Musel jsem ty zprávy rozdělit.....
========== Files/Folders - Created Within 14 Days ==========
[2010.03.03 15:03:28 | 000,551,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\David\Plocha\OTL.exe
[2010.03.03 13:59:34 | 000,162,512 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.03.03 13:59:34 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.03.03 13:59:32 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.03.03 13:59:31 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.03.03 13:59:29 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.03.03 13:59:29 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.03.03 13:59:29 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.03.03 13:59:23 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.03.03 13:59:23 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.03.02 22:52:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\David\Recent
[2010.03.02 22:49:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.03.02 22:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.03.02 22:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.03.02 16:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\Malwarebytes
[2010.03.02 16:04:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.02 16:04:34 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.02 16:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.02 16:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.03.01 20:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.01 18:31:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.03.01 16:12:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.02.28 18:50:08 | 003,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\David\Plocha\procexp.exe
[2010.02.28 12:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.02.28 09:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\ChessBase
[2010.02.28 09:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bus Simulator
[2010.02.28 09:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Fritz 9
[2010.02.28 09:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\TrackMania Nations ESWC
[2010.02.27 20:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\Uniblue
[2010.02.27 18:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2010.02.17 17:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Yaho's Miranda IM
[2010.02.17 16:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\Miranda
[2010.01.10 15:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2009.12.15 17:49:04 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\David\Data aplikací\pcouffin.sys
[2009.12.01 15:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ServiceTest
[2009.07.22 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.07.22 16:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.03.07 14:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2008.01.26 16:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Xfire
[2007.12.09 08:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Xfire
[2007.12.06 17:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.12.06 17:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\ICQ Toolbar
[2007.06.17 03:50:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2004.11.10 13:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2004.11.10 13:06:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2010.03.03 15:06:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.03 15:05:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A0657719-C4CA-4E70-ABDA-8782BFBCA169}.job
[2010.03.03 15:05:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2532709C-2E8C-42DF-A62E-5347519DE4D6}.job
[2010.03.03 15:03:31 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David\Plocha\OTL.exe
[2010.03.03 15:01:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.03 15:00:32 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.03 15:00:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.03 15:00:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.03 15:00:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.03 14:59:58 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.03 14:59:19 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010.03.03 14:59:19 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\David\ntuser.ini
[2010.03.03 14:58:49 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\David\Plocha\remove.bat
[2010.03.03 14:54:01 | 000,210,432 | ---- | M] () -- C:\Documents and Settings\David\Plocha\T-Cleaner.exe
[2010.03.03 13:59:35 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.03.03 13:59:30 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.03.02 22:56:18 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Hidden & Dangerous 2 Sabre Squadron.lnk
[2010.03.02 22:55:30 | 044,518,776 | ---- | M] () -- C:\Documents and Settings\David\Plocha\setup_av_free.exe
[2010.03.02 22:31:28 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.02 22:31:07 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.02 16:04:44 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.03.01 20:22:13 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\David\Plocha\HijackThis.lnk
[2010.02.28 17:19:43 | 000,060,576 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.28 17:18:30 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.02.28 17:18:30 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.02.28 09:55:50 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.27 10:44:34 | 000,000,749 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.02.26 23:05:04 | 000,003,612 | ---- | M] () -- C:\Documents and Settings\David\Dokumenty\cc_20100226_230458.reg
[2010.02.22 21:14:41 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\David\Dokumenty\Referat.doc
[2010.02.20 13:24:01 | 000,001,135 | ---- | M] () -- C:\WINDOWS\MyHeritage.INI
[2010.02.17 17:33:09 | 000,000,683 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Yaho's Miranda Pack.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.03.03 14:58:49 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\David\Plocha\remove.bat
[2010.03.03 14:54:00 | 000,210,432 | ---- | C] () -- C:\Documents and Settings\David\Plocha\T-Cleaner.exe
[2010.03.03 13:59:35 | 000,001,703 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.03.02 22:54:56 | 044,518,776 | ---- | C] () -- C:\Documents and Settings\David\Plocha\setup_av_free.exe
[2010.03.02 16:04:44 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.03.01 20:22:13 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\David\Plocha\HijackThis.lnk
