prosím o kontrolu

vonyt · Příspěvekod **vonyt** » 01 kvě 2010 12:23

Zdravim. Mám problém (jinak bych asi nepsal :)) Často mi padá internet, i když na ostatních PC v síti jede a když chci jít na nějakou stránku, tak s emi nenačte ale v levim hornim rohu to hodí nějakej odkaz.. Je tam napsáno Advertised here bo tak něco.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:06, on 1.5.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Users\Tomáš\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Program Files (x86)\DAP\DAP.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\PSPdisp\bin\app\PSPdisp.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\hi jack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://flvdirect.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: everyflv - {8731bbff-8cef-323a-a62d-cae478301394} - C:\Windows\SysWow64\eJW0B1--bO8.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\DAP\DAPIEL~1.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Tomáš\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP Infium\infium.exe"/acc vonyt@qip.ru /trylogin /autorun
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: PSPdisp.lnk = C:\Program Files (x86)\PSPdisp\bin\app\PSPdisp.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files (x86)\QIP Infium\infium.exe (HKCU)
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files (x86)\StreamingStar\HiDownload\hidownload.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10730 bytes

Reklama

Příspěvekod **jaro3** » 01 kvě 2010 12:52

Odinstaluj:
DAEMON Tools Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://flvdirect.iamwired.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: everyflv - {8731bbff-8cef-323a-a62d-cae478301394} - C:\Windows\SysWow64\eJW0B1--bO8.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

vonyt · Příspěvekod **vonyt** » 01 kvě 2010 13:09

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1.5.2010 13:08:48
mbam-log-2010-05-01 (13-08-48).txt

Typ skenu: Rychlý sken
Skenované objekty: 126340
Uplynulý čas: 2 minuta(y), 41 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 1
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 1
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
C:\Program Files (x86)\Mozilla Firefox\extensions\{713f09aa-13ab-ce96-3c37-086c43d3794b}\components\__bt8pf4-.dll (Adware.BHO) -> No action taken.

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> No action taken.

Infikované soubory:
C:\Program Files (x86)\Mozilla Firefox\extensions\{713f09aa-13ab-ce96-3c37-086c43d3794b}\components\__bt8pf4-.dll (Adware.BHO) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> No action taken.

Příspěvekod **jaro3** » 01 kvě 2010 14:35

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

vonyt · Příspěvekod **vonyt** » 01 kvě 2010 15:15

nevešlo se to sem tak sem to hodil do raru

Desktop.rar: (21.95 KiB) Staženo 28 x

Příspěvekod **jaro3** » 01 kvě 2010 16:03

kouknu na to , momentálně mám málo času , pak sem napíšu script..

vonyt · Příspěvekod **vonyt** » 01 kvě 2010 16:10

pohoda :)

Příspěvekod **jaro3** » 01 kvě 2010 18:32

Odinstaluj zbytky Symantec Shared tímto:
ftp://ftp.symantec.com/public/english_u ... l_Tool.exe

///////////////////////////////////////////////////////////////////////////////////////////

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iamwired.net/websearch.php?src=tops&search="
[2010.04.23 22:23:23 | 000,002,059 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\daemon-search.xml
[2010.03.16 17:54:29 | 000,002,062 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\qip-search.xml
[2010.04.23 22:24:03 | 000,000,266 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\Search.xml
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4 - HKCU..\Run: [Infium]  File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{02348de9-14b9-11df-b89a-00241dd5f382}\Shell - "" = AutoRun
O33 - MountPoints2\{02348de9-14b9-11df-b89a-00241dd5f382}\Shell\AutoRun\command - "" = G:\start.exe -- File not found
O33 - MountPoints2\{3dcf380d-f63a-11de-bf79-00241dd5f382}\Shell - "" = AutoRun
O33 - MountPoints2\{3dcf380d-f63a-11de-bf79-00241dd5f382}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0

:Files
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
c:\windows\Tasks\*.job /s
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\found.000
C:\8a4kzjsh.exe
C:\Windows\tasks\SA.DAT
C:\Program Files (x86)\Common Files\Symantec Shared

