VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by ivo at 2012-05-07 10:06:22
Microsoft Windows 7 Ultimate
System drive C: has 68 GB (49%) free of 140 GB
Total RAM: 2047 MB (71% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-03 41760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-06-29 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2012-05-07 10:06:22 ----D---- C:\rsit
2012-05-07 10:06:22 ----D---- C:\Program Files\trend micro
2012-04-21 10:10:30 ----D---- C:\ProgramData\Norton
2012-04-21 10:10:22 ----D---- C:\ProgramData\NortonInstaller
2012-04-21 09:48:21 ----SHD---- C:\Config.Msi
2012-04-18 14:25:35 ----D---- C:\Windows\system32\appmgmt

======List of files/folders modified in the last 1 months======

2012-05-07 10:06:23 ----D---- C:\Windows\Prefetch
2012-05-07 10:06:22 ----RD---- C:\Program Files
2012-05-07 10:03:28 ----D---- C:\Windows\Temp
2012-05-07 09:49:34 ----D---- C:\Windows
2012-05-05 17:46:15 ----D---- C:\Windows\system32\config
2012-05-05 16:31:41 ----D---- C:\Windows\SoftwareDistribution
2012-05-04 12:20:50 ----D---- C:\Users\ivo\AppData\Roaming\Media Player Classic
2012-05-02 14:58:49 ----SHD---- C:\System Volume Information
2012-04-30 17:24:19 ----D---- C:\Windows\system32\drivers
2012-04-30 17:23:27 ----D---- C:\Program Files\Common Files
2012-04-30 17:23:23 ----D---- C:\Windows\system32\Tasks
2012-04-27 17:38:11 ----D---- C:\ProgramData\MFAData
2012-04-26 15:17:18 ----D---- C:\Windows\system32\catroot2
2012-04-24 08:13:25 ----A---- C:\Windows\WINTRAN.INI
2012-04-21 18:55:49 ----D---- C:\Windows\inf
2012-04-21 10:10:30 ----HD---- C:\ProgramData
2012-04-21 09:51:33 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-21 09:51:19 ----SHD---- C:\Windows\Installer
2012-04-21 09:50:22 ----D---- C:\Windows\System32
2012-04-21 09:50:22 ----D---- C:\Windows\ehome
2012-04-18 17:33:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-18 14:25:34 ----D---- C:\Program Files\Microsoft Office
2012-04-18 14:25:34 ----D---- C:\Program Files\Common Files\microsoft shared
2012-04-12 09:19:15 ----D---- C:\Users\ivo\AppData\Roaming\Vso

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2010-12-30 189776]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2010-12-30 99792]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/08/16 18:16:22]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-02-28 87536]
R2 enodpl;enodpl; C:\Windows\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tandpl;tandpl; C:\Windows\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-03 47360]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 231936]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-03 1343400]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]

-----------------EOF-----------------

Zdravim

Pouzivate nejaky antivir?

Jak je to s legalitou systemu? Windows 7 Ultimate neni zrovna standardni domaci verze


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL Extras logfile created on: 9.5.2012 17:48:10 - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = F:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 75,89% Memory free
4,00 Gb Paging File | 3,46 Gb Available in Paging File | 86,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,71 Gb Total Space | 72,93 Gb Free Space | 53,35% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 2,60 Gb Free Space | 21,07% Space Free | Partition Type: NTFS
Drive F: | 7,51 Gb Total Space | 3,20 Gb Free Space | 42,60% Space Free | Partition Type: FAT32

