Nelze se zbavit Adware.DoubleD viru Vyřešeno

[PetrBlade]

Když soubor uložím do karantény a smažu, tak se opět objeví...

\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe » 7ZIP » OFFLINE/69E6D3E5/3E688669/stbapp.exe - varianta infiltrace Win32/Adware.DoubleD.AA aplikace
a dalších 7 podobných součástí exe

Jak to smazat.

[Reklama]

[Grinch]

Docela problém lze to řešit logem z HJT vlož ho sem,ale lepší by bylo si založit new topic.

[pitimir]

Ahoj, DoubleD adwaru sa da celkom jednoducho zbavit.

Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT

Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

[PetrBlade]

UTL.Txt

OTL logfile created on: 2.1.2010 13:32:55 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\krejci.REDITEL\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 288,00 Mb Available Physical Memory | 57,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,60 Gb Total Space | 3,45 Gb Free Space | 9,69% Space Free | Partition Type: FAT32
Drive D: | 35,98 Gb Total Space | 0,38 Gb Free Space | 1,06% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REDITEL
Current User Name: krejci
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.01.02 13:29:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krejci.REDITEL\Plocha\OTL.exe
PRC - [2008.11.10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008.08.23 11:31:30 | 00,230,891 | ---- | M] (Dead'Soul (MysterCrowley.com)) -- C:\Program Files\NumLocker\NumLocker.exe
PRC - [2008.04.14 05:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.05 09:14:20 | 00,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2008.02.05 09:14:20 | 00,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2007.10.31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.07.24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006.12.14 17:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2004.10.15 11:30:52 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
PRC - [2004.10.15 11:27:38 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004.10.15 11:24:48 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004.10.15 11:23:12 | 00,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004.10.15 11:22:14 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004.10.15 11:21:38 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe


========== Modules (SafeList) ==========

MOD - [2010.01.02 13:29:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krejci.REDITEL\Plocha\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2008.11.10 05:43:40 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008.07.29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.02.05 09:14:20 | 00,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2007.10.31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007.07.24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006.12.14 17:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2004.12.27 17:12:16 | 00,036,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\acs.exe~ -- (ACS)
SRV - [2004.10.15 11:30:52 | 00,098,304 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2004.10.15 11:24:48 | 00,360,521 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004.10.15 11:22:14 | 00,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004.10.15 11:21:38 | 00,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)


========== Driver Services (SafeList) ==========

DRV - [2008.04.26 18:49:48 | 00,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.06 23:19:08 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008.02.05 09:32:22 | 00,017,801 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2008.02.05 09:14:20 | 00,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2008.02.05 09:14:20 | 00,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.01.13 10:33:18 | 05,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2005.11.03 18:12:10 | 00,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2005.08.09 16:43:00 | 03,855,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.06.30 15:16:58 | 01,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.06.30 15:16:06 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.06.30 15:16:02 | 00,716,416 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.05.31 15:40:20 | 00,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 00,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 00,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 00,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 00,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 00,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005.03.04 11:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.01.07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.12.17 16:14:44 | 00,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.10.29 18:48:10 | 03,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004.10.19 13:37:38 | 00,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004.10.15 11:20:04 | 00,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004.10.08 14:33:46 | 00,185,824 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004.08.12 08:44:04 | 00,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004.08.03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.03.17 12:04:14 | 00,013,059 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2003.07.16 07:27:40 | 00,043,264 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2002.12.31 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002.12.31 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2001.08.17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\S-1-5-21-2025429265-113007714-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Qip поиск"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.2
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.08
FF - prefs.js..keyword.URL: "http://www.google.cz/search?hl=cs&q= "
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.01.20 20:13:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.01.20 20:13:32 | 00,000,000 | ---D | M]

[2009.06.23 16:37:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Extensions
[2008.02.12 21:47:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions
[2009.06.19 01:27:06 | 00,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009.06.23 16:38:52 | 00,000,000 | ---D | M] (PimpZilla) -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2009.05.19 21:28:50 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.04.15 18:56:30 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008.09.23 20:10:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\cs@dictionaries.addons.mozilla.org
[2008.07.04 22:50:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\de-DE-comb@dictionaries.addons.mozilla.org
[2008.07.04 22:47:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2008.07.04 22:47:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009.06.06 21:28:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\check4change-owner@mozdev.org
[2009.04.01 16:56:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\sk@dictionaries.addons.mozilla.org
[2009.06.23 16:38:54 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}\chrome\mozapps\extensions
[2008.10.08 18:15:52 | 00,001,692 | ---- | M] () -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Mozilla\Firefox\Profiles\fw7c4e9j.default\searchplugins\sfd.xml
[2008.01.20 20:13:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.11.11 08:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009.06.23 16:37:44 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.06.23 16:37:44 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.06.23 16:37:44 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.06.23 16:37:44 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.06.23 16:37:44 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (737 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ESET NOD32] C:\Program Files\ESET\nod32kui.exe (Eset )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Port pro program Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe (20Dollars2Surf.com)
O4 - Startup: C:\Documents and Settings\krejci.REDITEL\Nabídka Start\Programy\Po spuštění\NumLocker.lnk = C:\Program Files\NumLocker\NumLocker.exe (Dead'Soul (MysterCrowley.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 24
O7 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O7 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\Program Files\Flash Saver\save.htm ()
O9 - Extra Button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\Program Files\Flash Saver\save.htm ()
O9 - Extra 'Tools' menuitem : Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\Program Files\Flash Saver\save.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3354158515 (MUWebControl Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.02.06 23:18:04 | 00,000,200 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2c87a0e2-09bc-11de-9de5-0013ce5da86d}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.08.24 16:25:12 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53483750268338176)