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

vonyt · Příspěvekod **vonyt** » 02 kvě 2010 09:48

omlouvám se.. v čera sem už neměl čas večer ale zde je ten log:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named eeCtrl was found to stop!
Service\Driver key eeCtrl not found.
File C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Search" removed from browser.search.defaultenginename
Prefs.js: "http://flvdirect.iamwired.net/websearch.php?src=tops&search=" removed from browser.search.defaulturl
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\qip-search.xml moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\searchplugins\Search.xml moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02348de9-14b9-11df-b89a-00241dd5f382}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02348de9-14b9-11df-b89a-00241dd5f382}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02348de9-14b9-11df-b89a-00241dd5f382}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02348de9-14b9-11df-b89a-00241dd5f382}\ not found.
File G:\start.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dcf380d-f63a-11de-bf79-00241dd5f382}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3dcf380d-f63a-11de-bf79-00241dd5f382}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dcf380d-f63a-11de-bf79-00241dd5f382}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3dcf380d-f63a-11de-bf79-00241dd5f382}\ not found.
File F:\Autorun.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\ProgramData\TEMP:A9662AE0 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Temp\HTT3C0B.tmp moved successfully.
C:\WINDOWS\Temp\HTT58F0.tmp moved successfully.
C:\WINDOWS\Temp\HTT62BA.tmp moved successfully.
C:\WINDOWS\Temp\HTT8C2.tmp moved successfully.
C:\WINDOWS\Temp\HTT8DC4.tmp moved successfully.
C:\WINDOWS\Temp\HTT9479.tmp moved successfully.
C:\WINDOWS\Temp\HTTA637.tmp moved successfully.
C:\WINDOWS\Temp\HTTAEFA.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C}\SupportTasks\1 folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C}\SupportTasks\0 folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C}\SupportTasks folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C}\PlayTasks\0 folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C}\PlayTasks folder moved successfully.
C:\found.000\dir0006.chk\{CC3192BC-0151-4C18-BEDA-E964CACE228C} folder moved successfully.
C:\found.000\dir0006.chk\{14CC761D-3A86-4A84-B0B5-ABFBA3C32C36}\SupportTasks\0 folder moved successfully.
C:\found.000\dir0006.chk\{14CC761D-3A86-4A84-B0B5-ABFBA3C32C36}\SupportTasks folder moved successfully.
C:\found.000\dir0006.chk\{14CC761D-3A86-4A84-B0B5-ABFBA3C32C36}\PlayTasks\0 folder moved successfully.
C:\found.000\dir0006.chk\{14CC761D-3A86-4A84-B0B5-ABFBA3C32C36}\PlayTasks folder moved successfully.
C:\found.000\dir0006.chk\{14CC761D-3A86-4A84-B0B5-ABFBA3C32C36} folder moved successfully.
C:\found.000\dir0006.chk\RSS folder moved successfully.
C:\found.000\dir0006.chk\GamesBoxArt folder moved successfully.
C:\found.000\dir0006.chk folder moved successfully.
C:\found.000\dir0005.chk\Low folder moved successfully.
C:\found.000\dir0005.chk\History.IE5\MSHist012010041720100418 folder moved successfully.
C:\found.000\dir0005.chk\History.IE5 folder moved successfully.
C:\found.000\dir0005.chk folder moved successfully.
C:\found.000\dir0004.chk\Virtualized folder moved successfully.
C:\found.000\dir0004.chk\Low folder moved successfully.
C:\found.000\dir0004.chk\Content.Word folder moved successfully.
C:\found.000\dir0004.chk\Content.MSO folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\WGH71Q2L folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\U8COPGI1 folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\OAL8RUIN folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\M22BVG4D folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\21D2DC17 folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5\0OQLER75 folder moved successfully.
C:\found.000\dir0004.chk\Content.IE5 folder moved successfully.
C:\found.000\dir0004.chk\AntiPhishing folder moved successfully.
C:\found.000\dir0004.chk folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportQueue\NonCritical_Microsoft Window_18c855348b7b8af0c58ce3bd56c95138ec199ca6_cab_5ab2b561 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportQueue folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_bd5996727e9ea1acda90841fa2c99a88df4fb9d6_0aa84af4 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_bd5996727e9ea1acda90841fa2c99a88df4fb9d6_0aa83dda folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_bd5996727e9ea1acda90841fa2c99a88df4fb9d6_08821075 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_4723a25c55fda2a6df5af307767d6c1a22a25e8_119b059b folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_4723a25c55fda2a6df5af307767d6c1a22a25e8_0d7b4336 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_4723a25c55fda2a6df5af307767d6c1a22a25e8_09984c99 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_18c855348b7b8af0c58ce3bd56c95138ec199ca6_1eb82de4 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\NonCritical_Microsoft Window_18c855348b7b8af0c58ce3bd56c95138ec199ca6_012460b5 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\Critical_-1581056_417351b81cd19b705efd0aec6add458b9e2178_0ca31ea8 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_UbisoftGameLaunc_d253819b395fee4c8cffe9f17da2b18997a7d74_09c28166 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_UbisoftGameLaunc_d253819b395fee4c8cffe9f17da2b18997a7d74_01fef5af folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_Seismovision3.ex_de9cb6463e3318f950e64eb71a69a78fcafaf815_1c8730d1 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_javaw.exe_f47f41c2c70b3a85bd316e42c258b48a98308b_177972a5 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_Dwm.exe_a5da43d8cd9b4896940efb49941778537ab273_1fc08e61 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_1d632742 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_1cf627be folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_1bb4be52 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_18ff5045 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_177fbae6 