Computer Name: IVO-PC | User Name: ivo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D7D5F96-8368-47B3-8869-3D4C7464696A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2F42653F-B598-4B14-86A2-AA883DD79E27}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B6BBB9F-9810-499A-90A4-51EB834963AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F3E5585-9C9A-4EC0-8EE4-7DB1FA9DF2C6}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C203EC0-9678-472A-BF4E-3190F58460F3}" = lport=137 | protocol=17 | dir=in | app=system |
"{6332500D-FC15-4E3C-AFC9-0B405450AB22}" = lport=10243 | protocol=6 | dir=in | app=system |
"{70A777FF-FF54-41B7-9F64-46F51DD679D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EA73307-99C0-4B2A-ACA5-B64974645FC6}" = lport=445 | protocol=6 | dir=in | app=system |
"{861B56E7-C2B4-46C3-9407-4CD725ED8D5B}" = rport=139 | protocol=6 | dir=out | app=system |
"{8900F004-0B40-490E-A135-9437F8A6EB15}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B6E21C4-F188-462A-9F66-2A6CF4BBC57A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{924FB32D-D77D-4F29-B9D2-1FDF9E60CD38}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CB4BA45-D182-440E-A5B6-D4F69F433C0B}" = lport=138 | protocol=17 | dir=in | app=system |
"{A47AB88C-12F6-4A0B-80A9-5D413101FA8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A721FBA1-AFD7-4C7A-AC4B-AEF3F71E3D2F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A878CEA4-E854-4C5F-B8B6-092885B42EF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF1E6CF2-41DC-4A5E-8928-7DFB78A3B775}" = lport=139 | protocol=6 | dir=in | app=system |
"{B1AB394C-2FAE-4AAA-A2D8-12A5388ACA50}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0E204A7-61CA-4874-B227-5AFA6105538A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C9CA4A55-EEB8-4E49-8367-B851CCF6DCBA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D76CE28B-A8E9-413D-8238-7317CE7F162E}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11E8236A-D4F1-44F5-BF2E-3B3AE32DB77C}" = dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"{1C2C10BF-EFE5-4164-BD6D-A866FF97B131}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2DCB2E0D-B606-4063-8D8A-81A827864FFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{339C34A0-B911-42C2-B1C8-C52DFDDC65C8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{540E68FA-C5B2-42D6-A6E9-788B31E2C131}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{56ADC719-8CCC-47E2-B4FE-6DD2DF42D4FC}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{5D6C7457-2BC9-4D3B-8A73-AF48063C3E71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72887B54-7612-486C-97FB-26A3311678F0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BAB98C11-2A32-4DE7-AC4A-2335ADA7EED7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BEA76CC7-A57C-4629-9ED3-94B98447A923}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3E51F8B-10CA-4E26-A4C6-196207ED5FB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CADA6C74-DD84-46ED-9821-81C7146E8D9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D03236B1-01E9-4412-9255-E40ED0A066F1}" = protocol=6 | dir=out | app=system |
"{D10EA164-DA5F-4848-835D-CC7EE2F98D1F}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{D282BB94-99F8-4AB6-B1A9-7A26D2E4A59E}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{E6BB2F19-73B9-4C71-AC66-251936DB55D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E83A6BAE-2106-4548-8386-287B636F9DDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECF7F14D-80DD-4A13-A0B3-29BC17C423F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0E0F4D7-39B5-41B9-A34B-6434793D9676}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F164CBA8-99C6-4A14-94DF-E8D566C24382}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{94490075-155F-4D08-B92D-4FE592F98591}" = Nokia Ovi Suite
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.3 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"CCleaner" = CCleaner
"CyberLink PowerDVD 9.0.1501" = CyberLink PowerDVD 9.0.1501 CZ
"GoldWave v5.58" = GoldWave v5.58
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.9.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5.10.2011 8:27:17 | Computer Name = ivo-PC | Source = VSS | ID = 12292
Description =

Error - 5.10.2011 8:27:17 | Computer Name = ivo-PC | Source = VSS | ID = 8193
Description =

Error - 5.10.2011 8:27:18 | Computer Name = ivo-PC | Source = System Restore | ID = 8193
Description =

Error - 5.10.2011 9:30:03 | Computer Name = ivo-PC | Source = VSS | ID = 13
Description =

