Prosim o kontrolu logu

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 15:23

zatim jsem zkusila pocitac 2x restartovat a nabehl tak do minuty, tak je to dobre, ale uvidim, nekdy nabiha normalne a pak zase hodinu. Taky se mi nekdy sekal, sekne se a pak po nejakej dobe dobe naskoci, ze hlaska ASUS Live Update - takze se to mozna seka kvuli tomu, divala jsem se ted pod bezici aplikace a bezi tam po restartu ASUS Live Update - nevis prosim k cemu tento Update je? Co, kdyby jsme ho zakazali - jestli to neni potrebne?

Reklama

Damned · Příspěvekod **Damned** » 14 bře 2010 15:31

Zaskočím.

Podíváme se tedy na procesy po vyčištění.

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

autoprd · Příspěvekod **autoprd** » 14 bře 2010 15:31

Tak sestra ho má taky notebooku ale ani nic nedělá s tima updatama xD Takže skus vypnout a restartovat a mělo by to šlapat.

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 16:05

Kopiruji sem obsah logu. K tomu startovani pocitace: vetsinou, kdyz pocitac restartuju ve stejny den, nebo ukoncim a zapnu, tak to jde v poradku, ale kdyz ho vypnu a zapnu tak za dva dny, tak to vetsinou trva dlouho, nez nabehne, nekdy 15 min, pul hodiny, nebo dyl, nebo to nekdy ukoncim a znovu zapnu.. (jestli to neni kvuli nejakemu updatu, ktery se spousti kazdy den a nejak to seka?)
Taktez se mi pri kazdem startu zobrazi hlaska: Not found any profile that can match current network environment.Do you want to create a new one? a pak je tam OK, nebo Storno..?