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_16687b3b folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_153fdac5 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_14f8ed3c folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_121aa2f3 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_109e781c folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_0e98f759 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_09b02e21 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_099e9704 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_c89c6a37f5241369748be8e6444a1b094362a_0123dc79 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_15863524 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_1561a100 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_11368871 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_0f6a3ed9 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_0d71a25b folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_0ccd0914 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_0b243ec4 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_6a81a64b109815243848417614a1dacd99d4b9_0124537c folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_1eddb2fc folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_1e2ea14f folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_1c320e36 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_1b6c0510 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_17979128 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_16b48c3b folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_16a37d79 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_167018de folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_15594e8e folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_14cf8095 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_1428dcb8 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_13d190fa folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_12d76f4a folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_118c2878 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_102b980a folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0fff2bd5 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0ff050a2 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0f2a24b0 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0eb214d8 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0d1c0b37 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0a23aa81 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_055477de folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_0504453a folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_01244643 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive\AppCrash_DllHost.exe_4869576cdeab1c1facea65ae6d1fdf915cdfdc3_00764aa6 folder moved successfully.
C:\found.000\dir0003.chk\WER\ReportArchive folder moved successfully.
C:\found.000\dir0003.chk\WER\ERC\TemplateCache folder moved successfully.
C:\found.000\dir0003.chk\WER\ERC\ResponseCache folder moved successfully.
C:\found.000\dir0003.chk\WER\ERC folder moved successfully.
C:\found.000\dir0003.chk\WER folder moved successfully.
C:\found.000\dir0003.chk\Themes\Avatar\DesktopBackground folder moved successfully.
C:\found.000\dir0003.chk\Themes\Avatar folder moved successfully.
C:\found.000\dir0003.chk\Themes folder moved successfully.
C:\found.000\dir0003.chk\Ringtones folder moved successfully.
C:\found.000\dir0003.chk\Explorer folder moved successfully.
C:\found.000\dir0003.chk\Caches folder moved successfully.
C:\found.000\dir0003.chk\Burn\Burn2 folder moved successfully.
C:\found.000\dir0003.chk\Burn\Burn1 folder moved successfully.
C:\found.000\dir0003.chk\Burn\Burn folder moved successfully.
C:\found.000\dir0003.chk\Burn folder moved successfully.
C:\found.000\dir0003.chk\1029 folder moved successfully.
C:\found.000\dir0003.chk\1024 folder moved successfully.
C:\found.000\dir0003.chk folder moved successfully.
C:\found.000\dir0002.chk\XLive\Titles\5454083b folder moved successfully.
C:\found.000\dir0002.chk\XLive\Titles folder moved successfully.
C:\found.000\dir0002.chk\XLive\SysCache folder moved successfully.
C:\found.000\dir0002.chk\XLive\Content\E000000B18939A8B\FFFE07D1\00010000\E000000B18939A8B_MountPt folder moved successfully.
C:\found.000\dir0002.chk\XLive\Content\E000000B18939A8B\FFFE07D1\00010000 folder moved successfully.
C:\found.000\dir0002.chk\XLive\Content\E000000B18939A8B\FFFE07D1 folder moved successfully.
C:\found.000\dir0002.chk\XLive\Content\E000000B18939A8B folder moved successfully.
C:\found.000\dir0002.chk\XLive\Content folder moved successfully.
C:\found.000\dir0002.chk\XLive folder moved successfully.
C:\found.000\dir0002.chk\Windows Sidebar\Gadgets\VolumeControlReloaded.gadget folder moved successfully.
C:\found.000\dir0002.chk\Windows Sidebar\Gadgets folder moved successfully.
C:\found.000\dir0002.chk\Windows Sidebar folder moved successfully.
C:\found.000\dir0002.chk\Windows Media\12.0 folder moved successfully.
C:\found.000\dir0002.chk\Windows Media folder moved successfully.
C:\found.000\dir0002.chk\Windows Mail\Stationery folder moved successfully.
C:\found.000\dir0002.chk\Windows Mail\Backup\new folder moved successfully.
C:\found.000\dir0002.chk\Windows Mail\Backup folder moved successfully.
C:\found.000\dir0002.chk\Windows Mail folder moved successfully.
C:\found.000\dir0002.chk\Portable Devices folder moved successfully.
C:\found.000\dir0002.chk\PCCompat folder moved successfully.
C:\found.000\dir0002.chk\Outlook\Accounts folder moved successfully.
C:\found.000\dir0002.chk\Outlook folder moved successfully.
C:\found.000\dir0002.chk\OFFICE\ONetConfig folder moved successfully.
C:\found.000\dir0002.chk\OFFICE folder moved successfully.
C:\found.000\dir0002.chk\NetTraces folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Transcoded Files Cache folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Sync Playlists\cs-CZ\000083AF folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Sync Playlists\cs-CZ folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Sync Playlists folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Mezipaměť grafiky\LocalMLS folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Mezipaměť grafiky folder moved successfully.