[2010.02.27 08:36:39 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\rbuwzv.dat
[2010.02.26 23:05:02 | 000,003,612 | ---- | C] () -- C:\Documents and Settings\David\Dokumenty\cc_20100226_230458.reg
[2010.02.26 22:46:54 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat
[2010.02.22 21:14:41 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\David\Dokumenty\Referat.doc
[2010.02.17 17:33:09 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Yaho's Miranda Pack.lnk
[2009.12.15 17:49:22 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\pcouffin.log
[2009.12.15 17:49:05 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\inst.exe
[2009.12.15 17:49:05 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\pcouffin.cat
[2009.12.15 17:49:04 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\pcouffin.inf
[2009.12.15 17:27:35 | 000,000,043 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.12.15 13:25:51 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2009.12.15 13:25:51 | 000,009,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2009.12.13 15:29:44 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009.11.30 20:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.09.13 13:25:49 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.07.13 17:12:13 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dopln_u.ini
[2009.07.13 16:55:18 | 000,000,018 | ---- | C] () -- C:\WINDOWS\tamsouhl.ini
[2009.07.13 16:55:18 | 000,000,002 | ---- | C] () -- C:\WINDOWS\ponset.ini
[2009.07.13 16:54:56 | 000,035,001 | ---- | C] () -- C:\WINDOWS\wmqfrm.dll
[2009.06.11 19:24:21 | 000,000,115 | ---- | C] () -- C:\WINDOWS\WINHLP32.INI
[2009.03.24 20:16:23 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\A294CAF63B.sys
[2009.03.24 20:16:20 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2009.03.13 19:54:36 | 000,007,310 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\N360BUOptions.ini
[2009.02.27 16:20:36 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2008.12.27 17:06:59 | 000,002,094 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.14 14:20:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008.10.15 19:32:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2008.07.06 08:51:54 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.07.06 08:51:50 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.07.06 08:51:50 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.07.06 08:51:49 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.07.06 08:51:47 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.07.06 08:51:47 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.05.04 21:52:07 | 000,001,135 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2008.05.04 21:46:40 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2008.03.15 21:40:32 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.01.26 16:22:29 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2008.01.26 16:22:28 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2008.01.20 16:41:06 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll
[2007.12.21 18:37:10 | 000,000,109 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2007.11.20 14:13:20 | 000,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.11.20 14:13:19 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\PnkBstrK.sys
[2007.10.14 20:33:57 | 000,000,067 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2007.09.10 10:06:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.08.31 15:26:29 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2007.08.30 18:31:30 | 000,000,163 | ---- | C] () -- C:\WINDOWS\fre.INI
[2007.06.22 17:28:50 | 000,000,133 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007.06.22 17:28:33 | 000,000,180 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2007.06.06 10:13:02 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2007.06.02 20:32:01 | 000,000,072 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2007.06.02 11:50:56 | 000,188,928 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.02 09:45:07 | 000,000,744 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.06.02 08:46:47 | 000,000,439 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.06.02 07:38:37 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007.06.02 07:38:36 | 000,000,477 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007.06.02 07:38:36 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.06.01 18:21:27 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\fusioncache.dat
[2007.06.01 18:09:45 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.06.01 18:04:04 | 000,000,201 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2007.06.01 18:04:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\sx7383.ini
[2007.06.01 18:04:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\sx20.ini
[2007.06.01 18:04:01 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\sx5363.ini
[2007.06.01 18:03:51 | 000,028,672 | ---- | C] () -- C:\WINDOWS\wutil.dll
[2007.06.01 18:03:19 | 000,000,071 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007.06.01 17:50:06 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2006.10.22 11:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 11:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 11:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 11:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 11:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.02.04 22:04:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003.04.17 10:12:26 | 000,001,106 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002.03.04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001.09.17 12:00:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\tsseCryp.dll
[1996.12.10 23:00:00 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\DMEM.DLL
[1980.01.01 00:00:00 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
========== LOP Check ==========
[2008.02.25 17:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aion CS
[2010.03.03 13:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2007.08.01 12:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2009.11.11 20:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2009.12.21 17:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.13 02:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.12.15 17:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DVDXStudio
[2009.12.15 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Elaborate Bytes