Error - 5.10.2011 9:30:03 | Computer Name = ivo-PC | Source = VSS | ID = 12292
Description =

Error - 6.10.2011 2:36:02 | Computer Name = ivo-PC | Source = VSS | ID = 13
Description =

Error - 6.10.2011 2:36:02 | Computer Name = ivo-PC | Source = VSS | ID = 12292
Description =

Error - 6.10.2011 2:44:44 | Computer Name = ivo-PC | Source = VSS | ID = 13
Description =

Error - 6.10.2011 2:44:44 | Computer Name = ivo-PC | Source = VSS | ID = 12292
Description =

Error - 6.10.2011 2:44:44 | Computer Name = ivo-PC | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 9.5.2012 7:43:05 | Computer Name = ivo-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (13:42:11, ?9.?5.?2012) bylo neočekávané.

Error - 9.5.2012 7:43:13 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 9.5.2012 10:01:33 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 9.5.2012 10:03:35 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7000
Description = Služba MBAMService neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 9.5.2012 10:11:11 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 9.5.2012 10:13:13 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7000
Description = Služba MBAMService neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 9.5.2012 10:15:50 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 9.5.2012 10:17:54 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7000
Description = Služba MBAMService neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 9.5.2012 11:46:49 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7001
Description = Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru,
která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 9.5.2012 11:48:52 | Computer Name = ivo-PC | Source = Service Control Manager | ID = 7000
Description = Služba MBAMService neuspěla při spuštění v důsledku následující chyby:
%%2

[ TuneUp Events ]
Error - 21.7.2011 6:26:05 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 21.7.2011 6:26:26 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.11.2011 9:48:28 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 22.11.2011 10:00:23 | Computer Name = ivo-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >

OTL logfile created on: 9.5.2012 17:48:10 - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = F:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 75,89% Memory free
4,00 Gb Paging File | 3,46 Gb Available in Paging File | 86,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,71 Gb Total Space | 72,93 Gb Free Space | 53,35% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 2,60 Gb Free Space | 21,07% Space Free | Partition Type: NTFS
Drive F: | 7,51 Gb Total Space | 3,20 Gb Free Space | 42,60% Space Free | Partition Type: FAT32

Computer Name: IVO-PC | User Name: ivo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.05.09 15:28:42 | 000,595,456 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011.04.07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.04.07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.12.14 15:42:42 | 000,653,120 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010.12.14 15:41:10 | 001,517,376 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2010.02.10 19:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- F:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.01.03 21:14:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.12.14 15:41:10 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.12.14 15:39:10 | 000,029,504 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.05.18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.05.18 10:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.05.18 10:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.04.08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.03.03 17:59:19 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.12.30 21:04:20 | 000,099,792 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2010.12.30 21:03:08 | 000,189,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010.11.29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.26 04:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.17 14:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2009.02.28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/08/16 18:16:22] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.05 12:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2003.04.19 01:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 18:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes\{3CA653D2-2360-4DEA-BD5B-B5750F4F35E5}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://centrum.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.07.11 13:09:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.07.11 13:09:53 | 000,000,000 | ---D | M]