C:\found.000\dir0002.chk\Media Player\Cache24529456 folder moved successfully.
C:\found.000\dir0002.chk\Media Player folder moved successfully.
C:\found.000\dir0002.chk\Massive folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery\Last Active folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery\High\Last Active folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery\High\Active folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery\High folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery\Active folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\Recovery folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\DOMStore\PZ353Q2D folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\DOMStore\K5NUOO7J folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\DOMStore\I9ZJUDTD folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\DOMStore\EVYWGRG9 folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer\DOMStore folder moved successfully.
C:\found.000\dir0002.chk\Internet Explorer folder moved successfully.
C:\found.000\dir0002.chk\GFWLive\Cache folder moved successfully.
C:\found.000\dir0002.chk\GFWLive folder moved successfully.
C:\found.000\dir0002.chk\FORMS folder moved successfully.
C:\found.000\dir0002.chk\Feeds Cache\XDRRJBDJ folder moved successfully.
C:\found.000\dir0002.chk\Feeds Cache\V34GOGI9 folder moved successfully.
C:\found.000\dir0002.chk\Feeds Cache\IQLQH622 folder moved successfully.
C:\found.000\dir0002.chk\Feeds Cache\F22KZHBT folder moved successfully.
C:\found.000\dir0002.chk\Feeds Cache folder moved successfully.
C:\found.000\dir0002.chk\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~ folder moved successfully.
C:\found.000\dir0002.chk\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~ folder moved successfully.
C:\found.000\dir0002.chk\Feeds\Informační kanály společnosti Microsoft~ folder moved successfully.
C:\found.000\dir0002.chk\Feeds folder moved successfully.
C:\found.000\dir0002.chk\Event Viewer folder moved successfully.
C:\found.000\dir0002.chk\Device Stage\Device\PropStore folder moved successfully.
C:\found.000\dir0002.chk\Device Stage\Device folder moved successfully.
C:\found.000\dir0002.chk\Device Stage folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us\63921eef-8415-4368-9201-f0df4af5778f\WindowsInformation folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us\63921eef-8415-4368-9201-f0df4af5778f\DeviceInformation folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us\63921eef-8415-4368-9201-f0df4af5778f folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us\34e548a8-3268-4dde-bedf-c40f9b6c814a\WindowsInformation folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us\34e548a8-3268-4dde-bedf-c40f9b6c814a folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\en-us folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache\downloads folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata\dmrccache folder moved successfully.
C:\found.000\dir0002.chk\Device Metadata folder moved successfully.
C:\found.000\dir0002.chk\Credentials folder moved successfully.
C:\found.000\dir0002.chk folder moved successfully.
C:\found.000\dir0001.chk\{FC20E3E2-5FDA-4A75-A76B-72D3A688BB68} folder moved successfully.
C:\found.000\dir0001.chk\{E911DAE4-D345-4FA4-8AB0-59CC6411C323} folder moved successfully.
C:\found.000\dir0001.chk\{DED1FDB8-1802-4D15-9BC3-4A2CD4220D6B} folder moved successfully.
C:\found.000\dir0001.chk\{D6FD52DE-B325-48B1-9AAE-21929205E801} folder moved successfully.
C:\found.000\dir0001.chk\{D4EB823B-3516-4B25-91B1-6CCAEA9B4512} folder moved successfully.
C:\found.000\dir0001.chk\{D055F317-F108-4A0D-9195-C212F10B7FDF} folder moved successfully.
C:\found.000\dir0001.chk\{C3D22AAD-9B06-4488-8B95-605B47EF3D8C} folder moved successfully.
C:\found.000\dir0001.chk\{BC3D746D-6F5D-403D-B5A2-607797D363FC}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{BC3D746D-6F5D-403D-B5A2-607797D363FC} folder moved successfully.
C:\found.000\dir0001.chk\{B6AD17CF-D3E3-4915-A595-4E59B6CA01AB} folder moved successfully.
C:\found.000\dir0001.chk\{B50C5D66-E74B-4D2E-AF3B-0237155B0FDD} folder moved successfully.
C:\found.000\dir0001.chk\{B21BB900-A73A-45DB-B4DF-DCF78703D429} folder moved successfully.
C:\found.000\dir0001.chk\{A94B61EC-2A88-45CA-B0E3-1FA314773F5D}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{A94B61EC-2A88-45CA-B0E3-1FA314773F5D} folder moved successfully.
C:\found.000\dir0001.chk\{99CE11AE-C099-4748-A7AF-2C71002E4745}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{99CE11AE-C099-4748-A7AF-2C71002E4745} folder moved successfully.
C:\found.000\dir0001.chk\{8F7136CD-BAFB-44BC-B667-1E6737464FC3} folder moved successfully.
C:\found.000\dir0001.chk\{8BACA3C5-9814-4F79-B845-211BA549966B} folder moved successfully.
C:\found.000\dir0001.chk\{858ADCF7-A746-4B6E-858F-950FF5274882} folder moved successfully.
C:\found.000\dir0001.chk\{828212B3-8141-41DC-B351-267E5FFD2BDD} folder moved successfully.
C:\found.000\dir0001.chk\{7E86C102-03CA-42BA-987B-A48C2AC20AF4} folder moved successfully.
C:\found.000\dir0001.chk\{7AFAB6F7-6036-4A6A-B95C-8216BFA3DA5A} folder moved successfully.
C:\found.000\dir0001.chk\{7007C6C0-D302-4564-BFD7-EF7B7869D9DB} folder moved successfully.
C:\found.000\dir0001.chk\{5C81CDAB-DEED-4954-89C6-165E25EEB2BD} folder moved successfully.
C:\found.000\dir0001.chk\{5A6193E4-5C24-4957-9DE0-026B30CC941A}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{5A6193E4-5C24-4957-9DE0-026B30CC941A} folder moved successfully.
C:\found.000\dir0001.chk\{5894F523-682B-4F6C-A1E8-5150B18D56CB} folder moved successfully.
C:\found.000\dir0001.chk\{502244B8-DBCF-4AB2-B1C7-A6C406B5AD22} folder moved successfully.
C:\found.000\dir0001.chk\{4E510AAD-0770-4FD3-8CBC-BDD30BC0DC6D} folder moved successfully.
C:\found.000\dir0001.chk\{486E4A12-B58B-492F-99D7-80BA4F2ACA34}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{486E4A12-B58B-492F-99D7-80BA4F2ACA34} folder moved successfully.
C:\found.000\dir0001.chk\{3E2817E0-D87F-49F1-BAB1-3D06F47DD059} folder moved successfully.
C:\found.000\dir0001.chk\{294d9bac-c6f8-47c9-804f-3538b750b502} folder moved successfully.