ComboFix 10-03-13.03 - Jorjina 14.03.2010 15:43:30.1.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.511.219 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jorjina\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 100314-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\SET52.tmp
c:\program files\Internet Explorer\SET53.tmp
c:\program files\Internet Explorer\SET55.tmp
c:\program files\Internet Explorer\SET57.tmp
c:\program files\Internet Explorer\SET58.tmp
c:\program files\Internet Explorer\SET5A.tmp
c:\program files\Internet Explorer\SET81E.tmp
c:\program files\Internet Explorer\SET81F.tmp
c:\program files\Internet Explorer\SET821.tmp
c:\windows\system32\_003562_.tmp.dll
c:\windows\system32\_003563_.tmp.dll
c:\windows\system32\_003564_.tmp.dll
c:\windows\system32\_003565_.tmp.dll
c:\windows\system32\_003566_.tmp.dll
c:\windows\system32\_003567_.tmp.dll
c:\windows\system32\_003568_.tmp.dll
c:\windows\system32\_003569_.tmp.dll
c:\windows\system32\_003570_.tmp.dll
c:\windows\system32\_003571_.tmp.dll
c:\windows\system32\_003572_.tmp.dll
c:\windows\system32\_003573_.tmp.dll
c:\windows\system32\_003574_.tmp.dll
c:\windows\system32\_003575_.tmp.dll
c:\windows\system32\_003576_.tmp.dll
c:\windows\system32\_003577_.tmp.dll
c:\windows\system32\_003578_.tmp.dll
c:\windows\system32\_003579_.tmp.dll
c:\windows\system32\_003580_.tmp.dll
c:\windows\system32\_003581_.tmp.dll
c:\windows\system32\_003582_.tmp.dll
c:\windows\system32\_003583_.tmp.dll
c:\windows\system32\_003584_.tmp.dll
c:\windows\system32\_003585_.tmp.dll
c:\windows\system32\_003586_.tmp.dll
c:\windows\system32\_003587_.tmp.dll
c:\windows\system32\_003588_.tmp.dll
c:\windows\system32\_003589_.tmp.dll
c:\windows\system32\_003590_.tmp.dll
c:\windows\system32\_003591_.tmp.dll
c:\windows\system32\_003593_.tmp.dll
c:\windows\system32\_003594_.tmp.dll
c:\windows\system32\_003595_.tmp.dll
c:\windows\system32\_003596_.tmp.dll
c:\windows\system32\_003597_.tmp.dll
c:\windows\system32\_003598_.tmp.dll
c:\windows\system32\_003599_.tmp.dll
c:\windows\system32\_003600_.tmp.dll
c:\windows\system32\_003601_.tmp.dll
c:\windows\system32\_003602_.tmp.dll
c:\windows\system32\_003603_.tmp.dll
c:\windows\system32\_003604_.tmp.dll
c:\windows\system32\_003605_.tmp.dll
c:\windows\system32\_003606_.tmp.dll
c:\windows\system32\_003607_.tmp.dll
c:\windows\system32\_003608_.tmp.dll
c:\windows\system32\_003609_.tmp.dll
c:\windows\system32\_003610_.tmp.dll
c:\windows\system32\_003611_.tmp.dll
c:\windows\system32\_003612_.tmp.dll
c:\windows\system32\_003613_.tmp.dll
c:\windows\system32\_003614_.tmp.dll
c:\windows\system32\_003615_.tmp.dll
c:\windows\system32\_003616_.tmp.dll
c:\windows\system32\_003617_.tmp.dll
c:\windows\system32\_003618_.tmp.dll
c:\windows\system32\_003619_.tmp.dll
c:\windows\system32\_003620_.tmp.dll
c:\windows\system32\_003621_.tmp.dll
c:\windows\system32\_003622_.tmp.dll
c:\windows\system32\_003623_.tmp.dll
c:\windows\system32\_003624_.tmp.dll
c:\windows\system32\_003625_.tmp.dll
c:\windows\system32\_003626_.tmp.dll
c:\windows\system32\_003627_.tmp.dll
c:\windows\system32\_003628_.tmp.dll
c:\windows\system32\_003629_.tmp.dll
c:\windows\system32\_003630_.tmp.dll
c:\windows\system32\_003631_.tmp.dll
c:\windows\system32\_003632_.tmp.dll
c:\windows\system32\_003633_.tmp.dll
c:\windows\system32\_003634_.tmp.dll
c:\windows\system32\_003635_.tmp.dll
c:\windows\system32\_003636_.tmp.dll
c:\windows\system32\_003637_.tmp.dll
c:\windows\system32\_003638_.tmp.dll
c:\windows\system32\_003639_.tmp.dll
c:\windows\system32\_003640_.tmp.dll
c:\windows\system32\_003641_.tmp.dll
c:\windows\system32\_003642_.tmp.dll
c:\windows\system32\_003643_.tmp.dll
c:\windows\system32\_003644_.tmp.dll
c:\windows\system32\_003645_.tmp.dll
c:\windows\system32\_003646_.tmp.dll
c:\windows\system32\_003647_.tmp.dll
c:\windows\system32\_003648_.tmp.dll
c:\windows\system32\_003649_.tmp.dll
c:\windows\system32\_003650_.tmp.dll
c:\windows\system32\_003651_.tmp.dll
c:\windows\system32\_003652_.tmp.dll
c:\windows\system32\_003653_.tmp.dll
c:\windows\system32\_003654_.tmp.dll
c:\windows\system32\_003655_.tmp.dll
c:\windows\system32\_003656_.tmp.dll
c:\windows\system32\_003657_.tmp.dll
c:\windows\system32\_003658_.tmp.dll
c:\windows\system32\_003659_.tmp.dll
c:\windows\system32\_003660_.tmp.dll
c:\windows\system32\_003661_.tmp.dll
c:\windows\system32\_003662_.tmp.dll
c:\windows\system32\_003663_.tmp.dll
c:\windows\system32\_003664_.tmp.dll
c:\windows\system32\_003665_.tmp.dll
c:\windows\system32\_003666_.tmp.dll
c:\windows\system32\_003667_.tmp.dll
c:\windows\system32\_003668_.tmp.dll
c:\windows\system32\_003669_.tmp.dll
c:\windows\system32\_003670_.tmp.dll
c:\windows\system32\_003671_.tmp.dll
c:\windows\system32\_003672_.tmp.dll
c:\windows\system32\_003673_.tmp.dll
c:\windows\system32\_003674_.tmp.dll
c:\windows\system32\_003675_.tmp.dll
c:\windows\system32\_003676_.tmp.dll
c:\windows\system32\_003677_.tmp.dll
c:\windows\system32\_003678_.tmp.dll
c:\windows\system32\_003679_.tmp.dll
c:\windows\system32\_003680_.tmp.dll
c:\windows\system32\_003681_.tmp.dll
c:\windows\system32\_003682_.tmp.dll
c:\windows\system32\_003683_.tmp.dll
c:\windows\system32\_003684_.tmp.dll
c:\windows\system32\_003685_.tmp.dll
c:\windows\system32\_003686_.tmp.dll
c:\windows\system32\_003687_.tmp.dll
c:\windows\system32\_003688_.tmp.dll
c:\windows\system32\_003689_.tmp.dll
c:\windows\system32\_003690_.tmp.dll
c:\windows\system32\_003691_.tmp.dll
c:\windows\system32\_003692_.tmp.dll
c:\windows\system32\_003693_.tmp.dll
c:\windows\system32\_003694_.tmp.dll
c:\windows\system32\_003695_.tmp.dll
c:\windows\system32\_003696_.tmp.dll
c:\windows\system32\_003697_.tmp.dll
c:\windows\system32\_003698_.tmp.dll
c:\windows\system32\_003699_.tmp.dll
c:\windows\system32\_003700_.tmp.dll
c:\windows\system32\_003701_.tmp.dll
c:\windows\system32\_003702_.tmp.dll
c:\windows\system32\_003703_.tmp.dll
c:\windows\system32\_003704_.tmp.dll
c:\windows\system32\_003705_.tmp.dll
c:\windows\system32\_003706_.tmp.dll
c:\windows\system32\_003707_.tmp.dll
c:\windows\system32\_003708_.tmp.dll
c:\windows\system32\_003709_.tmp.dll
c:\windows\system32\_003710_.tmp.dll
c:\windows\system32\_003711_.tmp.dll
c:\windows\system32\_003712_.tmp.dll
c:\windows\system32\_003713_.tmp.dll
c:\windows\system32\_003714_.tmp.dll
c:\windows\system32\_003715_.tmp.dll
c:\windows\system32\_003716_.tmp.dll
c:\windows\system32\_003717_.tmp.dll
c:\windows\system32\_003718_.tmp.dll
c:\windows\system32\_003719_.tmp.dll
c:\windows\system32\_003720_.tmp.dll
c:\windows\system32\_003721_.tmp.dll
c:\windows\system32\_003722_.tmp.dll
c:\windows\system32\_003723_.tmp.dll
c:\windows\system32\_003724_.tmp.dll
c:\windows\system32\_003725_.tmp.dll
c:\windows\system32\_003726_.tmp.dll
c:\windows\system32\_003727_.tmp.dll
c:\windows\system32\_003728_.tmp.dll
c:\windows\system32\_003729_.tmp.dll
c:\windows\system32\_003730_.tmp.dll
c:\windows\system32\_003731_.tmp.dll
c:\windows\system32\_003732_.tmp.dll
c:\windows\system32\_003733_.tmp.dll
c:\windows\system32\_003734_.tmp.dll
c:\windows\system32\_003735_.tmp.dll
c:\windows\system32\_003736_.tmp.dll
c:\windows\system32\_003738_.tmp.dll
c:\windows\system32\_003739_.tmp.dll
c:\windows\system32\_003740_.tmp.dll
c:\windows\system32\_003741_.tmp.dll
c:\windows\system32\_003742_.tmp.dll
c:\windows\system32\_003743_.tmp.dll
c:\windows\system32\_003744_.tmp.dll
c:\windows\system32\_003745_.tmp.dll
c:\windows\system32\_003746_.tmp.dll
c:\windows\system32\_003747_.tmp.dll
c:\windows\system32\_003748_.tmp.dll
c:\windows\system32\_003749_.tmp.dll
c:\windows\system32\_003750_.tmp.dll
c:\windows\system32\_003751_.tmp.dll
c:\windows\system32\_003752_.tmp.dll
c:\windows\system32\_003753_.tmp.dll
c:\windows\system32\_003754_.tmp.dll
c:\windows\system32\_003755_.tmp.dll
c:\windows\system32\_003756_.tmp.dll
c:\windows\system32\_003757_.tmp.dll
c:\windows\system32\_003758_.tmp.dll
c:\windows\system32\_003759_.tmp.dll
c:\windows\system32\_003760_.tmp.dll
c:\windows\system32\_003761_.tmp.dll
c:\windows\system32\_003762_.tmp.dll
c:\windows\system32\_003763_.tmp.dll
c:\windows\system32\_003764_.tmp.dll
c:\windows\system32\_003765_.tmp.dll
c:\windows\system32\_003766_.tmp.dll
c:\windows\system32\_003767_.tmp.dll
c:\windows\system32\_003768_.tmp.dll
c:\windows\system32\_003769_.tmp.dll
c:\windows\system32\_003770_.tmp.dll
c:\windows\system32\_003771_.tmp.dll
c:\windows\system32\_003772_.tmp.dll
c:\windows\system32\_003773_.tmp.dll
c:\windows\system32\_003774_.tmp.dll
c:\windows\system32\_003775_.tmp.dll
c:\windows\system32\_003776_.tmp.dll
c:\windows\system32\_003777_.tmp.dll
c:\windows\system32\_003778_.tmp.dll
c:\windows\system32\_003779_.tmp.dll
c:\windows\system32\_003780_.tmp.dll
c:\windows\system32\_003781_.tmp.dll
c:\windows\system32\_003782_.tmp.dll
c:\windows\system32\_003783_.tmp.dll
c:\windows\system32\_003784_.tmp.dll
c:\windows\system32\_003785_.tmp.dll
c:\windows\system32\_003786_.tmp.dll
c:\windows\system32\_003787_.tmp.dll
c:\windows\system32\_003788_.tmp.dll
c:\windows\system32\_003789_.tmp.dll
c:\windows\system32\_003790_.tmp.dll
c:\windows\system32\_003791_.tmp.dll
c:\windows\system32\_003792_.tmp.dll
c:\windows\system32\_003793_.tmp.dll
c:\windows\system32\_003794_.tmp.dll
c:\windows\system32\_003795_.tmp.dll
c:\windows\system32\_003796_.tmp.dll
c:\windows\system32\_003797_.tmp.dll
c:\windows\system32\_003798_.tmp.dll
c:\windows\system32\_003799_.tmp.dll
c:\windows\system32\_003800_.tmp.dll
c:\windows\system32\_003801_.tmp.dll
c:\windows\system32\_003802_.tmp.dll
c:\windows\system32\_003803_.tmp.dll
c:\windows\system32\_003804_.tmp.dll
c:\windows\system32\_003805_.tmp.dll
c:\windows\system32\_003806_.tmp.dll
c:\windows\system32\_003807_.tmp.dll
c:\windows\system32\_003808_.tmp.dll
c:\windows\system32\_003810_.tmp.dll
c:\windows\system32\_003811_.tmp.dll
c:\windows\system32\_003812_.tmp.dll
c:\windows\system32\_003813_.tmp.dll
c:\windows\system32\_003814_.tmp.dll
c:\windows\system32\_003815_.tmp.dll
c:\windows\system32\_003816_.tmp.dll
c:\windows\system32\_003817_.tmp.dll
c:\windows\system32\_003818_.tmp.dll
c:\windows\system32\_003819_.tmp.dll
c:\windows\system32\_003820_.tmp.dll
c:\windows\system32\_003821_.tmp.dll
c:\windows\system32\_003822_.tmp.dll
c:\windows\system32\_003823_.tmp.dll
c:\windows\system32\_003825_.tmp.dll
c:\windows\system32\_003827_.tmp.dll
c:\windows\system32\_003828_.tmp.dll
c:\windows\system32\_003829_.tmp.dll
c:\windows\system32\_003830_.tmp.dll
c:\windows\system32\_003831_.tmp.dll
c:\windows\system32\_003832_.tmp.dll
c:\windows\system32\_003833_.tmp.dll
c:\windows\system32\_003834_.tmp.dll
c:\windows\system32\_003835_.tmp.dll
c:\windows\system32\_003836_.tmp.dll
c:\windows\system32\_003838_.tmp.dll
c:\windows\system32\_003839_.tmp.dll
c:\windows\system32\_003840_.tmp.dll
c:\windows\system32\_003841_.tmp.dll
c:\windows\system32\_003842_.tmp.dll
c:\windows\system32\_003843_.tmp.dll
c:\windows\system32\_003844_.tmp.dll
c:\windows\system32\_003845_.tmp.dll
c:\windows\system32\_003846_.tmp.dll
c:\windows\system32\_003847_.tmp.dll
c:\windows\system32\_003848_.tmp.dll
c:\windows\system32\_003849_.tmp.dll
c:\windows\system32\_003850_.tmp.dll
c:\windows\system32\_003851_.tmp.dll
c:\windows\system32\_003852_.tmp.dll
c:\windows\system32\_003853_.tmp.dll
c:\windows\system32\_003854_.tmp.dll
c:\windows\system32\_003856_.tmp.dll
c:\windows\system32\_003857_.tmp.dll
c:\windows\system32\_003858_.tmp.dll
c:\windows\system32\_003859_.tmp.dll
c:\windows\system32\_003861_.tmp.dll
c:\windows\system32\_003863_.tmp.dll
c:\windows\system32\_003864_.tmp.dll
c:\windows\system32\_003865_.tmp.dll
c:\windows\system32\_003866_.tmp.dll
c:\windows\system32\_003867_.tmp.dll
c:\windows\system32\_003868_.tmp.dll
c:\windows\system32\_003869_.tmp.dll
c:\windows\system32\_003871_.tmp.dll
c:\windows\system32\_003872_.tmp.dll
c:\windows\system32\_003873_.tmp.dll
c:\windows\system32\_003874_.tmp.dll
c:\windows\system32\_003875_.tmp.dll
c:\windows\system32\_003876_.tmp.dll
c:\windows\system32\_003877_.tmp.dll
c:\windows\system32\_003878_.tmp.dll
c:\windows\system32\_003880_.tmp.dll
c:\windows\system32\_003881_.tmp.dll
c:\windows\system32\_003883_.tmp.dll
c:\windows\system32\_003884_.tmp.dll
c:\windows\system32\_003886_.tmp.dll
c:\windows\system32\_003887_.tmp.dll
c:\windows\system32\_003891_.tmp.dll
c:\windows\system32\_003892_.tmp.dll
c:\windows\system32\_003894_.tmp.dll
c:\windows\system32\_003897_.tmp.dll
c:\windows\system32\_003899_.tmp.dll
c:\windows\system32\_003900_.tmp.dll
c:\windows\system32\_003901_.tmp.dll
c:\windows\system32\_003902_.tmp.dll
c:\windows\system32\_003905_.tmp.dll
c:\windows\system32\_003906_.tmp.dll
c:\windows\system32\_003907_.tmp.dll
c:\windows\system32\_003908_.tmp.dll
c:\windows\system32\_003909_.tmp.dll
c:\windows\system32\_003914_.tmp.dll
c:\windows\system32\_003916_.tmp.dll
c:\windows\system32\_003917_.tmp.dll
c:\windows\system32\SET248.tmp
c:\windows\system32\SET434.tmp
c:\windows\system32\SET52C.tmp
c:\windows\system32\SET65C.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-14 14:54 . 2003-07-29 02:18 3839 ----a-w- c:\windows\system32\drivers\GETPADD.sys
2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\documents and settings\Jorjina\Application Data\Malwarebytes
2010-03-14 12:52 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-14 12:52 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 12:43 . 2010-03-14 12:43 -------- d-----w- c:\program files\Startup Manager
2010-03-14 12:43 . 2010-03-14 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Startup Manager
2010-03-14 11:48 . 2010-03-14 11:48 -------- d-----w- c:\documents and settings\Jorjina\.jenny
2010-03-14 11:27 . 2010-03-14 11:27 -------- d-----w- c:\program files\Trend Micro
2010-03-11 08:22 . 2009-10-23 14:27 3555328 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-06 19:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-03 18:33 . 2010-03-03 18:33 -------- d-----w- C:\FOUND.007
2010-02-25 18:48 . 2010-02-25 18:48 -------- d-----w- c:\documents and settings\Jorjina\Local Settings\Application Data\Temp
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-27 10:46 . 2006-11-11 04:46 46472 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-26 15:53 . 2010-01-26 15:53 -------- d-----w- c:\program files\MSXML 6.0
2009-12-31 16:14 . 2009-09-04 21:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 18:39 . 2009-12-22 18:39 922112 ------w- c:\windows\system32\imapi2fs.dll
2009-12-22 18:39 . 2009-12-22 18:39 426496 ------w- c:\windows\system32\imapi2.dll
2009-12-22 18:39 . 2009-09-04 21:12 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-12-21 19:14 . 2006-09-18 09:36 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 12:58 . 2006-11-11 04:03 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-13 00:20 . 2009-12-13 00:19 34628928 ----a-w- c:\program files\sdsetup.exe
2009-12-11 23:33 . 2009-12-11 23:33 3168382 ----a-w- c:\program files\SopCast.zip
2008-09-16 21:03 . 2008-09-16 21:02 11775656 ----a-w- c:\program files\solovnik.jar
2010-03-02 18:17 . 2010-03-02 18:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Net4Switch"="c:\program files\ASUS\Net4Switch\Net4Switch.exe" [2006-04-13 1101824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"USB Storage Toolbox"="c:\program files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 65536]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-03-13 2957824]
"EzAgent"="c:\program files\ASUS\EZVCR\Agent.exe" [2006-07-26 122880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
MultiFrame.lnk - c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe [2006-11-11 491520]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-5-16 1777664]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2krxx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8dkxx.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
2006-02-21 14:20 180224 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-03-02 18:16 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
2006-09-07 16:58 778240 ----a-w- c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 02:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.6.2008 9:38 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.11.2007 11:00 138752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.6.2008 9:38 20560]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [8.8.2006 23:15 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [8.8.2006 23:15 7808]
S0 ati2krxx;ati2krxx;c:\windows\system32\Drivers\ati2krxx.sys --> c:\windows\system32\Drivers\ati2krxx.sys [?]
S0 ati8dkxx;ati8dkxx;c:\windows\system32\Drivers\ati8dkxx.sys --> c:\windows\system32\Drivers\ati8dkxx.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 20:43 135664]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2.3.2010 19:16 30192]
S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [11.11.2006 5:51 34944]
S3 u3kmini;ASUS My Cinema-U3000 Mini;c:\windows\system32\drivers\u3kmini.sys [27.1.2007 16:10 352000]
.
Obsah adresáře 'Naplánované úlohy'