========== Files/Folders - Created Within 7 Days ==========

[2010.01.02 13:29:17 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\krejci.REDITEL\Plocha\OTL.exe
[2010.01.02 10:41:17 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\krejci.REDITEL\Recent
[2009.12.31 10:20:53 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009.12.30 15:28:09 | 00,000,000 | ---D | C] -- C:\Klubové filmy
[2009.12.29 18:54:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wbemdisp.tlb
[2009.12.29 18:54:50 | 00,000,000 | ---D | C] -- C:\Program Files\20Dollars2Surf
[2009.12.29 18:15:52 | 00,000,000 | ---D | C] -- C:\Dexter (2006-08)
[2009.12.27 23:04:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\Programming_by_marco6,_ic
[2009.12.27 23:03:48 | 00,000,000 | ---D | C] -- C:\Program Files\Megaupload Downloader
[2009.12.27 21:37:43 | 00,000,000 | ---D | C] -- C:\Program Files\SciTE
[2009.12.27 18:03:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\RapidSharing.eu
[2009.12.27 18:02:16 | 00,000,000 | ---D | C] -- C:\Program Files\RapGet.RS
[2005.12.22 09:10:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Symantec
[2005.08.24 16:40:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2005.08.24 16:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2005.08.24 16:30:00 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2005.08.24 16:30:00 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[1999.04.07 14:39:18 | 00,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.08 23:53:54 | 00,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.08 23:53:54 | 00,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.08 23:53:54 | 00,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.08 23:53:54 | 00,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.08 23:53:54 | 00,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.01.02 13:29:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\krejci.REDITEL\Plocha\OTL.exe
[2010.01.02 10:41:28 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.02 10:41:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.02 10:41:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.02 10:40:14 | 15,466,496 | -H-- | M] () -- C:\Documents and Settings\krejci.REDITEL\NTUSER.DAT
[2010.01.02 10:40:14 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\krejci.REDITEL\ntuser.ini
[2010.01.02 01:07:36 | 00,152,576 | ---- | M] () -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.29 19:08:52 | 00,000,610 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk
[2009.12.26 23:55:20 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009.12.26 22:38:30 | 00,000,797 | ---- | M] () -- C:\WINDOWS\win.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.29 18:54:57 | 00,000,610 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\20Dollars2Surf.lnk
[2009.06.26 13:22:42 | 00,000,134 | ---- | C] () -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\fusioncache.dat
[2009.03.30 18:04:04 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009.03.29 18:03:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.03.29 18:03:34 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.03.29 18:03:34 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.29 18:03:26 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.03.29 18:03:26 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.03.29 16:29:04 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\wdsdtdsini.dll
[2009.02.16 17:23:11 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009.02.02 16:43:50 | 00,000,058 | ---- | C] () -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2009.01.28 17:38:46 | 00,000,904 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2008.08.10 20:58:08 | 00,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2008.08.10 20:58:08 | 00,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBTEnum.sys
[2008.04.26 18:49:44 | 00,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.04.20 13:44:22 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\wvjava.dll
[2008.03.22 23:38:41 | 00,246,784 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2008.02.09 20:59:28 | 00,054,764 | ---- | C] () -- C:\WINDOWS\System32\4fdw.dll
[2008.02.09 20:33:54 | 00,000,089 | ---- | C] () -- C:\WINDOWS\Mgreg.ini
[2008.02.09 11:55:48 | 00,152,576 | ---- | C] () -- C:\Documents and Settings\krejci.REDITEL\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.07 17:46:41 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.02.06 23:36:28 | 00,003,238 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.02.06 23:35:48 | 00,001,661 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.02.06 23:04:41 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIJCMK5.dll
[2008.02.06 23:03:15 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2008.02.06 22:47:46 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2008.02.06 22:46:15 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2008.02.06 22:45:23 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008.02.06 22:45:23 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008.02.06 22:45:23 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2008.02.06 22:38:47 | 00,000,204 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008.02.06 22:32:11 | 00,000,371 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.02.05 18:16:37 | 00,000,119 | ---- | C] () -- C:\WINDOWS\mgwin.ini
[2008.02.05 14:01:29 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2008.02.05 13:26:24 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2008.02.05 11:41:32 | 00,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2008.02.05 09:58:09 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.02.05 09:58:09 | 00,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.02.05 09:14:33 | 00,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2008.02.05 08:32:52 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2007.12.14 09:21:32 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2005.10.14 11:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.08.12 08:44:10 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2001.12.26 15:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999.01.22 15:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2006.04.16 10:17:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2006.05.10 20:37:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2007.08.18 13:14:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2007.12.22 12:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acoustica
[2006.05.10 20:38:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\LANGMaster
[2006.08.08 16:40:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\RadLight Company
[2007.10.09 20:17:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\PDM
[2007.10.23 17:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\BSplayer
[2007.10.23 17:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\BSplayer Pro
[2008.01.09 12:26:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\Mikrotik
[2008.01.23 15:45:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci\Data aplikací\ICQ
[2008.02.09 16:04:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2008.02.09 17:03:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\LightScribe
[2008.02.17 12:05:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\WinZip
[2008.03.31 22:01:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\OLYMPUS
[2008.06.03 20:27:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Acoustica
[2008.12.20 14:11:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ConeXware
[2008.02.05 13:30:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Zoner
[2008.02.09 11:57:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\BSplayer
[2009.06.24 22:40:40 | 00,000,000 | R--D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Dokumenty
[2008.04.18 16:38:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\PDM
[2008.04.20 14:04:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\IEPro
[2008.04.20 14:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\MiniDm
[2008.06.03 20:27:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Acoustica
[2008.05.02 10:21:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\EBookSys
[2008.06.26 22:19:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\InterVideo
[2008.12.17 20:08:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Jasc
[2009.03.06 22:56:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\DMCache
[2009.03.29 16:15:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Moyea
[2009.05.30 15:26:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\VitySoft
[2009.06.12 12:55:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Opera
[2009.06.24 23:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\krejci.REDITEL\Data aplikací\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2002.12.31 12:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008.04.14 05:21:42 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:42 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2008.04.14 05:21:42 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2002.12.31 12:00:00 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll
[2008.04.14 05:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2002.12.31 12:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll
[2008.04.14 05:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2008.04.13 20:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0034\DriverFiles\i386\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008.04.13 20:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys
[2008.04.13 20:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >

[PetrBlade]

Extras.Txt

OTL Extras logfile created on: 2.1.2010 13:32:55 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\krejci.REDITEL\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 288,00 Mb Available Physical Memory | 57,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,60 Gb Total Space | 3,45 Gb Free Space | 9,69% Space Free | Partition Type: FAT32
Drive D: | 35,98 Gb Total Space | 0,38 Gb Free Space | 1,06% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REDITEL
Current User Name: krejci
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"11208:TCP" = 11208:TCP:*:Enabled:BitComet 11208 TCP
"11208:UDP" = 11208:UDP:*:Enabled:BitComet 11208 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\InterVideo\DVD5\WinDVD.exe" = C:\Program Files\InterVideo\DVD5\WinDVD.exe:*:Disabled:WinDVD -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- File not found
"C:\Program Files\Swapper\swapper.exe" = C:\Program Files\Swapper\swapper.exe:*:Enabled:swapper -- File not found
"C:\Program Files\Invisible Browsing\InvisibleBrowsing.exe" = C:\Program Files\Invisible Browsing\InvisibleBrowsing.exe:*:Enabled:Invisible Browsing -- File not found
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe" = C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Disabled:Java(TM) Platform SE binary -- File not found
"D:\Programy\Universal Share Downloader 1.3.5.1\USDownloader.exe" = D:\Programy\Universal Share Downloader 1.3.5.1\USDownloader.exe:*:Enabled:Universal Share Downloader -- File not found
"C:\WINDOWS\System32\java.exe" = C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\HomeforImaginaryFriends603PranksforNothingavi[www.exe" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\HomeforImaginaryFriends603PranksforNothingavi[www.exe:*:Enabled:HomeforImaginaryFriends603PranksforNothingavi[www -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\_s_Home_for_Imaginary_Friends_603_Pranks_for_Nothing_avi.exe" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\_s_Home_for_Imaginary_Friends_603_Pranks_for_Nothing_avi.exe:*:Enabled:_s_Home_for_Imaginary_Friends_603_Pranks_for_Nothing_avi -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\sHomeforImaginaryFriends603PranksforNothing.exe" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\sHomeforImaginaryFriends603PranksforNothing.exe:*:Enabled:sHomeforImaginaryFriends603PranksforNothing -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\T2E.EXE" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\T2E.EXE:*:Enabled:T2E -- File not found
"D:\icesoundtrack[mininova].exe" = D:\icesoundtrack[mininova].exe:*:Enabled:icesoundtrack[mininova] -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\Season 5\sHomeforImaginaryFriends513LetYourHareDown.exe" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\Season 5\sHomeforImaginaryFriends513LetYourHareDown.exe:*:Enabled:sHomeforImaginaryFriends513LetYourHareDown -- File not found
"D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\sHomeforImaginaryFriends513LetYourHareDown.exe" = D:\Foster's Home for Imaginary Friends (2004) [by Craig McCracken]\sHomeforImaginaryFriends513LetYourHareDown.exe:*:Enabled:sHomeforImaginaryFriends513LetYourHareDown -- File not found
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"D:\sa[2008]DvDrip[Eng]FXG[mininova].exe" = D:\sa[2008]DvDrip[Eng]FXG[mininova].exe:*:Enabled:sa[2008]DvDrip[Eng]FXG[mininova] -- File not found
"D:\rracuda_Vol_382009HADES.exe" = D:\rracuda_Vol_382009HADES.exe:*:Enabled:rracuda_Vol_382009HADES -- File not found
"D:\iceUKSession126amp3B2InfinitePirate[mininova].exe" = D:\iceUKSession126amp3B2InfinitePirate[mininova].exe:*:Enabled:iceUKSession126amp3B2InfinitePirate[mininova] -- File not found
"D:\ice[UK.exe" = D:\ice[UK.exe:*:Enabled:ice[UK -- File not found
"D:\xmas1.exe" = D:\xmas1.exe:*:Enabled:xmas1 -- File not found
"D:\S02.EXE" = D:\S02.EXE:*:Enabled:S02 -- File not found
"D:\Extras (2005-2007) [by Ricky Gervais & Stephen Merchant]\S02cs.exe" = D:\Extras (2005-2007) [by Ricky Gervais & Stephen Merchant]\S02cs.exe:*:Enabled:S02cs -- File not found
"D:\Series_(Seasons)_1___2_Complete.exe" = D:\Series_(Seasons)_1___2_Complete.exe:*:Enabled:Series_(Seasons)_1___2_Complete -- File not found