C:\found.000\dir0001.chk\{0E976A17-8FC9-4259-80EB-6B50556C8BC0}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{0E976A17-8FC9-4259-80EB-6B50556C8BC0} folder moved successfully.
C:\found.000\dir0001.chk\{031416B7-23C6-4EE6-8964-A26F81343FB0} folder moved successfully.
C:\found.000\dir0001.chk\{0281D31C-3AEF-4FD0-AE77-5240C4B1CD85}\Disk1\License folder moved successfully.
C:\found.000\dir0001.chk\{0281D31C-3AEF-4FD0-AE77-5240C4B1CD85}\Disk1 folder moved successfully.
C:\found.000\dir0001.chk\{0281D31C-3AEF-4FD0-AE77-5240C4B1CD85} folder moved successfully.
C:\found.000\dir0001.chk\_tc folder moved successfully.
C:\found.000\dir0001.chk\WPDNSE folder moved successfully.
C:\found.000\dir0001.chk\VBE folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-9 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-8 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-7 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-6 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-5 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-4 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-3 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-21 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-20 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-2 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-19 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-18 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-17 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-16 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-15 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-14 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-13 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-12 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-11 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-10 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp-1 folder moved successfully.
C:\found.000\dir0001.chk\plugtmp folder moved successfully.
C:\found.000\dir0001.chk\outlook logging folder moved successfully.
C:\found.000\dir0001.chk\msdtadmin\_63C68DE1-CD34-48E0-B49E-2FEEC188A58F_\p0 folder moved successfully.
C:\found.000\dir0001.chk\msdtadmin\_63C68DE1-CD34-48E0-B49E-2FEEC188A58F_ folder moved successfully.
C:\found.000\dir0001.chk\msdtadmin folder moved successfully.
C:\found.000\dir0001.chk\Low folder moved successfully.
C:\found.000\dir0001.chk\IXP000.TMP folder moved successfully.
C:\found.000\dir0001.chk\ispA526.tmp folder moved successfully.
C:\found.000\dir0001.chk\hsperfdata_Tomáš folder moved successfully.
C:\found.000\dir0001.chk\DAPINST folder moved successfully.
C:\found.000\dir0001.chk\audacity_1_2_temp folder moved successfully.
C:\found.000\dir0001.chk folder moved successfully.
C:\found.000\dir0000.chk\www.doom9.net\MeGUI.exe_Url_2fr0kf1342pplpviabeusmov0k1k3qda\0.3.3.0 folder moved successfully.
C:\found.000\dir0000.chk\www.doom9.net\MeGUI.exe_Url_2fr0kf1342pplpviabeusmov0k1k3qda\0.3.1.1056 folder moved successfully.
C:\found.000\dir0000.chk\www.doom9.net\MeGUI.exe_Url_2fr0kf1342pplpviabeusmov0k1k3qda folder moved successfully.
C:\found.000\dir0000.chk\www.doom9.net folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore\Program Files (x86)\Common Files\Nero\Shared\NL3 folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore\Program Files (x86)\Common Files\Nero\Shared folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore\Program Files (x86)\Common Files\Nero folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore\Program Files (x86)\Common Files folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore\Program Files (x86) folder moved successfully.
C:\found.000\dir0000.chk\VirtualStore folder moved successfully.
C:\found.000\dir0000.chk\Temporary Internet Files folder moved successfully.
C:\found.000\dir0000.chk\Targem\Clutch folder moved successfully.
C:\found.000\dir0000.chk\Targem folder moved successfully.
C:\found.000\dir0000.chk\Symantec\Symantec Endpoint Protection\Logs folder moved successfully.
C:\found.000\dir0000.chk\Symantec\Symantec Endpoint Protection folder moved successfully.
C:\found.000\dir0000.chk\Symantec folder moved successfully.
C:\found.000\dir0000.chk\Sony\Vegas\7.0\VegSrvLogs\10.0.0.1.53704 folder moved successfully.
C:\found.000\dir0000.chk\Sony\Vegas\7.0\VegSrvLogs folder moved successfully.
C:\found.000\dir0000.chk\Sony\Vegas\7.0 folder moved successfully.
C:\found.000\dir0000.chk\Sony\Vegas folder moved successfully.
C:\found.000\dir0000.chk\Sony folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\RGSC folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV\User Music folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV\Settings folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV\savegames\user_invalid folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV\savegames\user_e000000b18939a8b folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV\savegames folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games\GTA IV folder moved successfully.
C:\found.000\dir0000.chk\Rockstar Games folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\UNCO\pb\scrnshot folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\UNCO\pb\htm folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\UNCO\pb\dll folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\UNCO\pb folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\UNCO folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\QL\pb folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\QL folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\COD2\pb\scrnshot folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\COD2\pb\htm folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\COD2\pb\dll folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\COD2\pb folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\COD2 folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\BC2\pb\scrnshot folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\BC2\pb\htm folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\BC2\pb\dll folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\BC2\pb folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster\BC2 folder moved successfully.