2010-03-07 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8169910126.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]

2010-03-14 c:\windows\Tasks\User_Feed_Synchronization-{0E99E48D-559D-436A-B7EA-CE69516BBDDF}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:43]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/skinit/icq/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {7CAA2651-3364-496F-8B20-441979C86088} = 193.171.41.2,193.171.40.2
TCP: {E5B0D419-F521-463D-92FC-123400F0D35C} = 82.99.133.33,82.93.133.35
FF - ProfilePath - c:\documents and settings\Jorjina\Application Data\Mozilla\Firefox\Profiles\ojg5cyw9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.sms.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9b.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 15:56
Windows 5.1.2600 Service Pack 2 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3256)
c:\windows\system32\WININET.dll
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\eHome\ehmsas.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-03-14 16:00:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-14 15:00

Před spuštěním: 8 335 130 624 bytes free
Po spuštění: 9 618 849 792 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 421135E1521A41398CDD3C5C0A43E900

Damned · Příspěvekod **Damned** » 14 bře 2010 16:50

Uff! Těch tam tedy bylo :shock:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\Drivers\ati2krxx.sys
c:\windows\system32\Drivers\ati8dkxx.sys

Folder::
C:\FOUND.007

DirLook::
c:\documents and settings\Jorjina\.jenny

Driver::
ati2krxx;ati2krxx
ati2krxx
ati8dkxx;ati8dkxx
ati8dkxx

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2krxx.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8dkxx.sys]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=-

Rootkit::
ati8dkxx
ati2krxx

Registry-clean::

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 17:10

prikladam ten log:

ComboFix 10-03-13.03 - Jorjina 14.03.2010 16:57:16.2.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.511.195 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jorjina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jorjina\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 100314-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\Drivers\ati2krxx.sys"
"c:\windows\system32\Drivers\ati8dkxx.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\FOUND.007
c:\found.007\FILE0000.CHK
c:\found.007\FILE0001.CHK

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ati2krxx
-------\Service_ati8dkxx

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\documents and settings\Jorjina\Application Data\Malwarebytes
2010-03-14 12:52 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-14 12:52 . 2010-03-14 12:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-14 12:52 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 12:43 . 2010-03-14 12:43 -------- d-----w- c:\program files\Startup Manager
2010-03-14 12:43 . 2010-03-14 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Startup Manager
2010-03-14 11:48 . 2010-03-14 11:48 -------- d-----w- c:\documents and settings\Jorjina\.jenny
2010-03-14 11:27 . 2010-03-14 11:27 -------- d-----w- c:\program files\Trend Micro
2010-03-11 08:22 . 2009-10-23 14:27 3555328 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-06 19:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-25 18:48 . 2010-02-25 18:48 -------- d-----w- c:\documents and settings\Jorjina\Local Settings\Application Data\Temp
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-27 10:46 . 2006-11-11 04:46 46472 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-26 15:53 . 2010-01-26 15:53 -------- d-----w- c:\program files\MSXML 6.0
2009-12-31 16:14 . 2009-09-04 21:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 18:39 . 2009-12-22 18:39 922112 ------w- c:\windows\system32\imapi2fs.dll
2009-12-22 18:39 . 2009-12-22 18:39 426496 ------w- c:\windows\system32\imapi2.dll
2009-12-22 18:39 . 2009-09-04 21:12 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-12-21 19:14 . 2006-09-18 09:36 916480 ------w- c:\windows\system32\wininet.dll
2009-12-16 12:58 . 2006-11-11 04:03 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-13 00:20 . 2009-12-13 00:19 34628928 ----a-w- c:\program files\sdsetup.exe
2009-12-11 23:33 . 2009-12-11 23:33 3168382 ----a-w- c:\program files\SopCast.zip
2008-09-16 21:03 . 2008-09-16 21:02 11775656 ----a-w- c:\program files\solovnik.jar
2010-03-02 18:17 . 2010-03-02 18:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\Jorjina\.jenny ----

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Net4Switch"="c:\program files\ASUS\Net4Switch\Net4Switch.exe" [2006-04-13 1101824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"USB Storage Toolbox"="c:\program files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 65536]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"EzAgent"="c:\program files\ASUS\EZVCR\Agent.exe" [2006-07-26 122880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
MultiFrame.lnk - c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe [2006-11-11 491520]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-5-16 1777664]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
2006-02-21 14:20 180224 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-03-02 18:16 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
2006-09-07 16:58 778240 ----a-w- c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 02:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.6.2008 9:38 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.11.2007 11:00 138752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.6.2008 9:38 20560]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [8.8.2006 23:15 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [8.8.2006 23:15 7808]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 20:43 135664]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2.3.2010 19:16 30192]
S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [11.11.2006 5:51 34944]
S3 u3kmini;ASUS My Cinema-U3000 Mini;c:\windows\system32\drivers\u3kmini.sys [27.1.2007 16:10 352000]
.
Obsah adresáře 'Naplánované úlohy'

2010-03-14 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8169910126.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52]

2010-03-14 c:\windows\Tasks\User_Feed_Synchronization-{0E99E48D-559D-436A-B7EA-CE69516BBDDF}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:43]

2010-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/skinit/icq/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {7CAA2651-3364-496F-8B20-441979C86088} = 193.171.41.2,193.171.40.2
TCP: {E5B0D419-F521-463D-92FC-123400F0D35C} = 82.99.133.33,82.93.133.35
FF - ProfilePath - c:\documents and settings\Jorjina\Application Data\Mozilla\Firefox\Profiles\ojg5cyw9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.sms.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 17:05
Windows 5.1.2600 Service Pack 2 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3216)
c:\windows\system32\WININET.dll
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\eHome\ehmsas.exe
c:\windows\RTHDCPL.EXE
c:\windows\ATK0100\ATKOSD.exe
c:\windows\system32\ACEngSvr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
.
**************************************************************************
.
Celkový čas: 2010-03-14 17:09:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-14 16:09
ComboFix2.txt 2010-03-14 15:00

Před spuštěním: 10 523 967 488 bytes free
Po spuštění: 10 467 737 600 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 5B2E7CA756BF7CBF4AE90A88BBDF518C

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 17:15

jinak jsem ten Asus Live Update zakazala, nevadi to?
Mohu povolit ten GoogleDesktop, nebo to take nejak zlobi?

Damned · Příspěvekod **Damned** » 14 bře 2010 17:25

Můžeš si ho povolit (Google TB), aktualizace ASUS zas nejsou tak časté, aby musel aktualizátor stále běžet-ponech vypnuté.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 19:47

Posilam logy z OTL:

OTL logfile created on: 14.3.2010 19:34:08 - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Jorjina\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 218,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 42,37 Gb Total Space | 14,57 Gb Free Space | 34,39% Space Free | Partition Type: FAT32
Drive D: | 28,22 Gb Total Space | 23,14 Gb Free Space | 81,98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,65 Gb Total Space | 257,63 Gb Free Space | 55,33% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VIDEN
Current User Name: Jorjina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Jorjina\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ATK0100\HControl.exe ()
PRC - C:\WINDOWS\ATK0100\ATKOSD.exe ()
PRC - C:\Program Files\Asus\EZVCR\Agent.exe (ASUS)
PRC - C:\Program Files\Asus\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
PRC - C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\Asus\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Asus\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Asus\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
PRC - C:\WINDOWS\system32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe (Hewlett-Packard Co.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Jorjina\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Asus\Asus MultiFrame\HookTitle.dll ()

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state) -- File not found
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)

========== Driver Services (SafeList) ==========

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
DRV - (u3kmini) -- C:\WINDOWS\system32\drivers\u3kmini.sys (ASUSTeK)
DRV - (SynMini) -- C:\WINDOWS\system32\drivers\SynMini.sys ()
DRV - (SynScan) -- C:\WINDOWS\system32\drivers\SynScan.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys (TOSHIBA Corporation)
DRV - (ipswuio) -- C:\WINDOWS\system32\drivers\ipswuio.sys (Windows (R) 2000 DDK provider)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (toshidpt) -- C:\WINDOWS\system32\drivers\toshidpt.sys (TOSHIBA Corporation.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (AFS2K) -- C:\WINDOWS\system32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/def ... earch.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.sms.cz/"
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.5.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007.03.03 17:04:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007.03.03 17:04:54 | 000,000,000 | ---D | M]

[2008.08.27 23:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\mozilla\Extensions
[2008.08.27 23:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jorjina\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007.03.03 17:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\mozilla\Firefox\Profiles\ojg5cyw9.default\extensions
[2009.09.15 01:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\mozilla\Firefox\Profiles\ojg5cyw9.default\extensions\autopager@mozilla.org
[2010.03.09 19:26:54 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-17.xml
[2009.10.29 19:25:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-14.xml
[2010.01.08 14:18:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-16.xml
[2009.12.22 23:13:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-15.xml
[2010.02.21 18:32:30 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-7.xml
[2009.09.23 00:20:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-12.xml
[2009.09.23 23:23:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-10.xml
[2009.09.24 18:04:20 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin.xml
[2009.09.25 15:12:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-5.xml
[2009.09.26 17:11:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-6.xml
[2009.10.04 23:58:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-13.xml
[2009.10.07 20:16:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-11.xml
[2009.10.07 21:05:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-4.xml
[2009.10.10 21:49:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-8.xml
[2009.10.12 12:58:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-3.xml
[2009.10.15 17:57:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-2.xml
[2009.10.16 11:44:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-1.xml
[2009.10.17 21:05:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-9.xml
[2007.03.03 17:04:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.03.03 17:04:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007.06.01 20:18:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2010.02.22 18:10:58 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.02.22 18:10:54 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.03.02 19:17:34 | 000,119,808 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2005.09.24 05:44:16 | 000,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008.09.10 20:56:44 | 000,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008.09.10 20:37:54 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010.02.22 18:11:38 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.01.17 18:58:46 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.01.17 18:58:46 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.17 18:58:46 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.17 18:58:46 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.17 18:58:46 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.17 18:58:48 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2010.03.02 19:17:34 | 000,002,020 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\googledesktop.xml