[2011.01.02 20:07:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo\AppData\Roaming\Mozilla\Extensions
[2011.11.25 11:48:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions
[2011.03.12 00:37:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.02 16:51:16 | 000,000,923 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\conduit.xml
[2011.01.03 04:25:12 | 000,002,342 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icq-search.xml
[2011.01.16 02:18:02 | 000,000,950 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-1.xml
[2011.03.06 19:53:06 | 000,000,950 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-2.xml
[2011.03.24 18:14:33 | 000,000,950 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-3.xml
[2011.08.31 07:17:26 | 000,000,950 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-4.xml
[2011.01.14 10:21:37 | 000,000,950 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin.xml
[2012.01.27 16:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.03 01:39:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.07.11 13:09:53 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2011.01.03 01:39:34 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O3 - HKU\S-1-5-21-2835880761-377794395-384413730-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "F:\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray File not found
O4 - HKU\S-1-5-21-2835880761-377794395-384413730-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2835880761-377794395-384413730-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2835880761-377794395-384413730-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\controller editor.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.11.01 19:36:46 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.05.09 13:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.07 16:27:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.05.07 15:28:39 | 000,000,000 | ---D | C] -- C:\Users\ivo\Documents\default
[2012.05.07 15:17:16 | 000,000,000 | ---D | C] -- C:\Users\ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.05.07 15:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.05.07 15:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012.05.07 10:25:25 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.07 10:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.21 10:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.04.21 10:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.04.18 14:25:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011.01.03 04:53:39 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\ivo\AppData\Roaming\pcouffin.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.05.09 17:49:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.09 17:46:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.09 16:24:05 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.09 16:24:05 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.09 12:56:23 | 000,638,182 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.05.09 12:56:23 | 000,623,560 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.09 12:56:23 | 000,126,844 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.05.09 12:56:23 | 000,111,146 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.07 19:07:23 | 000,001,041 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\vso_ts_preview.xml
[2012.05.07 15:17:17 | 000,002,204 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11 Compact Mode.lnk
[2012.05.07 15:17:16 | 000,001,260 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2012.04.24 08:13:25 | 000,002,116 | ---- | M] () -- C:\Windows\WINTRAN.INI
[2012.04.09 21:43:33 | 000,007,168 | ---- | M] () -- C:\Users\ivo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.05.09 17:49:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.07 15:17:17 | 000,002,204 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11 Compact Mode.lnk
[2012.05.07 15:17:16 | 000,001,260 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 11.lnk
[2011.12.17 10:47:14 | 000,000,042 | ---- | C] () -- C:\Windows\STXKBD.INI
[2011.12.17 10:47:13 | 000,002,116 | ---- | C] () -- C:\Windows\WINTRAN.INI
[2011.12.17 10:47:13 | 000,000,882 | ---- | C] () -- C:\Windows\WDICT32.INI
[2011.12.17 10:47:13 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2011.10.22 10:27:30 | 000,007,605 | ---- | C] () -- C:\Users\ivo\AppData\Local\Resmon.ResmonCfg
[2011.09.20 16:46:50 | 000,000,024 | ---- | C] () -- C:\Windows\System32\Morrowind.ini
[2011.07.25 07:52:17 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2011.07.10 09:30:00 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2011.06.11 11:39:29 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2011.06.11 11:39:29 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
[2011.06.11 10:48:08 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI
[2011.05.09 09:56:51 | 000,022,328 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\PnkBstrK.sys
[2011.05.07 22:21:26 | 000,000,600 | ---- | C] () -- C:\Windows\Rtcw.INI
[2011.02.10 14:23:40 | 000,007,168 | ---- | C] () -- C:\Users\ivo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.01 12:50:31 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.02.01 12:50:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.02.01 12:50:29 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.02.01 12:50:29 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.02.01 12:50:28 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.01.18 16:32:40 | 000,000,599 | ---- | C] () -- C:\Windows\videoimp.ini
[2011.01.18 16:32:32 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2011.01.03 21:13:30 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.01.03 16:43:57 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.01.03 04:55:37 | 000,001,041 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\vso_ts_preview.xml
[2011.01.03 04:53:39 | 000,087,608 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\inst.exe
[2011.01.03 04:53:39 | 000,007,887 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\pcouffin.cat
[2011.01.03 04:53:39 | 000,001,144 | ---- | C] () -- C:\Users\ivo\AppData\Roaming\pcouffin.inf
[2011.01.03 02:19:57 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.01.02 08:39:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.28 22:07:36 | 000,224,001 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.09.17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== LOP Check ==========