C:\found.000\dir0000.chk\PunkBuster folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Profiles\hs3wxnt9.default\OfflineCache folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Profiles\hs3wxnt9.default\Cache folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Profiles\hs3wxnt9.default folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Profiles folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Mozilla Firefox\updates\0 folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Mozilla Firefox\updates folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox\Mozilla Firefox folder moved successfully.
C:\found.000\dir0000.chk\Mozilla\Firefox folder moved successfully.
C:\found.000\dir0000.chk\Mozilla folder moved successfully.
C:\found.000\dir0000.chk\Mato_Technologies\X_Mod_Packer_V.1.0.exe_Url_sjo5d5cm3ahbc0ji2h00zn5f0x4ts0st\1.0.0.0 folder moved successfully.
C:\found.000\dir0000.chk\Mato_Technologies\X_Mod_Packer_V.1.0.exe_Url_sjo5d5cm3ahbc0ji2h00zn5f0x4ts0st folder moved successfully.
C:\found.000\dir0000.chk\Mato_Technologies folder moved successfully.
C:\found.000\dir0000.chk\Licenses\DDD folder moved successfully.
C:\found.000\dir0000.chk\Licenses folder moved successfully.
C:\found.000\dir0000.chk\History folder moved successfully.
C:\found.000\dir0000.chk\GHISLER folder moved successfully.
C:\found.000\dir0000.chk\ESET\ESET Smart Security\Quarantine folder moved successfully.
C:\found.000\dir0000.chk\ESET\ESET Smart Security folder moved successfully.
C:\found.000\dir0000.chk\ESET folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041716.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041514.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041421.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041420.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041417.001 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041417.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041217.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010041118.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010040716.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010040616.001 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090\2010040616.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\460911090 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\3493975886\2010041217.000 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics\3493975886 folder moved successfully.
C:\found.000\dir0000.chk\ElevatedDiagnostics folder moved successfully.
C:\found.000\dir0000.chk\Data aplikací folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\updater folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache\data\players folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache\data\164482-1-1-HTML folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache\data\163983-1-1-HTML folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache\data\163982-1-1-HTML folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache\data folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal\cache folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\dfal folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing\data folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games\Superstar Racing folder moved successfully.
C:\found.000\dir0000.chk\Chat Republic Games folder moved successfully.
C:\found.000\dir0000.chk\CAPCOM\DEVILMAYCRY4 folder moved successfully.
C:\found.000\dir0000.chk\CAPCOM folder moved successfully.
C:\found.000\dir0000.chk\Autodesk\Maya folder moved successfully.
C:\found.000\dir0000.chk\Autodesk folder moved successfully.
C:\found.000\dir0000.chk\AliensVsPredator\27560805144849\Checkpoints folder moved successfully.
C:\found.000\dir0000.chk\AliensVsPredator\27560805144849 folder moved successfully.
C:\found.000\dir0000.chk\AliensVsPredator folder moved successfully.
C:\found.000\dir0000.chk\Ahead\Nero Home\idx folder moved successfully.
C:\found.000\dir0000.chk\Ahead\Nero Home folder moved successfully.
C:\found.000\dir0000.chk\Ahead folder moved successfully.
C:\found.000\dir0000.chk\Adobe\XMP\File Info\2.0\work folder moved successfully.
C:\found.000\dir0000.chk\Adobe\XMP\File Info\2.0 folder moved successfully.
C:\found.000\dir0000.chk\Adobe\XMP\File Info folder moved successfully.
C:\found.000\dir0000.chk\Adobe\XMP folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6\Install\reader9rdr-cs_CZ folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6\Install\mediaencoder5 folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6\Install\aftereffects9 folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6\Install folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6\Data folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Updater6 folder moved successfully.
C:\found.000\dir0000.chk\Adobe\TypeSupport\CMaps folder moved successfully.
C:\found.000\dir0000.chk\Adobe\TypeSupport folder moved successfully.
C:\found.000\dir0000.chk\Adobe\ESD folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Color\Profiles folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Color folder moved successfully.
C:\found.000\dir0000.chk\Adobe\CameraRaw\Cache folder moved successfully.
C:\found.000\dir0000.chk\Adobe\CameraRaw folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Acrobat\9.0\Updater folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Acrobat\9.0\Cache folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Acrobat\9.0 folder moved successfully.
C:\found.000\dir0000.chk\Adobe\Acrobat folder moved successfully.
C:\found.000\dir0000.chk\Adobe folder moved successfully.
C:\found.000\dir0000.chk\Activision\CoDWaW folder moved successfully.
C:\found.000\dir0000.chk\Activision folder moved successfully.
C:\found.000\dir0000.chk\._Revolution_ folder moved successfully.
C:\found.000\dir0000.chk folder moved successfully.
C:\found.000 folder moved successfully.
C:\8a4kzjsh.exe moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File\Folder C:\Program Files (x86)\Common Files\Symantec Shared not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Filipáč
->Temp folder emptied: 24250300 bytes
->Temporary Internet Files folder emptied: 64058730 bytes
->Java cache emptied: 12119679 bytes
->FireFox cache emptied: 69625323 bytes
->Flash cache emptied: 55123 bytes