O1 HOSTS File: ([2010.03.14 17:05:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.)
O4 - HKLM..\Run: [ACMON] C:\Program Files\Asus\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\Asus\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EzAgent] C:\Program Files\Asus\EZVCR\Agent.exe (ASUS)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKCU..\Run: [Net4Switch] C:\Program Files\Asus\Net4Switch\Net4Switch.exe (ASUS)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MultiFrame.lnk = C:\Program Files\Asus\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jorjina\My Documents\My Pictures\Příroda.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jorjina\My Documents\My Pictures\Příroda.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.03.14 19:26:29 | 000,555,008 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorjina\Desktop\OTL.exe
[2010.03.14 15:42:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.03.14 14:30:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\Desktop\Plocha
[2010.03.14 14:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\My Documents\Oberon Media
[2010.03.14 13:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\Application Data\Malwarebytes
[2010.03.14 13:52:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.14 13:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.03.14 13:52:02 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.14 13:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.14 13:51:04 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jorjina\Desktop\mbam-setup.exe
[2010.03.14 13:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Manager
[2010.03.14 13:43:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Startup Manager
[2010.03.14 13:42:11 | 001,017,888 | ---- | C] (Glenn Van Loon ) -- C:\Documents and Settings\Jorjina\Desktop\StM_setup242-re.exe
[2010.03.14 12:48:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\.jenny
[2010.03.14 12:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.11 09:22:08 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.03.10 18:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\Desktop\Fotky do složky Vyvolat
[2010.03.06 20:59:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.03.02 19:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorjina\My Documents\Moje moduly Google Gadgets
[2010.01.30 20:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009.12.13 18:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009.12.13 18:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Threat Expert
[2009.12.13 18:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009.12.13 18:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2009.12.13 01:19:58 | 034,628,928 | ---- | C] (PC Tools ) -- C:\Program Files\sdsetup.exe
[2009.03.15 18:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\DivX
[2006.11.11 05:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006.11.11 05:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006.11.11 04:59:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006.11.11 04:59:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[51 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2643 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[21 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.03.14 19:26:28 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorjina\Desktop\OTL.exe
[2010.03.14 19:25:30 | 000,210,432 | ---- | M] () -- C:\Documents and Settings\Jorjina\Desktop\T-Cleaner.exe
[2010.03.14 18:53:08 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.14 17:05:52 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.14 17:05:38 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.14 17:05:02 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.14 17:04:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.14 17:04:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.14 17:04:46 | 536,203,264 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.14 17:03:38 | 008,650,752 | ---- | M] () -- C:\Documents and Settings\Jorjina\NTUSER.DAT
[2010.03.14 17:03:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jorjina\ntuser.ini
[2010.03.14 16:02:02 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1169910126.job
[2010.03.14 15:42:14 | 000,000,279 | RHS- | M] () -- C:\boot.ini
[2010.03.14 15:37:50 | 000,000,675 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.14 15:37:50 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2010.03.14 13:52:10 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.14 13:51:20 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jorjina\Desktop\mbam-setup.exe
[2010.03.14 13:46:48 | 000,229,683 | ---- | M] () -- C:\Documents and Settings\Jorjina\Desktop\procesy.JPG
[2010.03.14 13:43:22 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\Jorjina\Desktop\Startup Manager.lnk
[2010.03.14 13:42:16 | 001,017,888 | ---- | M] (Glenn Van Loon ) -- C:\Documents and Settings\Jorjina\Desktop\StM_setup242-re.exe
[2010.03.14 13:29:06 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0E99E48D-559D-436A-B7EA-CE69516BBDDF}.job
[2010.03.14 12:27:24 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\Jorjina\Desktop\HijackThis.lnk
[2010.03.14 11:30:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.11 22:28:18 | 000,000,260 | ---- | M] () -- C:\WINDOWS\LEXICON.INI
[2010.03.09 07:04:24 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.03.07 15:55:16 | 000,000,522 | ---- | M] () -- C:\hpfr3420.xml
[2010.03.02 21:12:56 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Jorjina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.02 21:12:06 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[51 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2643 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[21 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.14 19:25:38 | 000,210,432 | ---- | C] () -- C:\Documents and Settings\Jorjina\Desktop\T-Cleaner.exe
[2010.03.14 15:42:13 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2010.03.14 15:42:12 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.03.14 13:52:07 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.14 13:46:47 | 000,229,683 | ---- | C] () -- C:\Documents and Settings\Jorjina\Desktop\procesy.JPG
[2010.03.14 13:43:21 | 000,000,604 | ---- | C] () -- C:\Documents and Settings\Jorjina\Desktop\Startup Manager.lnk
[2010.03.14 12:27:22 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Jorjina\Desktop\HijackThis.lnk
[2009.12.12 00:33:57 | 003,168,382 | ---- | C] () -- C:\Program Files\SopCast.zip
[2009.05.06 20:18:38 | 000,000,400 | ---- | C] () -- C:\WINDOWS\T602.INI
[2009.03.12 19:07:56 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.03.12 19:07:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.03.12 19:07:48 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.03.12 19:07:48 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.02.20 19:24:10 | 000,003,112 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.17 01:44:52 | 000,000,260 | ---- | C] () -- C:\WINDOWS\LEXICON.INI
[2008.09.16 22:02:17 | 011,775,656 | ---- | C] () -- C:\Program Files\solovnik.jar
[2008.09.07 19:49:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008.09.07 19:07:42 | 000,000,088 | ---- | C] () -- C:\WINDOWS\STXKBD32.INI
[2008.09.07 19:06:17 | 000,002,371 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.09.07 19:01:50 | 000,003,675 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.02.05 22:41:29 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.05 22:41:29 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007.11.09 11:00:45 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2007.01.27 15:44:30 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007.01.21 20:13:43 | 000,000,024 | ---- | C] () -- C:\WINDOWS\ATKPF.ini
[2007.01.21 20:08:34 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Jorjina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.21 19:04:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.21 16:33:23 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Jorjina\Local Settings\Application Data\fusioncache.dat
[2006.12.23 16:40:27 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.12.19 01:37:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006.11.11 05:44:53 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.11.11 05:11:42 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.11.10 23:20:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.18 10:39:22 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2006.09.18 10:39:22 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.08.28 13:20:44 | 000,033,625 | ---- | C] () -- C:\WINDOWS\ezvcr.ini
[2006.08.08 23:15:13 | 001,116,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynMini.sys
[2006.08.08 23:15:13 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynScan.sys
[2006.08.08 23:15:11 | 000,498,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynPin.sys
[2006.08.08 23:15:11 | 000,028,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynCamd.sys
[2006.08.08 23:15:11 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynSam.sys
[2006.07.20 05:57:59 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.07.20 05:57:59 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.07.20 05:57:59 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.07.20 05:57:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.07.20 05:57:59 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.01.02 19:16:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\ABLKSR.ini
[2005.09.02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.08.05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005.02.17 08:07:47 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.04.07 20:32:14 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[1999.01.22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997.06.25 14:24:16 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\RegObj.dll

========== LOP Check ==========

[2007.02.04 14:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2008.07.09 18:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.12.13 01:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.14 13:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Startup Manager
[2007.01.05 19:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\ICQLite
[2007.01.05 19:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\ICQ Toolbar
[2007.02.04 18:14:18 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jorjina\Application Data\Asus MiVo Messenger
[2007.03.03 17:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\Nvu
[2007.04.02 16:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\CmapTools
[2007.05.13 15:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\ESRI
[2007.11.09 11:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\Spyware Terminator
[2008.07.09 18:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\ICQ
[2008.09.07 19:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\Toshiba
[2008.11.30 00:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorjina\Application Data\MSNInstaller
[2010.03.14 16:02:02 | 000,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1169910126.job
[2010.03.14 13:29:06 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0E99E48D-559D-436A-B7EA-CE69516BBDDF}.job

========== Purity Check ==========

< End of report >

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 19:48

a log z EXTRAS:

OTL Extras logfile created on: 14.3.2010 19:34:08 - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Jorjina\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 218,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 42,37 Gb Total Space | 14,57 Gb Free Space | 34,39% Space Free | Partition Type: FAT32
Drive D: | 28,22 Gb Total Space | 23,14 Gb Free Space | 81,98% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,65 Gb Total Space | 257,63 Gb Free Space | 55,33% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VIDEN
Current User Name: Jorjina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe" = C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows -- (Microsoft Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01161F64-6897-4885-93A0-A9F7BE9A4253}" = hp psc 1100 series
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{239BB983-8A2D-4974-B780-2ADAE32752D5}" = Windows Live installer
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36C991BC-0116-4777-AC7C-4B2A5D7C6DEF}" = Localization Pack for Microsoft Windows XP Media Center Edition
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One ovladač
"{89DDBCD4-B326-4545-9A05-26C7B16C1DEB}" = PowerForPhone
"{8D2A1A00-F630-49ED-8E6C-C199544DD3AB}" = ASUS My Cinema-U3000 Mini
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = Asus MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1029-7B44-A70500000002}" = Adobe Reader 7.0.5 - Czech
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{CE651735-FDDC-47EA-BFFD-3BF9472B8E85}" = ASUS EZVCR
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"bsplayerv2_is1" = BSplayer Pro 2.12.941
"Google Desktop" = Google Desktop
"HControl" = ATK0100 ACPI UTILITY
"HijackThis" = HijackThis 2.0.2
"HP PSC 1100 Series" = Zpracování fotografií a obrázkù HP 2.0 - HP psc 1100
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"IHMC CmapTools v4.09" = IHMC CmapTools v4.09
"InstallShield_{CE651735-FDDC-47EA-BFFD-3BF9472B8E85}" = ASUS EZVCR
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.0
"M3" = Asus MiVo Messenger
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.

" = Mozilla Firefox (3.5.

"MSNINST" = MSN
"MV2Player" = MV2Player (remove only)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"R for Windows_is1" = R for Windows 2.6.2
"SopCast" = SopCast 3.0.3
"Spyware Terminator_is1" = Spyware Terminator
"Startup_Manager_is1" = Startup Manager 2.4.2
"Totalcmd" = Total Commander (Remove or Repair)
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR
"ZAV_is1" = ZAV 4.20 (32bit)

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 24.12.2008 18:53:22 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: CreateEventsAndMapping map panic!!
- server DOWN???, 000005AF.

Error - 20.1.2009 10:33:39 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Program Files\Intel\Wireless\bin\EvTrace\DB\TraceCSY.ldb failed, 00000005.

Error - 22.1.2009 5:51:22 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://1.im.cz/ad/im.js failed, 0000A413.

Error - 1.2.2009 5:50:12 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://1.im.cz/ad/im.js failed, 0000A413.

Error - 2.2.2009 6:27:40 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://1.im.cz/ad/im.js failed, 0000A413.

Error - 8.2.2009 15:24:31 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://1.im.cz/ad/im.js failed, 0000A413.

Error - 18.2.2009 4:05:37 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://1.im.cz/ad/im.js failed, 0000A413.

Error - 23.5.2009 17:12:25 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUME~1\Jorjina\LOCALS~1\Temp\Acr520.tmp failed, 0000A413.

Error - 7.6.2009 17:27:46 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUME~1\Jorjina\LOCALS~1\Temp\Acr556.tmp failed, 0000A413.

Error - 11.11.2009 16:13:35 | Computer Name = VIDEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://vyuka.lide.cz/services/rpc/ea/scormserver.aspx failed, 0000A413.