"D:\tsofLagerAndaPacketofCrispsUnofficialSoundtrack[mininova].exe" = D:\tsofLagerAndaPacketofCrispsUnofficialSoundtrack[mininova].exe:*:Enabled:tsofLagerAndaPacketofCrispsUnofficialSoundtrack[mininova] -- File not found
"D:\tsofLagerandaPacketofCrispsSeason16[mininova].exe" = D:\tsofLagerandaPacketofCrispsSeason16[mininova].exe:*:Enabled:tsofLagerandaPacketofCrispsSeason16[mininova] -- File not found
"D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\tsofLagerandaPacketofCrispsSeason7Outtake[mininova].exe" = D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\tsofLagerandaPacketofCrispsSeason7Outtake[mininova].exe:*:Enabled:tsofLagerandaPacketofCrispsSeason7Outtake[mininova] -- File not found
"D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\rrentcomTwoPintsofLagerandaPacketofCrispsSeason7Outtake.exe" = D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\rrentcomTwoPintsofLagerandaPacketofCrispsSeason7Outtake.exe:*:Enabled:rrentcomTwoPintsofLagerandaPacketofCrispsSeason7Outtake -- File not found
"D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\ts_of_Lager_and_a_Packet_of_Crisps__Season_7.exe" = D:\Two Pints of Lager and a Packet of Crisps [by Gareth Carrivick]\ts_of_Lager_and_a_Packet_of_Crisps__Season_7.exe:*:Enabled:ts_of_Lager_and_a_Packet_of_Crisps__Season_7 -- File not found
"D:\The Ricky Gervais Show\icesoundtrack[mininova].exe" = D:\The Ricky Gervais Show\icesoundtrack[mininova].exe:*:Enabled:icesoundtrack[mininova] -- File not found
"D:\BritainSeries1[mininova].exe" = D:\BritainSeries1[mininova].exe:*:Enabled:BritainSeries1[mininova] -- File not found
"D:\Little Britain (2003) [by Steve Bendelack]\Britain_II_serie[mininova].exe" = D:\Little Britain (2003) [by Steve Bendelack]\Britain_II_serie[mininova].exe:*:Enabled:Britain_II_serie[mininova] -- File not found
"D:\Little Britain (2003) [by Steve Bendelack]\Britain__Season_3_by_luke80.exe" = D:\Little Britain (2003) [by Steve Bendelack]\Britain__Season_3_by_luke80.exe:*:Enabled:Britain__Season_3_by_luke80 -- File not found
"D:\Klubové filmy\Mystery of the Wax Museum (1933) [by Michael Curtiz; Ch. Belden]\STERY_OF_THE_WAX_MUSEUM.exe" = D:\Klubové filmy\Mystery of the Wax Museum (1933) [by Michael Curtiz; Ch. Belden]\STERY_OF_THE_WAX_MUSEUM.exe:*:Enabled:STERY_OF_THE_WAX_MUSEUM -- File not found
"D:\Klubové filmy\Young Frankenstein (1974) [by Mel Brooks]\rankenstein[mininova].exe" = D:\Klubové filmy\Young Frankenstein (1974) [by Mel Brooks]\rankenstein[mininova].exe:*:Enabled:rankenstein[mininova] -- File not found
"D:\Klubové filmy\Young Frankenstein (1974) [by Mel Brooks]\frankenstein[mininova].exe" = D:\Klubové filmy\Young Frankenstein (1974) [by Mel Brooks]\frankenstein[mininova].exe:*:Enabled:frankenstein[mininova] -- File not found
"D:\Klubové filmy\Dracula Dead and Loving It (1995) [by Mel Brooks]\T2E.EXE" = D:\Klubové filmy\Dracula Dead and Loving It (1995) [by Mel Brooks]\T2E.EXE:*:Enabled:T2E -- File not found
"D:\Klubové filmy\Robin Hood Men in Tights (1993) [by Mel Brooks]\oodMenInTights(1993)[ENG]DVDripInsomniack.exe" = D:\Klubové filmy\Robin Hood Men in Tights (1993) [by Mel Brooks]\oodMenInTights(1993)[ENG]DVDripInsomniack.exe:*:Enabled:oodMenInTights(1993)[ENG]DVDripInsomniack -- File not found
"D:\Klubové filmy\Robin Hood Men in Tights (1993) [by Mel Brooks]\ood_Men_in_Tights_DVD_Rip_XviD__IceEncoding.exe" = D:\Klubové filmy\Robin Hood Men in Tights (1993) [by Mel Brooks]\ood_Men_in_Tights_DVD_Rip_XviD__IceEncoding.exe:*:Enabled:ood_Men_in_Tights_DVD_Rip_XviD__IceEncoding -- File not found
"D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_1_.exe" = D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_1_.exe:*:Enabled:hicken_Season_1_ -- File not found
"D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_1[mininova].exe" = D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_1[mininova].exe:*:Enabled:hicken_Season_1[mininova] -- File not found
"D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_2[mininova].exe" = D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\hicken_Season_2[mininova].exe:*:Enabled:hicken_Season_2[mininova] -- File not found
"D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\3[mininova].exe" = D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\3[mininova].exe:*:Enabled:3[mininova] -- File not found