User: Public

User: Tomáš
->Temp folder emptied: 113013780 bytes
->Temporary Internet Files folder emptied: 11390321 bytes
->Java cache emptied: 25805950 bytes
->FireFox cache emptied: 36099420 bytes
->Flash cache emptied: 6200 bytes

User: TomĂˇĹˇ

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 690380 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67576 bytes
RecycleBin emptied: 1591130 bytes

Total Files Cleaned = 342,00 mb

OTL by OldTimer - Version 3.2.4.0 log created on 05022010_094510

Files\Folders moved on Reboot...
C:\Users\Tomáš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 02 kvě 2010 11:38

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat, nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

vonyt · Příspěvekod **vonyt** » 02 kvě 2010 12:26

OTL logfile created on: 2.5.2010 12:03:13 - Run 2
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Tomáš\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 32,62 Gb Free Space | 33,41% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 352,82 Gb Free Space | 42,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DETI
Current User Name: Tomáš
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Tomáš\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Tomáš\AppData\Roaming\QipGuard\QipGuard.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe (RealNetworks, Inc.)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Tomáš\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) Služba DTC (Distributed Transaction Coordinator) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (libusb0) -- C:\Windows\SysNative\drivers\libusb0.sys (http://libusb-win32.sourceforge.net)
DRV - (CSC) -- C:\Windows\CSC [2009.12.31 17:14:56 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (EverestDriver) -- C:\Program Files (x86)\Everest_corp\kerneld.amd64 ()
DRV - (libusb0) -- C:\Windows\SysWOW64\libusb0.dll (http://libusb-win32.sourceforge.net)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 37 5B 73 14 AC CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {713f09aa-13ab-ce96-3c37-086c43d3794b}:4.6.6.6
FF - prefs.js..keyword.URL: "http://flvdirect.iamwired.net/websearch.php?src=tops&search="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.01 20:40:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.24 21:15:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.16 13:46:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.24 21:15:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.16 13:46:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.24 21:15:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.16 13:46:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.01.24 21:16:38 | 000,000,000 | ---D | M]