[ Application Events ]
Error - 4.3.2010 14:58:12 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3685, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.3.2010 3:45:54 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mshta.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.3.2010 3:53:11 | Computer Name = VIDEN | Source = Google Update | ID = 20
Description =

Error - 11.3.2010 4:23:17 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3685, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.3.2010 6:39:11 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3685, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.3.2010 6:39:12 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3685, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.3.2010 6:39:26 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3685, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.3.2010 8:57:18 | Computer Name = VIDEN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Picasa3.exe, verze 3.6.105.41, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.3.2010 12:53:09 | Computer Name = VIDEN | Source = Google Update | ID = 20
Description =

Error - 14.3.2010 13:53:07 | Computer Name = VIDEN | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 14.3.2010 10:55:07 | Computer Name = VIDEN | Source = DCOM | ID = 10010
Description = Server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 14.3.2010 10:55:27 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7000
Description = Služba Správce odesílání neuspěla při spuštění v důsledku následující
chyby: %%1079

Error - 14.3.2010 10:56:15 | Computer Name = VIDEN | Source = DCOM | ID = 10010
Description = Server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 14.3.2010 10:56:17 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
avast! Web Scanner.

Error - 14.3.2010 10:56:17 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7000
Description = Služba avast! Web Scanner neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.3.2010 10:57:08 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
avast! Web Scanner.

Error - 14.3.2010 10:57:08 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7000
Description = Služba avast! Web Scanner neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.3.2010 12:05:20 | Computer Name = VIDEN | Source = Service Control Manager | ID = 7000
Description = Služba Správce odesílání neuspěla při spuštění v důsledku následující
chyby: %%1079

Error - 14.3.2010 12:05:34 | Computer Name = VIDEN | Source = DCOM | ID = 10010
Description = Server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 14.3.2010 12:06:23 | Computer Name = VIDEN | Source = DCOM | ID = 10010
Description = Server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} se v daném časovém limitu
neregistroval u služby DCOM.

< End of report >

Damned · Příspěvekod **Damned** » 14 bře 2010 20:07

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - (aspnet_state) -- File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2010.03.09 19:26:54 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-17.xml
[2009.10.29 19:25:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-14.xml
[2010.01.08 14:18:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-16.xml
[2009.12.22 23:13:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-15.xml
[2010.02.21 18:32:30 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-7.xml
[2009.09.23 00:20:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-12.xml
[2009.09.23 23:23:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-10.xml
[2009.09.24 18:04:20 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin.xml
[2009.09.25 15:12:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-5.xml
[2009.09.26 17:11:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-6.xml
[2009.10.04 23:58:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-13.xml
[2009.10.07 20:16:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-11.xml
[2009.10.07 21:05:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-4.xml
[2009.10.10 21:49:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-8.xml
[2009.10.12 12:58:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-3.xml
[2009.10.15 17:57:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-2.xml
[2009.10.16 11:44:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-1.xml
[2009.10.17 21:05:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-9.xml

:Files
C:\WINDOWS\*.tmp /s
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\System32\dllcache\*.tmp /s
C:\Recycler
C:\$RECYCLE.BIN
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat
C:\Documents and Settings\Jorjina\.jenny
C:\Documents and Settings\LocalService\Local Settings\Application Data\Threat Expert
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\System32\dllcache\*.tmp
C:\Windows\tasks\SA.DAT

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[clearallrestorepoint]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Jorjina · Příspěvekod **Jorjina** » 14 bře 2010 20:36

posilam hotovy log: (vzdy po restartu pocitace se mi zobrazi okno, ktere ma nohore v modre liste napsano Inform a v sedem okenku pod tim Not found any profile that can match current network environment. Do you want to create a new one? a moznost volby Ok a Storno. Nevis prosim jak toto okno zakazat? Kdyz dam storno, tak se objevi po restartu znovu a pri OK zadam jmeno profilu a priste se objevi stejne znovu, hlavne nevim co to je za okno, aby to nebylo nejaky spyware.