"D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\HICKEN.EXE" = D:\Robot Chicken (2005-2008) [by Seth Green & Matthew Senreich]\HICKEN.EXE:*:Enabled:HICKEN -- File not found
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found
"D:\ROBOT.EXE" = D:\ROBOT.EXE:*:Enabled:ROBOT -- File not found
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- File not found
"D:\KUP.EXE" = D:\KUP.EXE:*:Enabled:KUP -- File not found
"D:\Klubové filmy\at_the_Plaza_(2003)_[DVDRip__1.exe" = D:\Klubové filmy\at_the_Plaza_(2003)_[DVDRip__1.exe:*:Enabled:at_the_Plaza_(2003)_[DVDRip__1 -- File not found
"D:\Klubové filmy\Deep Throat (1972) [by Gerard Damiano; Linda Lovelace]\T2E.EXE" = D:\Klubové filmy\Deep Throat (1972) [by Gerard Damiano; Linda Lovelace]\T2E.EXE:*:Enabled:T2E -- File not found
"D:\Klubové filmy\Deep Throat (1972) [by Gerard Damiano; Linda Lovelace]\roat_1972_VHS_ripp_XVID_DL33T3.exe" = D:\Klubové filmy\Deep Throat (1972) [by Gerard Damiano; Linda Lovelace]\roat_1972_VHS_ripp_XVID_DL33T3.exe:*:Enabled:roat_1972_VHS_ripp_XVID_DL33T3 -- File not found
"D:\Superman Doomsday (2007) [by Bruce W.Timm; animated; 75 minutes]\n___Doomsday__2007__DVDrip__Eng_[mininova].exe" = D:\Superman Doomsday (2007) [by Bruce W.Timm; animated; 75 minutes]\n___Doomsday__2007__DVDrip__Eng_[mininova].exe:*:Enabled:n___Doomsday__2007__DVDrip__Eng_[mininova] -- File not found
"D:\Klubové filmy\History of the World Part I (1981) [by Mel Brooks]\oftheWorldPart1[mininova].exe" = D:\Klubové filmy\History of the World Part I (1981) [by Mel Brooks]\oftheWorldPart1[mininova].exe:*:Enabled:oftheWorldPart1[mininova] -- File not found
"D:\Klubové filmy\High Anxiety (1978) [by Mel Brooks]\xiety_Det_V_ras_F_r_Galningarna[1977]Xvid.exe" = D:\Klubové filmy\High Anxiety (1978) [by Mel Brooks]\xiety_Det_V_ras_F_r_Galningarna[1977]Xvid.exe:*:Enabled:xiety_Det_V_ras_F_r_Galningarna[1977]Xvid -- File not found
"D:\Klubové filmy\The Twelve Chairs (1970) [by Mel Brooks]\lveChairs(1970)JBW[mininova].exe" = D:\Klubové filmy\The Twelve Chairs (1970) [by Mel Brooks]\lveChairs(1970)JBW[mininova].exe:*:Enabled:lveChairs(1970)JBW[mininova] -- File not found
"D:\rNotToBe(1983)(Xvid)(Darkside_RG).exe" = D:\rNotToBe(1983)(Xvid)(Darkside_RG).exe:*:Enabled:rNotToBe(1983)(Xvid)(Darkside_RG) -- File not found
"D:\Mod_Source_2007_StandAlone.exe" = D:\Mod_Source_2007_StandAlone.exe:*:Enabled:Mod_Source_2007_StandAlone -- File not found
"D:\sion_and_Jack.exe" = D:\sion_and_Jack.exe:*:Enabled:sion_and_Jack -- File not found
"D:\T2E.EXE" = D:\T2E.EXE:*:Enabled:T2E -- File not found
"D:\tsOfLooseChange[mininova].exe" = D:\tsOfLooseChange[mininova].exe:*:Enabled:tsOfLooseChange[mininova] -- File not found
"D:\e_Hill_Season_5_Episode_15.exe" = D:\e_Hill_Season_5_Episode_15.exe:*:Enabled:e_Hill_Season_5_Episode_15 -- File not found
"D:\SCHLOSS.EXE" = D:\SCHLOSS.EXE:*:Enabled:SCHLOSS -- File not found
"D:\Jeff Dunham\Jeff Dunham Spark of Insanity (2007)\T2E.EXE" = D:\Jeff Dunham\Jeff Dunham Spark of Insanity (2007)\T2E.EXE:*:Enabled:T2E -- File not found
"D:\_Dunham__Spark_Of_Insanity_(2007)_DVDRip.exe" = D:\_Dunham__Spark_Of_Insanity_(2007)_DVDRip.exe:*:Enabled:_Dunham__Spark_Of_Insanity_(2007)_DVDRip -- File not found
"D:\Jeff Dunham\Jeff Dunham Spark of Insanity (2007)\Bonus Jeff Dunham - Walter for President (Walter's Announcement)\T2E.EXE" = D:\Jeff Dunham\Jeff Dunham Spark of Insanity (2007)\Bonus Jeff Dunham - Walter for President (Walter's Announcement)\T2E.EXE:*:Enabled:T2E -- File not found
"D:\The League of Gentlemen\gue_Of_Gentlemen[mininova].exe" = D:\The League of Gentlemen\gue_Of_Gentlemen[mininova].exe:*:Enabled:gue_Of_Gentlemen[mininova] -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"D:\Vs_Soffy_O[mininova].exe" = D:\Vs_Soffy_O[mininova].exe:*:Enabled:Vs_Soffy_O[mininova] -- File not found
"D:\Klubové filmy\Le Diner de cons -Blbec k večeři- (1998) [by Francis Veber]\T2E.EXE" = D:\Klubové filmy\Le Diner de cons -Blbec k večeři- (1998) [by Francis Veber]\T2E.EXE:*:Enabled:T2E -- File not found
"D:\orsten___L_E_F__Benelux_Edition_.exe" = D:\orsten___L_E_F__Benelux_Edition_.exe:*:Enabled:orsten___L_E_F__Benelux_Edition_ -- File not found
"D:\t]TheCompleteJosefHofmannVol.exe" = D:\t]TheCompleteJosefHofmannVol.exe:*:Enabled:t]TheCompleteJosefHofmannVol -- File not found
