
c:\windows\TEMP\bd677558-fcd4-41df-b8f1-ed3229a1106c folder moved successfully.
c:\windows\TEMP\bd71bfca-38f1-4eed-bcd7-5b03e36f37ca folder moved successfully.
c:\windows\TEMP\bdaf37fa-4d72-45a9-a305-61786013e712 folder moved successfully.
c:\windows\TEMP\be1dcd09-5c78-45da-a917-efed513f96dd folder moved successfully.
c:\windows\TEMP\be646cd5-c75a-4a64-97bc-bd5a52edc2c7 folder moved successfully.
c:\windows\TEMP\beb5bc94-311c-4580-9f01-4d020ba71b96 folder moved successfully.
c:\windows\TEMP\bfea460c-d905-4a1f-92c3-847b9632c44b folder moved successfully.
c:\windows\TEMP\c065f6b3-5b3a-488f-9755-cdc1ff648811 folder moved successfully.
c:\windows\TEMP\c1206bc4-c0a8-4b7b-8da4-ad18ef13e03b folder moved successfully.
c:\windows\TEMP\c13f545b-9d42-43e0-9970-d8067f771887 folder moved successfully.
c:\windows\TEMP\f527b029-31af-45e4-b0de-91f4080496c1 folder moved successfully.
c:\windows\TEMP\f619f7f9-d0a8-48b2-b681-857e370db8a0 folder moved successfully.
c:\windows\TEMP\f7661e59-33f7-42ef-89ea-e977e05bf673 folder moved successfully.
c:\windows\TEMP\f76f9273-1cae-43d6-9d75-92bdedb9f164 folder moved successfully.
c:\windows\TEMP\f7adcae5-aeb5-482b-810f-e06f3244e99a folder moved successfully.
c:\windows\TEMP\fa783f18-2c81-4273-b5e2-74a0a37a0327 folder moved successfully.
c:\windows\TEMP\fb5cfd3c-cb2a-48a1-ba3c-80c574df67ea folder moved successfully.
c:\windows\TEMP\fb6cd222-9832-4400-8614-fac6db5c0a23 folder moved successfully.
c:\windows\TEMP\fbe23807-589b-42c8-92b3-056182f3d18f folder moved successfully.
c:\windows\TEMP\fbef2c1b-8900-45a7-a433-dffe69421b51 folder moved successfully.
c:\windows\TEMP\fc48d686-5c58-4a26-b8d2-0613dddd38c3 folder moved successfully.
c:\windows\TEMP\fd174c96-ab83-456f-b275-7baa0a14a74b folder moved successfully.
c:\windows\TEMP\fd4a4656-0b70-4028-bb2f-b920c7663f45 folder moved successfully.
c:\windows\TEMP\fdd4aa40-a6ae-4db0-83d4-79eece2142c5 folder moved successfully.
c:\windows\TEMP\8eecc1a1-57e6-4621-9dfe-502d8a458e7b folder moved successfully.
c:\windows\TEMP\8f5f8777-dfae-4c71-8b1d-343bad70d1e7 folder moved successfully.
c:\windows\TEMP\8f9ae8dd-d12d-421b-9718-6113c8fc5a7e folder moved successfully.
c:\windows\TEMP\8faab7e3-1646-4da0-9e30-c64f865c9918 folder moved successfully.
c:\windows\TEMP\90182b1d-33dc-430f-a9e0-1901047799f0 folder moved successfully.
c:\windows\TEMP\9067e069-2172-43f1-b768-7b3a44bf350f folder moved successfully.
c:\windows\TEMP\915df4aa-c1c3-4a70-8d4a-8c4b2f0b0bc6 folder moved successfully.
c:\windows\TEMP\92395f89-6925-4a7b-ba7c-2bed6821238a folder moved successfully.
c:\windows\TEMP\929383ca-df56-4e4e-b8dd-7216313cb477 folder moved successfully.
c:\windows\TEMP\92ba8783-daa2-4feb-a193-ec02d1dd41ad folder moved successfully.
c:\windows\TEMP\92fd48b4-b64b-4e4e-8456-b48a652f75a6 folder moved successfully.
c:\windows\TEMP\93278700-f56c-46bb-b2a9-61cff2b49767 folder moved successfully.
c:\windows\TEMP\935a80d2-fccb-4a96-a7ab-aa781fa689a7 folder moved successfully.
c:\windows\TEMP\936cc09c-2fed-4edc-be96-41983e3e95fa folder moved successfully.
c:\windows\TEMP\a0d61235-f912-4df7-97ce-94ef87b773c8 folder moved successfully.
c:\windows\TEMP\a193f06f-9cc9-45e8-b822-42f70aefd592 folder moved successfully.
c:\windows\TEMP\a26d6139-864f-46cb-bd24-ab9257ce8aa1 folder moved successfully.
c:\windows\TEMP\a27ad3d7-9048-437c-a4c3-d5be949283a2 folder moved successfully.
c:\windows\TEMP\a3644044-a1be-4afb-8d04-c8f62ac30ce1 folder moved successfully.
c:\windows\TEMP\a406e569-eaed-4d72-945f-969711ddbe7d folder moved successfully.
c:\windows\TEMP\a409325d-d99c-42d3-a183-aead21a0fff9 folder moved successfully.
c:\windows\TEMP\a42acb7d-15f5-4e83-98ef-18414c4bddab folder moved successfully.
c:\windows\TEMP\a4fe9dab-f13f-4765-b8c8-ee2c9852d71a folder moved successfully.
c:\windows\TEMP\abade5f6-47b9-44ce-be15-12c3645345a0 folder moved successfully.
c:\windows\TEMP\ac478ea3-184d-42b7-a7fe-b3d328be2b86 folder moved successfully.
c:\windows\TEMP\ad06cd32-44fd-45d7-bf8f-fbce7ea6746c folder moved successfully.
c:\windows\TEMP\ad8283b3-7a4d-4f03-ad90-2eaf089a82a3 folder moved successfully.
c:\windows\TEMP\ada9d0f8-da90-49bd-b252-69f218d2d043 folder moved successfully.
c:\windows\TEMP\ae78186c-47e5-49f1-8ecd-b926bc16aa36 folder moved successfully.
c:\windows\TEMP\ae8d8b2e-1fab-490e-a3f5-804a59d68e4d folder moved successfully.
c:\windows\TEMP\af159d0b-2652-443f-8dd4-1bdf39ec83da folder moved successfully.
c:\windows\TEMP\af636a9e-1b84-46aa-82f4-a0c6ca8c49b6 folder moved successfully.
c:\windows\TEMP\afb4eca0-ddc7-4a1a-9f32-032182df3717 folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: hp
->Temp folder emptied: 3411596106 bytes
->Temporary Internet Files folder emptied: 662444078 bytes
->Flash cache emptied: 11559893 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 637217 bytes

User: Radunka
->Temp folder emptied: 766 bytes
->Temporary Internet Files folder emptied: 1886520 bytes
->Java cache emptied: 267651 bytes
->Flash cache emptied: 28122 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 27629566 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3 925,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 01102012_121352

Files moved on Reboot...

Registry entries deleted on Reboot...

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pak dej vědět jaký je stav PC.