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
Service aspnet_state stopped successfully!
Service aspnet_state deleted successfully!
File File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Jorjina\Application Data\Mozilla\FireFox\Profiles\ojg5cyw9.default\searchplugins\icqplugin-9.xml moved successfully.
========== FILES ==========
C:\WINDOWS\003202_.tmp moved successfully.
C:\WINDOWS\003203_.tmp moved successfully.
C:\WINDOWS\SET4E5.tmp moved successfully.
C:\WINDOWS\SET5DD.tmp moved successfully.
C:\WINDOWS\003204_.tmp moved successfully.
C:\WINDOWS\SET6D1.tmp moved successfully.
C:\WINDOWS\003206_.tmp moved successfully.
C:\WINDOWS\003205_.tmp moved successfully.
C:\WINDOWS\003173_.tmp moved successfully.
C:\WINDOWS\SET7CB.tmp moved successfully.
C:\WINDOWS\SET8F0.tmp moved successfully.
C:\WINDOWS\SET9C2.tmp moved successfully.
C:\WINDOWS\003172_.tmp moved successfully.
C:\WINDOWS\003160_.tmp moved successfully.
C:\WINDOWS\SETAAF.tmp moved successfully.
C:\WINDOWS\SETBA6.tmp moved successfully.
C:\WINDOWS\003159_.tmp moved successfully.
C:\WINDOWS\003161_.tmp moved successfully.
C:\WINDOWS\SETC93.tmp moved successfully.
C:\WINDOWS\SETD8A.tmp moved successfully.
C:\WINDOWS\003212_.tmp moved successfully.
C:\WINDOWS\AppPatch\SETE2F.tmp moved successfully.
C:\WINDOWS\AppPatch\set58a.tmp moved successfully.
C:\WINDOWS\AppPatch\set682.tmp moved successfully.
C:\WINDOWS\AppPatch\set776.tmp moved successfully.
C:\WINDOWS\AppPatch\set870.tmp moved successfully.
C:\WINDOWS\AppPatch\set995.tmp moved successfully.
C:\WINDOWS\AppPatch\seta67.tmp moved successfully.
C:\WINDOWS\AppPatch\setb54.tmp moved successfully.
C:\WINDOWS\AppPatch\setc4b.tmp moved successfully.
C:\WINDOWS\AppPatch\setd38.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AA.tmp folder moved successfully.
C:\WINDOWS\Fonts\SET4EF.tmp moved successfully.
C:\WINDOWS\Fonts\SET4F0.tmp moved successfully.
C:\WINDOWS\Fonts\SET4F1.tmp moved successfully.
C:\WINDOWS\Fonts\SET4F2.tmp moved successfully.
C:\WINDOWS\Fonts\SET4F3.tmp moved successfully.
C:\WINDOWS\Fonts\SET4F4.tmp moved successfully.
C:\WINDOWS\Fonts\SET5E7.tmp moved successfully.
C:\WINDOWS\Fonts\SET5E8.tmp moved successfully.
C:\WINDOWS\Fonts\SET5E9.tmp moved successfully.
C:\WINDOWS\Fonts\SET5EA.tmp moved successfully.
C:\WINDOWS\Fonts\SET5EB.tmp moved successfully.
C:\WINDOWS\Fonts\SET5EC.tmp moved successfully.
C:\WINDOWS\Fonts\SET6DB.tmp moved successfully.
C:\WINDOWS\Fonts\SET6DC.tmp moved successfully.
C:\WINDOWS\Fonts\SET6DD.tmp moved successfully.
C:\WINDOWS\Fonts\SET6DE.tmp moved successfully.
C:\WINDOWS\Fonts\SET6DF.tmp moved successfully.
C:\WINDOWS\Fonts\SET6E0.tmp moved successfully.
C:\WINDOWS\Fonts\SET7D5.tmp moved successfully.
C:\WINDOWS\Fonts\SET7D6.tmp moved successfully.
C:\WINDOWS\Fonts\SET7D7.tmp moved successfully.
C:\WINDOWS\Fonts\SET7D8.tmp moved successfully.
C:\WINDOWS\Fonts\SET7D9.tmp moved successfully.
C:\WINDOWS\Fonts\SET7DA.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FA.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FB.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FC.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FD.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FE.tmp moved successfully.
C:\WINDOWS\Fonts\SET8FF.tmp moved successfully.
C:\WINDOWS\Fonts\SET9CC.tmp moved successfully.
C:\WINDOWS\Fonts\SET9CD.tmp moved successfully.
C:\WINDOWS\Fonts\SET9CE.tmp moved successfully.
C:\WINDOWS\Fonts\SET9CF.tmp moved successfully.
C:\WINDOWS\Fonts\SET9D0.tmp moved successfully.
C:\WINDOWS\Fonts\SET9D1.tmp moved successfully.
C:\WINDOWS\Fonts\SETAB9.tmp moved successfully.
C:\WINDOWS\Fonts\SETABA.tmp moved successfully.
C:\WINDOWS\Fonts\SETABB.tmp moved successfully.
C:\WINDOWS\Fonts\SETABC.tmp moved successfully.
C:\WINDOWS\Fonts\SETABD.tmp moved successfully.
C:\WINDOWS\Fonts\SETABE.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB0.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB1.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB2.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB3.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB4.tmp moved successfully.
C:\WINDOWS\Fonts\SETBB5.tmp moved successfully.
C:\WINDOWS\Fonts\SETC9D.tmp moved successfully.
C:\WINDOWS\Fonts\SETC9E.tmp moved successfully.
C:\WINDOWS\Fonts\SETC9F.tmp moved successfully.
C:\WINDOWS\Fonts\SETCA0.tmp moved successfully.
C:\WINDOWS\Fonts\SETCA1.tmp moved successfully.
C:\WINDOWS\Fonts\SETCA2.tmp moved successfully.
C:\WINDOWS\Fonts\SETD94.tmp moved successfully.
C:\WINDOWS\Fonts\SETD95.tmp moved successfully.
C:\WINDOWS\Fonts\SETD96.tmp moved successfully.
C:\WINDOWS\Fonts\SETD97.tmp moved successfully.
C:\WINDOWS\Fonts\SETD98.tmp moved successfully.
C:\WINDOWS\Fonts\SETD99.tmp moved successfully.
C:\WINDOWS\Help\SET4F.tmp moved successfully.
C:\WINDOWS\Help\SET50.tmp moved successfully.
C:\WINDOWS\Help\SET51.tmp moved successfully.
C:\WINDOWS\Help\SET52.tmp moved successfully.
C:\WINDOWS\Help\SET4A.tmp moved successfully.
C:\WINDOWS\Help\SET4B.tmp moved successfully.
C:\WINDOWS\Help\SET4C.tmp moved successfully.
C:\WINDOWS\Help\SET4D.tmp moved successfully.
C:\WINDOWS\Help\SET816.tmp moved successfully.
C:\WINDOWS\Help\SET817.tmp moved successfully.
C:\WINDOWS\Help\SET818.tmp moved successfully.
C:\WINDOWS\Help\SET819.tmp moved successfully.
C:\WINDOWS\inf\SET4E.tmp moved successfully.
C:\WINDOWS\inf\SET53.tmp moved successfully.
C:\WINDOWS\inf\SET81A.tmp moved successfully.
C:\WINDOWS\Installer\MSI24.tmp moved successfully.
C:\WINDOWS\Installer\MSI9.tmp moved successfully.
C:\WINDOWS\Installer\MSI12.tmp moved successfully.
C:\WINDOWS\msagent\SETA88.tmp moved successfully.
C:\WINDOWS\msagent\SETA8B.tmp moved successfully.
C:\WINDOWS\msagent\SETA8D.tmp moved successfully.
C:\WINDOWS\msagent\intl\SETAA1.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET5D1.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET6C9.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET7BD.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET8B7.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET9DC.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SETAAB.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SETB98.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SETC8E.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SETD7B.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SETE72.tmp moved successfully.
C:\WINDOWS\system32\SET2B8.tmp moved successfully.
C:\WINDOWS\system32\SET584.tmp moved successfully.
C:\WINDOWS\system32\SET2BD.tmp moved successfully.
C:\WINDOWS\system32\SET587.tmp moved successfully.
C:\WINDOWS\system32\SET3C5.tmp moved successfully.
C:\WINDOWS\system32\SET2BE.tmp moved successfully.
C:\WINDOWS\system32\SET3BB.tmp moved successfully.
C:\WINDOWS\system32\SET2BF.tmp moved successfully.
C:\WINDOWS\system32\SET718.tmp moved successfully.
C:\WINDOWS\system32\SET39B.tmp moved successfully.
C:\WINDOWS\system32\SET82B.tmp moved successfully.
C:\WINDOWS\system32\SET2C4.tmp moved successfully.
C:\WINDOWS\system32\SET2C5.tmp moved successfully.
C:\WINDOWS\system32\SET2C6.tmp moved successfully.
C:\WINDOWS\system32\SET218.tmp moved successfully.
C:\WINDOWS\system32\SET2C8.tmp moved successfully.
C:\WINDOWS\system32\SET2CB.tmp moved successfully.
C:\WINDOWS\system32\SET2CD.tmp moved successfully.
C:\WINDOWS\system32\SET2CE.tmp moved successfully.
C:\WINDOWS\system32\SET595.tmp moved successfully.
C:\WINDOWS\system32\SET5F.tmp moved successfully.
C:\WINDOWS\system32\SET60.tmp moved successfully.
C:\WINDOWS\system32\SET2D1.tmp moved successfully.
C:\WINDOWS\system32\SET2D2.tmp moved successfully.
C:\WINDOWS\system32\SET3F2.tmp moved successfully.
C:\WINDOWS\system32\SET2D5.tmp moved successfully.
C:\WINDOWS\system32\SET2D8.tmp moved successfully.
C:\WINDOWS\system32\SET2D9.tmp moved successfully.
C:\WINDOWS\system32\SET4AB.tmp moved successfully.
C:\WINDOWS\system32\SET2DB.tmp moved successfully.
C:\WINDOWS\system32\SET598.tmp moved successfully.
C:\WINDOWS\system32\SET59C.tmp moved successfully.
C:\WINDOWS\system32\SET2E0.tmp moved successfully.
C:\WINDOWS\system32\SET59D.tmp moved successfully.
C:\WINDOWS\system32\SET2E4.tmp moved successfully.
C:\WINDOWS\system32\SET53B.tmp moved successfully.
C:\WINDOWS\system32\SET2E9.tmp moved successfully.
C:\WINDOWS\system32\SET2EA.tmp moved successfully.
C:\WINDOWS\system32\SET2ED.tmp moved successfully.
C:\WINDOWS\system32\SET2EE.tmp moved successfully.
C:\WINDOWS\system32\SET1353.tmp moved successfully.
C:\WINDOWS\system32\SET782.tmp moved successfully.
C:\WINDOWS\system32\SET2F6.tmp moved successfully.
C:\WINDOWS\system32\SET2F7.tmp moved successfully.
C:\WINDOWS\system32\SET2F9.tmp moved successfully.
C:\WINDOWS\system32\SET2FA.tmp moved successfully.
C:\WINDOWS\system32\SET933.tmp moved successfully.
C:\WINDOWS\system32\SET300.tmp moved successfully.
C:\WINDOWS\system32\SET62.tmp moved successfully.
C:\WINDOWS\system32\SET301.tmp moved successfully.
C:\WINDOWS\system32\SET302.tmp moved successfully.
C:\WINDOWS\system32\SET303.tmp moved successfully.
C:\WINDOWS\system32\SET304.tmp moved successfully.
C:\WINDOWS\system32\SET305.tmp moved successfully.
C:\WINDOWS\system32\SET640.tmp moved successfully.
C:\WINDOWS\system32\SET307.tmp moved successfully.
C:\WINDOWS\system32\SET309.tmp moved successfully.
C:\WINDOWS\system32\SET59F.tmp moved successfully.
C:\WINDOWS\system32\SET30B.tmp moved successfully.
C:\WINDOWS\system32\SET30C.tmp moved successfully.
C:\WINDOWS\system32\SET310.tmp moved successfully.
C:\WINDOWS\system32\SET318.tmp moved successfully.
C:\WINDOWS\system32\SET31A.tmp moved successfully.
C:\WINDOWS\system32\SET4DA.tmp moved successfully.
C:\WINDOWS\system32\SET31C.tmp moved successfully.
C:\WINDOWS\system32\SET31D.tmp moved successfully.
C:\WINDOWS\system32\SET31E.tmp moved successfully.
C:\WINDOWS\system32\SET320.tmp moved successfully.
C:\WINDOWS\system32\SET322.tmp moved successfully.
C:\WINDOWS\system32\SET327.tmp moved successfully.
C:\WINDOWS\system32\SET97D.tmp moved successfully.
C:\WINDOWS\system32\SET329.tmp moved successfully.
C:\WINDOWS\system32\SET32A.tmp moved successfully.
C:\WINDOWS\system32\SET5AE.tmp moved successfully.
C:\WINDOWS\system32\SET330.tmp moved successfully.
C:\WINDOWS\system32\SET5AF.tmp moved successfully.
C:\WINDOWS\system32\SET33B.tmp moved successfully.
C:\WINDOWS\system32\SET33E.tmp moved successfully.