"D:\JacksonTheBestOfTheBest.exe" = D:\JacksonTheBestOfTheBest.exe:*:Enabled:JacksonTheBestOfTheBest -- File not found
"D:\SchulzFeat.exe" = D:\SchulzFeat.exe:*:Enabled:SchulzFeat -- File not found
"D:\_TheOffspringLiveAtRockInRio2820[mininova].exe" = D:\_TheOffspringLiveAtRockInRio2820[mininova].exe:*:Enabled:_TheOffspringLiveAtRockInRio2820[mininova] -- File not found
"D:\AzraAzra(1980)(Remastered).exe" = D:\AzraAzra(1980)(Remastered).exe:*:Enabled:AzraAzra(1980)(Remastered) -- File not found
"D:\KIDO3D.EXE" = D:\KIDO3D.EXE:*:Enabled:KIDO3D -- File not found
"D:\TS.EXE" = D:\TS.EXE:*:Enabled:TS -- File not found
"D:\i_Br__s___Pl__y.exe" = D:\i_Br__s___Pl__y.exe:*:Enabled:i_Br__s___Pl__y -- File not found
"D:\ely_Island__Incredibad_[FLAC].exe" = D:\ely_Island__Incredibad_[FLAC].exe:*:Enabled:ely_Island__Incredibad_[FLAC] -- File not found
"D:\a640802ful503questionsandanswersbala.exe" = D:\a640802ful503questionsandanswersbala.exe:*:Enabled:a640802ful503questionsandanswersbala -- File not found
"D:\yedPeasBoomBoomPow(Remixes)(PromoCDM)2009WRE.exe" = D:\yedPeasBoomBoomPow(Remixes)(PromoCDM)2009WRE.exe:*:Enabled:yedPeasBoomBoomPow(Remixes)(PromoCDM)2009WRE -- File not found
"D:\AmericanRejects[mininova].exe" = D:\AmericanRejects[mininova].exe:*:Enabled:AmericanRejects[mininova] -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{17528AC4-E6C2-43CD-8D8D-A62BA476ADC7}" = Zoner Photo Studio 7 Professional
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.0
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 11
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.2
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{86A44EF7-78FC-4e18-A564-B18F806F7F56}" = ActivationManager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{92F31257-15BA-46EE-887D-3C18C0790ACE}" = Atheros Client Installation Program
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A918DE8A-98C8-0900-0000-000000190000}" = Sony Ericsson K300i-J300i - Handset Manager V9
"{A918DE8A-98C8-0920-0001-000000000000}" = Multimediální ukázky
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{B48F9C44-C904-4FA3-984D-F65AE4C49745}" = Zoner Media Explorer 5
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1" = PC Chrono 1.1.0.6
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1" = Texas Hold'em Poker 3D - Deluxe Edition 1.0
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"6C456557-97F3-42AD-A918-AD60B7BE0AC8_is1" = Revolt wfr
"7-Zip" = 7-Zip 4.57
"Acoustica 4_is1" = Acoustica 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025008F" = HDAUDIO Soft Voice Modem with SmartCP
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"FastStone Player" = FastStone Player
"Flash Saver" = Flash Saver
"FLV Player" = FLV Player 2.0, build 24
"GoldWave v5.23" = GoldWave v5.23
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{95B87E45-CC33-49B6-9B4C-6570941FA90C}" = NTI CD & DVD-Maker 7 Platinum
"InstallShield_{ADCC857B-9A9E-411F-A441-8FDCD120043A}" = NTI CD & DVD-Maker 7 Platinum
"IrfanView" = IrfanView (remove only)
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.5
"Lost Treasures Of Eldorado_is1" = Lost Treasures of Eldorado
"Megaupload Downloader" = Megaupload Downloader
"MFZ0CODEC" = MFZ0 codec (Remove Only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Montezumova pomsta" = Montezumova pomsta
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NOD32" = Antivirový systém NOD32
"NumLocker" = NumLocker 1.0
"PhotoFiltre" = PhotoFiltre
"PLATINUM WorldView for Internet Explorer" = PLATINUM WorldView for Internet Explorer
"Postal 2" = Postal 2
"ProInst" = Intel(R) PROSet/Wireless Software
"QIP 2005_is1" = QIP 2005 8080
"QIP2005" = QIP 2005 Uninstall
"ReNamer1.80" = ReNamer 1.80
"ST6UNST #1" = multiBANK Explorer
"Street Bike Fury_is1" = Street Bike Fury 1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.4.2009 14:52:06 | Computer Name = REDITEL | Source = MsiInstaller | ID = 11719
Description = Product: Compatibility Pack for the 2007 Office system -- Error 1719.
The Windows Installer Service could not be accessed. This can occur if you are
running Windows in safe mode, or if the Windows Installer is not correctly installed.
Contact your support personnel for assistance.