[2009.02.28 21:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.03.15 10:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeDownloadManager.ORG
[2009.01.17 00:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2008.03.24 23:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2007.06.01 18:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2010.01.10 14:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.12.01 15:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2008.10.07 15:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010.01.10 14:04:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2007.06.06 13:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Allstar
[2009.03.01 12:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Canneverbe_Limited
[2010.02.28 09:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ChessBase
[2009.03.24 15:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\DAEMON Tools
[2009.12.21 18:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\DAEMON Tools Lite
[2007.09.08 18:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\DeepBurner
[2007.09.04 17:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Desperate Housewives
[2007.06.04 12:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\DMCache
[2010.03.03 15:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Free Download Manager
[2009.01.08 16:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\gtk-2.0
[2008.04.16 19:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ICQ
[2007.06.03 14:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ICQ Toolbar
[2007.06.03 12:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ICQLite
[2007.07.06 06:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\IDS_COMPANY
[2009.12.16 16:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\InfraRecorder
[2009.01.06 21:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Inkscape
[2009.06.10 17:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Kingston
[2010.02.17 16:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Miranda
[2008.06.11 19:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Opera
[2008.03.25 13:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\PC Suite
[2007.06.02 13:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ScanSoft
[2009.03.15 12:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Software Informer
[2008.10.15 20:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Styler
[2009.11.19 21:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\TeamViewer
[2010.01.10 14:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\TuneUp Software
[2010.02.27 20:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Uniblue
[2009.12.21 18:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Video DVD Maker FREE
[2008.10.15 20:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\ViStart
[2009.12.15 17:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Vso
[2009.12.01 15:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Western Digital
[2007.09.08 18:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\XnView
[2008.10.21 20:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Zoner
[2010.03.03 15:05:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2532709C-2E8C-42DF-A62E-5347519DE4D6}.job
[2010.03.03 15:05:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A0657719-C4CA-4E70-ABDA-8782BFBCA169}.job
========== Purity Check ==========
< End of report >
svchost.exe Vyřešeno
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: svchost.exe
Normálně se ptám: Ty rootkity si tam dáváš sám a úmyslně? Jaký antivir chceš používat: avast nebo eset? a to tam máš ještě Nortona?
Vypni si Body obnovení systému. Až se smažou, opět si je zapni.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Vypni si Body obnovení systému. Až se smažou, opět si je zapni.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - (Plánovač automatické aktualizace LiveUpdate) -- File not found
SRV - (CLTNetCnService) -- File not found
SRV - (brmfrmps) -- File not found
[2010.02.05 18:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org
[2010.01.23 14:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard
[2007.02.15 14:19:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.gif
[2009.09.10 15:50:01 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.src
[2010.02.26 14:57:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.xml
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF5060.cfx File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Windows\tasks\SA.DAT
C:\RECYCLER
C:\Documents and Settings\David\Plocha\remove.bat
C:\Documents and Settings\LocalService\Data aplikací\rbuwzv.dat
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat
C:\Documents and Settings\All Users\Data aplikací\A294CAF63B.sys
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: svchost.exe
Nedávám, eset mi přestal fungovat, takže jsem ho odinstaloval a chtěl přejít na avast, ten mi ale zatím nějak nechce fungovat....
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service Plánovač automatické aktualizace LiveUpdate stopped successfully!
Service Plánovač automatické aktualizace LiveUpdate deleted successfully!
File File not found not found.
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
File File not found not found.
Service brmfrmps stopped successfully!
Service brmfrmps deleted successfully!
File File not found not found.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\defaults\preferences folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\defaults folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\components folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\chrome folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\modules folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\defaults\preferences folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\defaults folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Windows\002645_.tmp moved successfully.
C:\Windows\System32\CONFIG.TMP moved successfully.
C:\Windows\System32\SET412.tmp moved successfully.
C:\Windows\System32\SET417.tmp moved successfully.
C:\Windows\System32\SET7B.tmp moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
C:\RECYCLER\S-1-5-21-2377382964-593406794-324482341-1008 folder moved successfully.
C:\RECYCLER folder moved successfully.
C:\Documents and Settings\David\Plocha\remove.bat moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\rbuwzv.dat moved successfully.