[2012.05.07 15:17:54 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ashampoo
[2011.10.05 11:35:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\AVG2012
[2011.09.05 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Bioshock
[2011.03.12 16:34:39 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FairStars Audio Converter Pro
[2011.01.16 01:58:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FreeFileViewer
[2011.03.17 09:07:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ICQ
[2011.09.03 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Leadertech
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia Ovi Suite
[2011.01.11 18:42:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\PC Suite
[2011.09.28 11:21:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Stardock
[2011.01.13 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Tific
[2011.07.25 08:19:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Touchstone
[2011.01.03 04:39:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\TuneUp Software
[2012.03.31 09:02:03 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ubisoft
[2011.01.16 01:58:17 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Uniblue
[2011.01.10 13:30:31 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Voipwise
[2012.05.08 09:51:24 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Vso
[2011.01.02 20:25:08 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Zoner
[2012.04.22 14:21:15 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.11 23:28:44 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Adobe
[2011.02.27 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ahead
[2012.05.07 15:17:54 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ashampoo
[2011.01.02 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ATI
[2011.10.05 11:35:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\AVG2012
[2011.09.05 16:52:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Bioshock
[2011.08.16 07:46:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\CyberLink
[2011.03.12 16:34:39 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FairStars Audio Converter Pro
[2011.01.16 01:58:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\FreeFileViewer
[2011.03.17 09:07:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\ICQ
[2011.01.02 08:46:27 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Identities
[2011.08.31 06:51:44 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\InstallShield
[2011.09.03 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Leadertech
[2011.01.02 08:51:53 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Macromedia
[2011.01.02 20:43:04 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Media Center Programs
[2012.05.04 12:20:50 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Media Player Classic
[2011.08.03 18:01:10 | 000,000,000 | --SD | M] -- C:\Users\ivo\AppData\Roaming\Microsoft
[2011.01.02 20:07:42 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Mozilla
[2011.02.18 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nero
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia
[2011.07.11 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Nokia Ovi Suite
[2011.02.18 15:31:46 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\NVIDIA
[2011.01.11 18:42:06 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\PC Suite
[2011.05.24 07:07:07 | 000,000,000 | RH-D | M] -- C:\Users\ivo\AppData\Roaming\SecuROM
[2012.01.27 16:10:47 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Skype
[2011.04.01 09:15:28 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\skypePM
[2011.09.28 11:21:43 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Stardock
[2011.01.13 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Tific
[2011.07.25 08:19:22 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Touchstone
[2011.01.03 04:39:40 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\TuneUp Software
[2012.03.31 09:02:03 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Ubisoft
[2011.01.16 01:58:17 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Uniblue
[2011.01.10 13:30:31 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Voipwise
[2012.05.08 09:51:24 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Vso
[2011.01.02 09:02:57 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\WinRAR
[2011.01.02 20:25:08 | 000,000,000 | ---D | M] -- C:\Users\ivo\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.01.03 04:53:39 | 000,087,608 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\inst.exe
[2011.11.22 15:35:13 | 000,007,680 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C9858.exe
[2011.11.22 15:35:13 | 000,101,888 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98582.exe
[2011.11.22 15:35:13 | 000,012,800 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98583.exe
[2011.11.22 15:35:13 | 000,018,944 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98584.exe
[2011.11.22 15:35:13 | 000,396,288 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98585.exe
[2011.11.22 15:35:13 | 000,252,416 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}\Icon2B0C98586.exe
[2011.11.27 18:33:29 | 000,107,008 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A1.exe
[2011.11.27 18:33:29 | 000,004,608 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A2.exe
[2011.11.27 18:33:29 | 000,106,496 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A3.exe
[2011.11.27 18:33:29 | 000,107,008 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A4.exe
[2011.11.27 18:33:29 | 000,210,432 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{359ADF3A-F727-40F1-9D8A-6699EE355287}\Icon359ADF3A5.exe
[2011.05.21 22:39:04 | 000,010,134 | R--- | M] () -- C:\Users\ivo\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.04.25 22:08:43 | 000,342,365 | ---- | M] () -- C:\Users\ivo\AppData\Roaming\Nero\Uninstall.exe
[2011.03.31 23:26:36 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\ivo\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.05.09 17:54:32 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.09 17:54:32 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.09 12:56:23 | 000,126,844 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.05.09 12:56:23 | 000,111,146 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.05.09 12:56:23 | 000,638,182 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.05.09 12:56:23 | 000,623,560 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.05.09 12:56:23 | 001,495,348 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.09 17:49:59 | 000,000,512 | ---- | M] () MD5=C1640A2FD066CD86531E1D057C2FEBE9 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >

< *w7lxe* /s >

< End of report >
Dobrý den.Nemám připojení na Net.Widle jsou zn."pirát"...

kemgura píše:Widle jsou zn."pirát"...

Toz co s vama
Zkuste to procistit CCleanerem, vcetne registru a defragmentovat disk. Taky tam mate nejake zbytky po Avastu a i neco od AVG jsem tam zahledl. Tak se toho zkuste zbavit. Treba to zabere.

Protoze jinak:
Podle pravidel fora se zde nelegalnim software nezabyvame (prectete si pravidlo - pomahat nelze cislo 2 http://www.viry.cz/forum/viewtopic.php?f=12&t=115512 ).

Tak co, pomohlo to?

Dobrý den.Zdá se,že mi to už nedělá zlobu...Jste génius...Zbytky Avastu a AVG mi tam zavazí už léta .Nevím jak je ostranit. Příjemný den.

Tak to docistime, kdyz jste ten lnelegal priznal a bylo to poprve. Ale priste uz nee, OK?

Jsou tam i nejake stopy MBAM, ale taky asi neni plne funkcni, nebo ano?

V tomto skriptu se odpali i MBAM, tak jestli ho tam mate schvalne, napiste, ja ho upravim.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Díky ! Posílám OTL log...
All processes killed
========== OTL ==========
Error: No service named MBAMService was found to stop!
Service\Driver key MBAMService not found.
File F:\Malwarebytes' Anti-Malware\mbamservice.exe not found.
Error: No service named MBAMProtector was found to stop!
Service\Driver key MBAMProtector not found.
File C:\Windows\System32\drivers\mbam.sys not found.
Error: Unable to stop service aswFW!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswFW deleted successfully.
C:\Windows\System32\drivers\aswFW.sys moved successfully.
Error: Unable to stop service aswNdis2!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswNdis2 deleted successfully.
C:\Windows\System32\drivers\aswNdis2.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.9&q=" removed from keyword.URL
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\conduit.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icq-search.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\ivo\AppData\Roaming\Mozilla\Firefox\Profiles\1nhnezth.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}\ not found.
Registry value HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
Registry value HKEY_USERS\S-1-5-21-2835880761-377794395-384413730-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder deleted successfully.
C:\Windows\A5B5A16D277A476B8F621029A2F23072.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\A5B5A16D277A476B8F621029A2F23072.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\System32\tmp8EE8.tmp deleted successfully.
C:\Windows\System32\tmp9012.tmp deleted successfully.
C:\Users\ivo\AppData\Roaming\AVG2012\cfgall folder moved successfully.
C:\Users\ivo\AppData\Roaming\AVG2012 folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP34D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9\ deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ivo
->Temp folder emptied: 59876210 bytes
->Temporary Internet Files folder emptied: 327814 bytes
->Java cache emptied: 5529783 bytes
->FireFox cache emptied: 46535308 bytes
->Flash cache emptied: 602 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 590304 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 108,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: ivo
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.43.1 log created on 05232012_134922

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Smazano.

Spustte znovu OTL jako spravce a kliknete na napis Vycisti. Program po sobe uklidi a pokud nebudou problemy, melo by to byt vse

Děkuji Vám za Váš čas....

Nemate zac Mejte se