C:\WINDOWS\system32\SET33F.tmp moved successfully.
C:\WINDOWS\system32\SET340.tmp moved successfully.
C:\WINDOWS\system32\SET343.tmp moved successfully.
C:\WINDOWS\system32\SET19BD.tmp moved successfully.
C:\WINDOWS\system32\SET34B.tmp moved successfully.
C:\WINDOWS\system32\SET63.tmp moved successfully.
C:\WINDOWS\system32\SET66.tmp moved successfully.
C:\WINDOWS\system32\SET1E1.tmp moved successfully.
C:\WINDOWS\system32\SET352.tmp moved successfully.
C:\WINDOWS\system32\SET1EE.tmp moved successfully.
C:\WINDOWS\system32\SET354.tmp moved successfully.
C:\WINDOWS\system32\SET21A.tmp moved successfully.
C:\WINDOWS\system32\SET35B.tmp moved successfully.
C:\WINDOWS\system32\SET6C.tmp moved successfully.
C:\WINDOWS\system32\SET5D9.tmp moved successfully.
C:\WINDOWS\system32\SET6E.tmp moved successfully.
C:\WINDOWS\system32\SET35E.tmp moved successfully.
C:\WINDOWS\system32\SET360.tmp moved successfully.
C:\WINDOWS\system32\SETA.tmp moved successfully.
C:\WINDOWS\system32\SET364.tmp moved successfully.
C:\WINDOWS\system32\SET273.tmp moved successfully.
C:\WINDOWS\system32\SET2A4.tmp moved successfully.
C:\WINDOWS\system32\SET374.tmp moved successfully.
C:\WINDOWS\system32\SET5C9.tmp moved successfully.
C:\WINDOWS\system32\SET378.tmp moved successfully.
C:\WINDOWS\system32\SET5CB.tmp moved successfully.
C:\WINDOWS\system32\SET37A.tmp moved successfully.
C:\WINDOWS\system32\SET73.tmp moved successfully.
C:\WINDOWS\system32\SET95A.tmp moved successfully.
C:\WINDOWS\system32\SET37C.tmp moved successfully.
C:\WINDOWS\system32\SET5CD.tmp moved successfully.
C:\WINDOWS\system32\SET5CE.tmp moved successfully.
C:\WINDOWS\system32\SET472.tmp moved successfully.
C:\WINDOWS\system32\SET56A.tmp moved successfully.
C:\WINDOWS\system32\SET5CF.tmp moved successfully.
C:\WINDOWS\system32\SET383.tmp moved successfully.
C:\WINDOWS\system32\SET388.tmp moved successfully.
C:\WINDOWS\system32\SET5DC.tmp moved successfully.
C:\WINDOWS\system32\SET397.tmp moved successfully.
C:\WINDOWS\system32\SET77.tmp moved successfully.
C:\WINDOWS\system32\SET3E6.tmp moved successfully.
C:\WINDOWS\system32\SET393.tmp moved successfully.
C:\WINDOWS\system32\SET448.tmp moved successfully.
C:\WINDOWS\system32\SET3FD.tmp moved successfully.
C:\WINDOWS\system32\SET39C.tmp moved successfully.
C:\WINDOWS\system32\SET39E.tmp moved successfully.
C:\WINDOWS\system32\SET5E6.tmp moved successfully.
C:\WINDOWS\system32\SET5E9.tmp moved successfully.
C:\WINDOWS\system32\SET5EB.tmp moved successfully.
C:\WINDOWS\system32\SET3CD.tmp moved successfully.
C:\WINDOWS\system32\SET3A4.tmp moved successfully.
C:\WINDOWS\system32\SET3A6.tmp moved successfully.
C:\WINDOWS\system32\SET3A7.tmp moved successfully.
C:\WINDOWS\system32\SET5EE.tmp moved successfully.
C:\WINDOWS\system32\SET3A9.tmp moved successfully.
C:\WINDOWS\system32\SET3AC.tmp moved successfully.
C:\WINDOWS\system32\SET5F0.tmp moved successfully.
C:\WINDOWS\system32\SET7C1.tmp moved successfully.
C:\WINDOWS\system32\SET3AD.tmp moved successfully.
C:\WINDOWS\system32\SET3B1.tmp moved successfully.
C:\WINDOWS\system32\SET4A9.tmp moved successfully.
C:\WINDOWS\system32\SET59B.tmp moved successfully.
C:\WINDOWS\system32\SET695.tmp moved successfully.
C:\WINDOWS\system32\SET794.tmp moved successfully.
C:\WINDOWS\system32\SET5F4.tmp moved successfully.
C:\WINDOWS\system32\SET3BE.tmp moved successfully.
C:\WINDOWS\system32\SET3BF.tmp moved successfully.
C:\WINDOWS\system32\SET7A.tmp moved successfully.
C:\WINDOWS\system32\SET4ED.tmp moved successfully.
C:\WINDOWS\system32\SET3C1.tmp moved successfully.
C:\WINDOWS\system32\SET601.tmp moved successfully.
C:\WINDOWS\system32\SET3C2.tmp moved successfully.
C:\WINDOWS\system32\SET3C3.tmp moved successfully.
C:\WINDOWS\system32\SET3C6.tmp moved successfully.
C:\WINDOWS\system32\SET7C.tmp moved successfully.
C:\WINDOWS\system32\SET3D1.tmp moved successfully.
C:\WINDOWS\system32\SET4F7.tmp moved successfully.
C:\WINDOWS\system32\SET4F8.tmp moved successfully.
C:\WINDOWS\system32\SET3D6.tmp moved successfully.
C:\WINDOWS\system32\SET3DD.tmp moved successfully.
C:\WINDOWS\system32\SET4FE.tmp moved successfully.
C:\WINDOWS\system32\SET503.tmp moved successfully.
C:\WINDOWS\system32\SET3ED.tmp moved successfully.
C:\WINDOWS\system32\SET3EE.tmp moved successfully.
C:\WINDOWS\system32\SET3F3.tmp moved successfully.
C:\WINDOWS\system32\SET50D.tmp moved successfully.
C:\WINDOWS\system32\SET40D.tmp moved successfully.
C:\WINDOWS\system32\SET6E8.tmp moved successfully.
C:\WINDOWS\system32\SET615.tmp moved successfully.
C:\WINDOWS\system32\SET40F.tmp moved successfully.
C:\WINDOWS\system32\SET410.tmp moved successfully.
C:\WINDOWS\system32\SET545.tmp moved successfully.
C:\WINDOWS\system32\SET413.tmp moved successfully.
C:\WINDOWS\system32\SET177.tmp moved successfully.
C:\WINDOWS\system32\SET418.tmp moved successfully.
C:\WINDOWS\system32\SET17A.tmp moved successfully.
C:\WINDOWS\system32\SET41A.tmp moved successfully.
C:\WINDOWS\system32\SET61B.tmp moved successfully.
C:\WINDOWS\system32\SET180.tmp moved successfully.
C:\WINDOWS\system32\SET61F.tmp moved successfully.
C:\WINDOWS\system32\SET421.tmp moved successfully.
C:\WINDOWS\system32\SET422.tmp moved successfully.
C:\WINDOWS\system32\SET423.tmp moved successfully.
C:\WINDOWS\system32\SET88A.tmp moved successfully.
C:\WINDOWS\system32\SET425.tmp moved successfully.
C:\WINDOWS\system32\SET426.tmp moved successfully.
C:\WINDOWS\system32\SET427.tmp moved successfully.
C:\WINDOWS\system32\SET799.tmp moved successfully.
C:\WINDOWS\system32\SET42A.tmp moved successfully.
C:\WINDOWS\system32\SET622.tmp moved successfully.
C:\WINDOWS\system32\SET42C.tmp moved successfully.
C:\WINDOWS\system32\SET42D.tmp moved successfully.
C:\WINDOWS\system32\SET563.tmp moved successfully.
C:\WINDOWS\system32\SET42F.tmp moved successfully.
C:\WINDOWS\system32\SET430.tmp moved successfully.
C:\WINDOWS\system32\SET186.tmp moved successfully.
C:\WINDOWS\system32\SET432.tmp moved successfully.
C:\WINDOWS\system32\SET150A.tmp moved successfully.
C:\WINDOWS\system32\SET439.tmp moved successfully.
C:\WINDOWS\system32\SET43A.tmp moved successfully.
C:\WINDOWS\system32\SET568.tmp moved successfully.
C:\WINDOWS\system32\SET56C.tmp moved successfully.
C:\WINDOWS\system32\SET442.tmp moved successfully.
C:\WINDOWS\system32\SET58B.tmp moved successfully.
C:\WINDOWS\system32\SET178.tmp moved successfully.
C:\WINDOWS\system32\SET449.tmp moved successfully.
C:\WINDOWS\system32\SET179.tmp moved successfully.
C:\WINDOWS\system32\SET44E.tmp moved successfully.
C:\WINDOWS\system32\SET7E3.tmp moved successfully.
C:\WINDOWS\system32\SET451.tmp moved successfully.
C:\WINDOWS\system32\SET17B.tmp moved successfully.
C:\WINDOWS\system32\SET454.tmp moved successfully.
C:\WINDOWS\system32\SET62C.tmp moved successfully.
C:\WINDOWS\system32\SET86.tmp moved successfully.
C:\WINDOWS\system32\SET92.tmp moved successfully.
C:\WINDOWS\system32\SETB.tmp moved successfully.
C:\WINDOWS\system32\SET456.tmp moved successfully.
C:\WINDOWS\system32\SET17D.tmp moved successfully.
C:\WINDOWS\system32\SET45A.tmp moved successfully.
C:\WINDOWS\system32\SET5B1.tmp moved successfully.
C:\WINDOWS\system32\SET45C.tmp moved successfully.
C:\WINDOWS\system32\SET45D.tmp moved successfully.
C:\WINDOWS\system32\SET62D.tmp moved successfully.
C:\WINDOWS\system32\SET462.tmp moved successfully.
C:\WINDOWS\system32\SET463.tmp moved successfully.
C:\WINDOWS\system32\SET182.tmp moved successfully.
C:\WINDOWS\system32\SET467.tmp moved successfully.
C:\WINDOWS\system32\SET468.tmp moved successfully.
C:\WINDOWS\system32\SET630.tmp moved successfully.
C:\WINDOWS\system32\SET46D.tmp moved successfully.
C:\WINDOWS\system32\SET65E.tmp moved successfully.
C:\WINDOWS\system32\SET475.tmp moved successfully.
C:\WINDOWS\system32\SET634.tmp moved successfully.
C:\WINDOWS\system32\SET477.tmp moved successfully.
C:\WINDOWS\system32\SET637.tmp moved successfully.
C:\WINDOWS\system32\SET47A.tmp moved successfully.
C:\WINDOWS\system32\SET18F.tmp moved successfully.
C:\WINDOWS\system32\SET47D.tmp moved successfully.
C:\WINDOWS\system32\SET194.tmp moved successfully.
C:\WINDOWS\system32\SET47F.tmp moved successfully.
C:\WINDOWS\system32\SET638.tmp moved successfully.
C:\WINDOWS\system32\SET765.tmp moved successfully.
C:\WINDOWS\system32\SET639.tmp moved successfully.
C:\WINDOWS\system32\SET63B.tmp moved successfully.
C:\WINDOWS\system32\SET342.tmp moved successfully.
C:\WINDOWS\system32\SET63E.tmp moved successfully.
C:\WINDOWS\system32\SET63F.tmp moved successfully.
C:\WINDOWS\system32\SET641.tmp moved successfully.
C:\WINDOWS\system32\SET229.tmp moved successfully.
C:\WINDOWS\system32\SET2B4.tmp moved successfully.
C:\WINDOWS\system32\SET644.tmp moved successfully.
C:\WINDOWS\system32\SET645.tmp moved successfully.
C:\WINDOWS\system32\SET647.tmp moved successfully.
C:\WINDOWS\system32\SET64C.tmp moved successfully.
C:\WINDOWS\system32\SET99.tmp moved successfully.
C:\WINDOWS\system32\SET620.tmp moved successfully.
C:\WINDOWS\system32\SET198.tmp moved successfully.
C:\WINDOWS\system32\SET626.tmp moved successfully.
C:\WINDOWS\system32\SET5D5.tmp moved successfully.
C:\WINDOWS\system32\SET890.tmp moved successfully.
C:\WINDOWS\system32\SET4B3.tmp moved successfully.
C:\WINDOWS\system32\SET5E4.tmp moved successfully.
C:\WINDOWS\system32\SET652.tmp moved successfully.
C:\WINDOWS\system32\SET189.tmp moved successfully.
C:\WINDOWS\system32\SET5E8.tmp moved successfully.
C:\WINDOWS\system32\SET1230.tmp moved successfully.
C:\WINDOWS\system32\SET141C.tmp moved successfully.
C:\WINDOWS\system32\SET65D.tmp moved successfully.
C:\WINDOWS\system32\SET65F.tmp moved successfully.
C:\WINDOWS\system32\SET660.tmp moved successfully.
C:\WINDOWS\system32\SET1234.tmp moved successfully.
C:\WINDOWS\system32\SETAFA.tmp moved successfully.
C:\WINDOWS\system32\SET66A.tmp moved successfully.
C:\WINDOWS\system32\SET1237.tmp moved successfully.
C:\WINDOWS\system32\SET191.tmp moved successfully.
C:\WINDOWS\system32\SET66D.tmp moved successfully.
C:\WINDOWS\system32\SET66E.tmp moved successfully.
C:\WINDOWS\system32\SET763.tmp moved successfully.
C:\WINDOWS\system32\SET123C.tmp moved successfully.
C:\WINDOWS\system32\SET670.tmp moved successfully.
C:\WINDOWS\system32\SET1E3.tmp moved successfully.
C:\WINDOWS\system32\SET1C2.tmp moved successfully.
C:\WINDOWS\system32\SET1C4.tmp moved successfully.
C:\WINDOWS\system32\SET5F8.tmp moved successfully.