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\A294CAF63B.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ezsid.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 13690471 bytes
->Flash cache emptied: 405 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: David
->Temp folder emptied: 812735 bytes
->Temporary Internet Files folder emptied: 2420290 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34401174 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 563183 bytes
->Flash cache emptied: 889 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes
User: Jirka
->Temp folder emptied: 713 bytes
->Temporary Internet Files folder emptied: 70051996 bytes
->Java cache emptied: 69999612 bytes
->FireFox cache emptied: 28148105 bytes
->Opera cache emptied: 21938528 bytes
->Flash cache emptied: 134695 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Sylva
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 373795 bytes
->Java cache emptied: 31878214 bytes
->FireFox cache emptied: 3453597 bytes
->Flash cache emptied: 839 bytes
User: Vojta
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Java cache emptied: 13690471 bytes
->FireFox cache emptied: 3947127 bytes
->Flash cache emptied: 3100 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 282,00 mb
OTL by OldTimer - Version 3.1.32.0 log created on 03032010_211409
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service Plánovač automatické aktualizace LiveUpdate stopped successfully!
Service Plánovač automatické aktualizace LiveUpdate deleted successfully!
File File not found not found.
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
File File not found not found.
Service brmfrmps stopped successfully!
Service brmfrmps deleted successfully!
File File not found not found.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\defaults\preferences folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\defaults folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\components folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org\chrome folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\firegestures@xuldev.org folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\modules folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\defaults\preferences folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard\defaults folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\extensions\personas@christopher.beard folder moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\rzg74uyw.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Windows\002645_.tmp moved successfully.
C:\Windows\System32\CONFIG.TMP moved successfully.
C:\Windows\System32\SET412.tmp moved successfully.
C:\Windows\System32\SET417.tmp moved successfully.
C:\Windows\System32\SET7B.tmp moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
C:\RECYCLER\S-1-5-21-2377382964-593406794-324482341-1008 folder moved successfully.
C:\RECYCLER folder moved successfully.
C:\Documents and Settings\David\Plocha\remove.bat moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\rbuwzv.dat moved successfully.
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\A294CAF63B.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ezsid.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 13690471 bytes
->Flash cache emptied: 405 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: David
->Temp folder emptied: 812735 bytes
->Temporary Internet Files folder emptied: 2420290 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34401174 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 563183 bytes
->Flash cache emptied: 889 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes
User: Jirka
->Temp folder emptied: 713 bytes
->Temporary Internet Files folder emptied: 70051996 bytes
->Java cache emptied: 69999612 bytes
->FireFox cache emptied: 28148105 bytes
->Opera cache emptied: 21938528 bytes
->Flash cache emptied: 134695 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Sylva
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 373795 bytes
->Java cache emptied: 31878214 bytes
->FireFox cache emptied: 3453597 bytes
->Flash cache emptied: 839 bytes
User: Vojta
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Java cache emptied: 13690471 bytes
->FireFox cache emptied: 3947127 bytes
->Flash cache emptied: 3100 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 282,00 mb
OTL by OldTimer - Version 3.1.32.0 log created on 03032010_211409
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: svchost.exe Vyřešeno
Smaž složku C:\_OTL
Stáhni si jen JEDEN antivirový instalátor (nejnovější) jednoho antiviru.
ESET zkus odinstalovat tímto: http://www.nod32.nl/download/tool/nod32removal.exe (návod: http://kb.eset.com/esetkb/index?page=co ... d=SOLN2289 ).
Pokud tam máš cokoli od Nortona odinstaluj a použij i http://www.softpedia.com/get/Tweak/Unin ... Tool.shtml .
Odinstaluj i avast (s použitím awsclear - návod: http://www.avast.com/uninstall-utility ).
Smaž i všechny zbylé složky po těchto AV (v All users atd..).
Pak restartuj, vyčistit registr a disk a pak si teprve jeden antivir nainstaluj.
Už tam jinak žádnýho šmejda nevidím.
Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.
Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Stáhni si jen JEDEN antivirový instalátor (nejnovější) jednoho antiviru.
ESET zkus odinstalovat tímto: http://www.nod32.nl/download/tool/nod32removal.exe (návod: http://kb.eset.com/esetkb/index?page=co ... d=SOLN2289 ).
Pokud tam máš cokoli od Nortona odinstaluj a použij i http://www.softpedia.com/get/Tweak/Unin ... Tool.shtml .
Odinstaluj i avast (s použitím awsclear - návod: http://www.avast.com/uninstall-utility ).
Smaž i všechny zbylé složky po těchto AV (v All users atd..).
Pak restartuj, vyčistit registr a disk a pak si teprve jeden antivir nainstaluj.
Už tam jinak žádnýho šmejda nevidím.
Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.
Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: svchost.exe
Díky za pomoc a hlavně za trpělivost!
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 78 hostů