Error - 21.4.2009 14:52:06 | Computer Name = REDITEL | Source = MsiInstaller | ID = 1024
Description = Aktualizaci Security Update for Microsoft Office system 2007 (KB954326)
produktu Compatibility Pack for the 2007 Office system nebylo možné nainstalovat.
Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu
s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace
naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 23.6.2009 16:38:53 | Computer Name = REDITEL | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 23.6.2009 16:38:53 | Computer Name = REDITEL | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 24.6.2009 17:29:36 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3026
Description =

Error - 24.6.2009 17:29:36 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3026
Description =

Error - 24.6.2009 17:29:36 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3026
Description =

Error - 24.6.2009 17:29:36 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3026
Description =

Error - 24.6.2009 17:29:36 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3026
Description =

Error - 24.6.2009 17:30:08 | Computer Name = REDITEL | Source = Windows Search Service | ID = 3024
Description =

[ System Events ]
Error - 27.12.2009 5:08:36 | Computer Name = REDITEL | Source = DCOM | ID = 10010
Description = Server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 28.12.2009 6:34:29 | Computer Name = REDITEL | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 30.12.2009 10:16:54 | Computer Name = REDITEL | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC000007F
při zpracování souboru desktop.ini na svazku HarddiskVolume4. Sledování svazku
bylo ukončeno.

Error - 1.1.2010 17:36:36 | Computer Name = REDITEL | Source = Service Control Manager | ID = 7034
Description = Služba PC Tools Security Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 1.1.2010 17:58:50 | Computer Name = REDITEL | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC000007F
při zpracování souboru desktop.ini na svazku HarddiskVolume3. Sledování svazku
bylo ukončeno.

Error - 1.1.2010 18:22:17 | Computer Name = REDITEL | Source = Service Control Manager | ID = 7034
Description = Služba PC Tools Security Service byla neočekávaně ukončena. Tento
stav nastal již 2krát.