C:\WINDOWS\system32\SET673.tmp moved successfully.
C:\WINDOWS\system32\SET1C8.tmp moved successfully.
C:\WINDOWS\system32\SET1CA.tmp moved successfully.
C:\WINDOWS\system32\SET1CC.tmp moved successfully.
C:\WINDOWS\system32\SET760.tmp moved successfully.
C:\WINDOWS\system32\SET1CF.tmp moved successfully.
C:\WINDOWS\system32\SET1D3.tmp moved successfully.
C:\WINDOWS\system32\SET612.tmp moved successfully.
C:\WINDOWS\system32\SET675.tmp moved successfully.
C:\WINDOWS\system32\SET37D.tmp moved successfully.
C:\WINDOWS\system32\SET1E0.tmp moved successfully.
C:\WINDOWS\system32\SET676.tmp moved successfully.
C:\WINDOWS\system32\SET1453.tmp moved successfully.
C:\WINDOWS\system32\SET1E4.tmp moved successfully.
C:\WINDOWS\system32\SET1E7.tmp moved successfully.
C:\WINDOWS\system32\SET126B.tmp moved successfully.
C:\WINDOWS\system32\SET1E9.tmp moved successfully.
C:\WINDOWS\system32\SET3E7.tmp moved successfully.
C:\WINDOWS\system32\SET1ED.tmp moved successfully.
C:\WINDOWS\system32\SET679.tmp moved successfully.
C:\WINDOWS\system32\SET67A.tmp moved successfully.
C:\WINDOWS\system32\SET618.tmp moved successfully.
C:\WINDOWS\system32\SET1F1.tmp moved successfully.
C:\WINDOWS\system32\SET67D.tmp moved successfully.
C:\WINDOWS\system32\SET681.tmp moved successfully.
C:\WINDOWS\system32\SET683.tmp moved successfully.
C:\WINDOWS\system32\SET685.tmp moved successfully.
C:\WINDOWS\system32\SET75D.tmp moved successfully.
C:\WINDOWS\system32\SET66B.tmp moved successfully.
C:\WINDOWS\system32\SET19E.tmp moved successfully.
C:\WINDOWS\system32\SET4A4.tmp moved successfully.
C:\WINDOWS\system32\SET643.tmp moved successfully.
C:\WINDOWS\system32\SET4B6.tmp moved successfully.
C:\WINDOWS\system32\SET669.tmp moved successfully.
C:\WINDOWS\system32\SET19F.tmp moved successfully.
C:\WINDOWS\system32\SET68E.tmp moved successfully.
C:\WINDOWS\system32\SET693.tmp moved successfully.
C:\WINDOWS\system32\SET666.tmp moved successfully.
C:\WINDOWS\system32\SET651.tmp moved successfully.
C:\WINDOWS\system32\SET1A5.tmp moved successfully.
C:\WINDOWS\system32\SET9A.tmp moved successfully.
C:\WINDOWS\system32\SET699.tmp moved successfully.
C:\WINDOWS\system32\SET69A.tmp moved successfully.
C:\WINDOWS\system32\SET65B.tmp moved successfully.
C:\WINDOWS\system32\SET69D.tmp moved successfully.
C:\WINDOWS\system32\SET577.tmp moved successfully.
C:\WINDOWS\system32\SET575.tmp moved successfully.
C:\WINDOWS\system32\SET572.tmp moved successfully.
C:\WINDOWS\system32\SET56F.tmp moved successfully.
C:\WINDOWS\system32\SET56D.tmp moved successfully.
C:\WINDOWS\system32\SET663.tmp moved successfully.
C:\WINDOWS\system32\SET75B.tmp moved successfully.
C:\WINDOWS\system32\SET207.tmp moved successfully.
C:\WINDOWS\system32\SET758.tmp moved successfully.
C:\WINDOWS\system32\SET204.tmp moved successfully.
C:\WINDOWS\system32\SET216.tmp moved successfully.
C:\WINDOWS\system32\SET565.tmp moved successfully.
C:\WINDOWS\system32\SET661.tmp moved successfully.
C:\WINDOWS\system32\SET55F.tmp moved successfully.
C:\WINDOWS\system32\SET217.tmp moved successfully.
C:\WINDOWS\system32\SET55A.tmp moved successfully.
C:\WINDOWS\system32\SET219.tmp moved successfully.
C:\WINDOWS\system32\SET554.tmp moved successfully.
C:\WINDOWS\system32\SET552.tmp moved successfully.
C:\WINDOWS\system32\SET54E.tmp moved successfully.
C:\WINDOWS\system32\SET54C.tmp moved successfully.
C:\WINDOWS\system32\SET549.tmp moved successfully.
C:\WINDOWS\system32\SET69E.tmp moved successfully.
C:\WINDOWS\system32\SET546.tmp moved successfully.
C:\WINDOWS\system32\SET541.tmp moved successfully.
C:\WINDOWS\system32\SET888.tmp moved successfully.
C:\WINDOWS\system32\SET53A.tmp moved successfully.
C:\WINDOWS\system32\SET531.tmp moved successfully.
C:\WINDOWS\system32\SET686.tmp moved successfully.
C:\WINDOWS\system32\SET52A.tmp moved successfully.
C:\WINDOWS\system32\SET527.tmp moved successfully.
C:\WINDOWS\system32\SET21D.tmp moved successfully.
C:\WINDOWS\system32\SET524.tmp moved successfully.
C:\WINDOWS\system32\SET522.tmp moved successfully.
C:\WINDOWS\system32\SET6AB.tmp moved successfully.
C:\WINDOWS\system32\SET21F.tmp moved successfully.
C:\WINDOWS\system32\SET51D.tmp moved successfully.
C:\WINDOWS\system32\SET6AC.tmp moved successfully.
C:\WINDOWS\system32\SET224.tmp moved successfully.
C:\WINDOWS\system32\SET519.tmp moved successfully.
C:\WINDOWS\system32\SET512.tmp moved successfully.
C:\WINDOWS\system32\SET510.tmp moved successfully.
C:\WINDOWS\system32\SET50B.tmp moved successfully.
C:\WINDOWS\system32\SET508.tmp moved successfully.
C:\WINDOWS\system32\SET505.tmp moved successfully.
C:\WINDOWS\system32\SET4F5.tmp moved successfully.
C:\WINDOWS\system32\SET4EB.tmp moved successfully.
C:\WINDOWS\system32\SET4E5.tmp moved successfully.
C:\WINDOWS\system32\SET4D5.tmp moved successfully.
C:\WINDOWS\system32\SET4CE.tmp moved successfully.
C:\WINDOWS\system32\SET4C9.tmp moved successfully.
C:\WINDOWS\system32\SET7B0.tmp moved successfully.
C:\WINDOWS\system32\SET6AE.tmp moved successfully.
C:\WINDOWS\system32\SET6AF.tmp moved successfully.
C:\WINDOWS\system32\SET4B9.tmp moved successfully.
C:\WINDOWS\system32\SET6B6.tmp moved successfully.
C:\WINDOWS\system32\SET205.tmp moved successfully.
C:\WINDOWS\system32\SET5A5.tmp moved successfully.
C:\WINDOWS\system32\SET6B7.tmp moved successfully.
C:\WINDOWS\system32\SET206.tmp moved successfully.
C:\WINDOWS\system32\SET4A1.tmp moved successfully.
C:\WINDOWS\system32\SET6B8.tmp moved successfully.
C:\WINDOWS\system32\SET23B.tmp moved successfully.
C:\WINDOWS\system32\SET49C.tmp moved successfully.
C:\WINDOWS\system32\SET496.tmp moved successfully.
C:\WINDOWS\system32\SET494.tmp moved successfully.
C:\WINDOWS\system32\SET585.tmp moved successfully.
C:\WINDOWS\system32\SET480.tmp moved successfully.
C:\WINDOWS\system32\SET478.tmp moved successfully.
C:\WINDOWS\system32\SET46E.tmp moved successfully.
C:\WINDOWS\system32\SET46B.tmp moved successfully.
C:\WINDOWS\system32\SET469.tmp moved successfully.
C:\WINDOWS\system32\SET461.tmp moved successfully.
C:\WINDOWS\system32\SET44A.tmp moved successfully.
C:\WINDOWS\system32\SET445.tmp moved successfully.
C:\WINDOWS\system32\SET443.tmp moved successfully.
C:\WINDOWS\system32\SET43F.tmp moved successfully.
C:\WINDOWS\system32\SET436.tmp moved successfully.
C:\WINDOWS\system32\SET433.tmp moved successfully.
C:\WINDOWS\system32\SET420.tmp moved successfully.
C:\WINDOWS\system32\SET416.tmp moved successfully.
C:\WINDOWS\system32\SET6B9.tmp moved successfully.
C:\WINDOWS\system32\SET243.tmp moved successfully.
C:\WINDOWS\system32\SET40E.tmp moved successfully.
C:\WINDOWS\system32\SET690.tmp moved successfully.
C:\WINDOWS\system32\SET40A.tmp moved successfully.
C:\WINDOWS\system32\SET3FF.tmp moved successfully.
C:\WINDOWS\system32\SET247.tmp moved successfully.
C:\WINDOWS\system32\SET3F7.tmp moved successfully.
C:\WINDOWS\system32\SET71E.tmp moved successfully.
C:\WINDOWS\system32\SET3F5.tmp moved successfully.
C:\WINDOWS\system32\SET3EF.tmp moved successfully.
C:\WINDOWS\system32\SET3EB.tmp moved successfully.
C:\WINDOWS\system32\SET6BB.tmp moved successfully.
C:\WINDOWS\system32\SET24B.tmp moved successfully.
C:\WINDOWS\system32\SET6BC.tmp moved successfully.
C:\WINDOWS\system32\SET3E5.tmp moved successfully.
C:\WINDOWS\system32\SET3E3.tmp moved successfully.
C:\WINDOWS\system32\SET24C.tmp moved successfully.
C:\WINDOWS\system32\SET3DA.tmp moved successfully.
C:\WINDOWS\system32\SET24F.tmp moved successfully.
C:\WINDOWS\system32\SET3D4.tmp moved successfully.
C:\WINDOWS\system32\SET3D2.tmp moved successfully.
C:\WINDOWS\system32\SET3CF.tmp moved successfully.
C:\WINDOWS\system32\SET692.tmp moved successfully.
C:\WINDOWS\system32\SET6BE.tmp moved successfully.
C:\WINDOWS\system32\SET3C7.tmp moved successfully.
C:\WINDOWS\system32\SET694.tmp moved successfully.
C:\WINDOWS\system32\SET3B8.tmp moved successfully.
C:\WINDOWS\system32\SET6C0.tmp moved successfully.
C:\WINDOWS\system32\SET3B5.tmp moved successfully.
C:\WINDOWS\system32\SET697.tmp moved successfully.
C:\WINDOWS\system32\SET25C.tmp moved successfully.
C:\WINDOWS\system32\SET3A8.tmp moved successfully.
C:\WINDOWS\system32\SET25D.tmp moved successfully.
C:\WINDOWS\system32\SET3A1.tmp moved successfully.
C:\WINDOWS\system32\SET399.tmp moved successfully.
C:\WINDOWS\system32\SET395.tmp moved successfully.
C:\WINDOWS\system32\SET38F.tmp moved successfully.
C:\WINDOWS\system32\SET261.tmp moved successfully.
C:\WINDOWS\system32\SET38C.tmp moved successfully.
C:\WINDOWS\system32\SET389.tmp moved successfully.
C:\WINDOWS\system32\SET268.tmp moved successfully.
C:\WINDOWS\system32\SET384.tmp moved successfully.
C:\WINDOWS\system32\SET269.tmp moved successfully.
C:\WINDOWS\system32\SET37F.tmp moved successfully.
C:\WINDOWS\system32\SET87D.tmp moved successfully.
C:\WINDOWS\system32\SET377.tmp moved successfully.
C:\WINDOWS\system32\SET69B.tmp moved successfully.
C:\WINDOWS\system32\SET6C3.tmp moved successfully.
C:\WINDOWS\system32\SET372.tmp moved successfully.
C:\WINDOWS\system32\SET26E.tmp moved successfully.
C:\WINDOWS\system32\SET36B.tmp moved successfully.
C:\WINDOWS\system32\SET366.tmp moved successfully.
C:\WINDOWS\system32\SET21C.tmp moved successfully.
C:\WINDOWS\system32\SET362.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\SET6C4.tmp moved successfully.
C:\WINDOWS\system32\SET275.tmp moved successfully.
C:\WINDOWS\system32\SET6C8.tmp moved successfully.
C:\WINDOWS\system32\SET35A.tmp moved successfully.
C:\WINDOWS\system32\SET6A9.tmp moved successfully.
C:\WINDOWS\system32\SET27A.tmp moved successfully.
C:\WINDOWS\system32\SET27B.tmp moved successfully.
C:\WINDOWS\system32\SET356.tmp moved successfully.
C:\WINDOWS\system32\SET27D.tmp moved successfully.
C:\WINDOWS\system32\SET21E.tmp moved successfully.
C:\WINDOWS\system32\SET6D0.tmp moved successfully.
C:\WINDOWS\system32\SET285.tmp moved successfully.
C:\WINDOWS\system32\SET6D4.tmp moved successfully.
C:\WINDOWS\system32\SET34E.tmp moved successfully.
C:\WINDOWS\system32\SET1737.tmp moved successfully.
C:\WINDOWS\system32\SET6D6.tmp moved successfully.
C:\WINDOWS\system32\SET28B.tmp moved successfully.
C:\WINDOWS\system32\SET349.tmp moved successfully.
C:\WINDOWS\system32\SET659.tmp moved successfully.
C:\WINDOWS\system32\SET6D8.tmp moved successfully.
C:\WINDOWS\system32\SET6D9.tmp moved successfully.

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Kdo je online