Error - 1.1.2010 19:10:21 | Computer Name = REDITEL | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC000007F
při zpracování souboru desktop.ini na svazku HarddiskVolume4. Sledování svazku
bylo ukončeno.

Error - 2.1.2010 5:40:07 | Computer Name = REDITEL | Source = DCOM | ID = 10010
Description = Server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} se v daném časovém limitu
neregistroval u služby DCOM.


< End of report >

[PetrBlade]

hijackthis.log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:44:34, on 2.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NumLocker\NumLocker.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O4 - HKLM\..\Run: [ESET NOD32] C:\Program Files\ESET\nod32kui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: NumLocker.lnk = C:\Program Files\NumLocker\NumLocker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Port pro program Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe
O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra 'Tools' menuitem: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3354158515
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 5829 bytes

[pitimir]

1) Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Qip поиск"
FF - prefs.js..browser.startup.homepage: "about:blank"
O3 - HKU\S-1-5-21-2025429265-113007714-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3354158515 (MUWebControl Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O28 - HKLM ShellExecuteHooks: {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - Reg Error: Key error. File not found
O33 - MountPoints2\{2c87a0e2-09bc-11de-9de5-0013ce5da86d}\Shell - "" = AutoRun

:commands
[emptytemp]
[clearallrestorepoints]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.


2) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.

[PetrBlade]

1)
All processes killed
========== OTL ==========
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "Qip поиск" removed from browser.search.selectedEngine
Prefs.js: "about:blank" removed from browser.startup.homepage
Registry value HKEY_USERS\S-1-5-21-2025429265-113007714-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Starting removal of ActiveX control {0742B9EF-8C83-41CA-BFBA-830A59E23533}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0742B9EF-8C83-41CA-BFBA-830A59E23533}\ not found.
Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
C:\WINDOWS\Downloaded Program Files\muweb.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}\ not found.
Starting removal of ActiveX control {8167C273-DF59-4416-B647-C8BB2C7EE83E}
C:\WINDOWS\Downloaded Program Files\MSIWDev.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8167C273-DF59-4416-B647-C8BB2C7EE83E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8167C273-DF59-4416-B647-C8BB2C7EE83E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8167C273-DF59-4416-B647-C8BB2C7EE83E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8167C273-DF59-4416-B647-C8BB2C7EE83E}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{E180F496-8A4B-44E2-9FE0-0364E345DB7F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E180F496-8A4B-44E2-9FE0-0364E345DB7F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c87a0e2-09bc-11de-9de5-0013ce5da86d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c87a0e2-09bc-11de-9de5-0013ce5da86d}\ not found.
File ptytemp] not found.
File earallrestorepoints] not found.
File boot] not found.

OTL by OldTimer - Version 3.1.20.1 log created on 01022010_135620

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[PetrBlade]

2)
Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2.1.2010 14:44:47
mbam-log-2010-01-02 (14-44-40).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 241681
Uplynulý čas: 36 minute(s), 20 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 8
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 5
Infikované soubory: 11

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{831cbac4-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{831cbac2-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86a44ef7-78fc-4e18-a564-b18f806f7f56} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ActivationManager (Trojan.MultiDefender) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550o (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NDISWon (Rootkit.Agent) -> No action taken.

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Program Files\ActivationManager (Trojan.MultiDefender) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\441465 (Trojan.BHO) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Program Files\ACE Mega CoDecS Pack\UtilitieS\Remover.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\ACE Mega CoDecS Pack\UtilitieS\AVI CoDecS\Remover.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\ActivationManager\Uninstall.exe (Trojan.MultiDefender) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology\ADSTechnology.lnk (Trojan.BHO) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology\Uninstall.lnk (Trojan.BHO) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.

[PetrBlade]

2) log po vyčištění:
Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2.1.2010 14:44:58
mbam-log-2010-01-02 (14-44-58).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 241681
Uplynulý čas: 36 minute(s), 20 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 8
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 5
Infikované soubory: 11

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{831cbac4-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{831cbac2-8283-4653-9d81-feb9f3f6e47c} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86a44ef7-78fc-4e18-a564-b18f806f7f56} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ActivationManager (Trojan.MultiDefender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550o (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NDISWon (Rootkit.Agent) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Program Files\ActivationManager (Trojan.MultiDefender) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\441465 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované soubory:
C:\Program Files\ACE Mega CoDecS Pack\UtilitieS\Remover.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\ACE Mega CoDecS Pack\UtilitieS\AVI CoDecS\Remover.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\ActivationManager\Uninstall.exe (Trojan.MultiDefender) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology\ADSTechnology.lnk (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\ADSTechnology\Uninstall.lnk (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\krejci.REDITEL\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.

[pitimir]

OK, vraz do OTL tento skript, neskopiroval si to tam spravne (resp. od kraja...ked to nespravne skopirujes, program to nevie zozrat):

Kód: Vybrat vše

:commands
[emptytemp]
[clearallrestorepoints]
[reboot]

[PetrBlade]

Dal jsem Vybrat vše a CTR+V.