[2009.12.31 20:01:55 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Extensions
[2010.05.02 09:57:47 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions
[2010.03.16 17:54:29 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.04.16 13:37:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.30 21:41:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.13 14:08:21 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions\firebug@software.joehewitt.com
[2010.04.14 15:51:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\hs3wxnt9.default\extensions\personas@christopher.beard
[2010.05.02 09:57:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.04.23 22:24:13 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{713f09aa-13ab-ce96-3c37-086c43d3794b}
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.01 15:04:15 | 000,000,808 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [QIP Internet Guardian] C:\Users\Tomáš\AppData\Roaming\QipGuard\QipGuard.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PSPdisp.lnk = C:\Program Files (x86)\PSPdisp\bin\app\PSPdisp.exe (JJS)
O4 - Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.05.02 09:45:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.05.01 14:49:59 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\DoctorWeb
[2010.05.01 14:45:47 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.05.01 13:02:49 | 000,050,688 | ---- | C] (Atribune.org) -- C:\ATF-Cleaner.exe
[2010.05.01 12:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hi jack
[2010.04.30 14:46:36 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\gothic3
[2010.04.30 08:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.04.29 14:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic III
[2010.04.28 18:17:11 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys
[2010.04.28 18:16:55 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.04.28 18:16:55 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010.04.27 17:54:11 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\BFBC2
[2010.04.27 15:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.04.27 15:00:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.04.26 18:26:09 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\4A Games
[2010.04.26 17:55:39 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\4A Games
[2010.04.26 17:53:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.04.24 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Sony
[2010.04.22 12:26:43 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\ElevatedDiagnostics
[2010.04.21 19:40:07 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\SH5
[2010.04.19 22:09:38 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Adobe
[2010.04.19 22:09:02 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\GHISLER
[2010.04.18 19:31:50 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Midway
[2010.04.18 18:59:16 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Mozilla
[2010.04.18 18:34:56 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Ahead
[2010.04.18 18:34:46 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Temp
[2010.04.18 18:34:46 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Microsoft
[2010.04.16 19:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010.04.16 19:30:32 | 004,915,831 | ---- | C] (Nadeo ) -- C:\TmNationsForever_Update_2010-03-15_Setup.exe
[2010.04.16 19:28:41 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\TrackMania
[2010.04.16 18:22:44 | 528,345,264 | ---- | C] (Nadeo ) -- C:\trackmania_nations_forever.exe
[2010.04.14 15:59:34 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.14 15:59:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 15:59:27 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.14 15:59:25 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.14 15:59:25 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.14 15:36:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 15:36:42 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 15:36:39 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 15:36:38 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.12 16:23:31 | 000,000,000 | ---D | C] -- C:\Matrix Reloaded
[2010.04.05 22:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.04.05 22:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.04.05 22:57:41 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.04.05 22:57:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.04.05 22:57:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.03.18 19:39:50 | 000,121,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[5 C:\Users\Tomáš\Documents\*.tmp files -> C:\Users\Tomáš\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.02 12:03:25 | 006,291,456 | -HS- | M] () -- C:\Users\Tomáš\ntuser.dat
[2010.05.02 12:03:05 | 1017,118,720 | ---- | M] () -- C:\rld-jc2.part1.rar.dap
[2010.05.02 09:53:57 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.02 09:53:57 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.02 09:51:47 | 001,506,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.05.02 09:51:47 | 000,643,506 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.05.02 09:51:47 | 000,627,726 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.05.02 09:51:47 | 000,127,478 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.05.02 09:51:47 | 000,111,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.05.02 09:46:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.02 09:46:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.02 09:46:43 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.02 00:28:57 | 001,801,108 | -H-- | M] () -- C:\Users\Tomáš\AppData\Local\IconCache.db
[2010.05.01 15:14:53 | 000,022,474 | ---- | M] () -- C:\Users\Tomáš\Desktop\Desktop.rar
[2010.05.01 15:04:15 | 000,000,808 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.05.01 14:45:53 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.05.01 13:21:04 | 000,410,190 | ---- | M] () -- C:\asd.jpg
[2010.05.01 13:02:51 | 000,050,688 | ---- | M] (Atribune.org) -- C:\ATF-Cleaner.exe
[2010.05.01 12:21:52 | 000,002,991 | ---- | M] () -- C:\Users\Tomáš\Desktop\HiJackThis.lnk
[2010.05.01 12:21:08 | 001,402,880 | ---- | M] () -- C:\HiJackThis.msi
[2010.04.30 08:35:44 | 018,499,623 | ---- | M] () -- C:\vlc-1.0.5-win32.exe
[2010.04.29 21:07:35 | 000,142,920 | ---- | M] () -- C:\Users\Tomáš\Documents\mov.veg
[2010.04.29 21:05:36 | 000,000,156 | ---- | M] () -- C:\Windows\Twunk001.MTX
[2010.04.29 21:05:36 | 000,000,004 | ---- | M] () -- C:\Windows\Twain001.Mtx
[2010.04.29 20:48:54 | 2850,328,016 | ---- | M] () -- C:\mov_huf2.avi
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.29 14:49:07 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2010.04.28 19:54:34 | 003,307,908 | ---- | M] () -- C:\stromae - alors on danse.mp3
[2010.04.27 15:06:01 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.04.25 19:59:18 | 000,142,920 | ---- | M] () -- C:\Users\Tomáš\Documents\mov.veg.bak
[2010.04.23 22:24:13 | 000,111,513 | ---- | M] () -- C:\Windows\SysWow64\mH--ID.exe
[2010.04.23 22:24:01 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\FLV Direct Player.lnk
[2010.04.23 22:23:21 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.04.22 14:44:31 | 000,001,039 | ---- | M] () -- C:\Users\Tomáš\Desktop\Silent Hunter 5.lnk
[2010.04.22 14:32:46 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.04.19 22:24:10 | 000,009,779 | -HS- | M] () -- C:\Folder.jpg
[2010.04.19 22:24:10 | 000,009,779 | -HS- | M] () -- C:\AlbumArt_{2EB80187-8C28-47BF-8DC7-A615F20D82E5}_Large.jpg
[2010.04.19 22:24:09 | 000,002,380 | -HS- | M] () -- C:\AlbumArtSmall.jpg
[2010.04.19 22:24:09 | 000,002,380 | -HS- | M] () -- C:\AlbumArt_{2EB80187-8C28-47BF-8DC7-A615F20D82E5}_Small.jpg
[2010.04.19 20:56:07 | 000,004,608 | ---- | M] () -- C:\Windows\SysWow64\BReWErS.dll
[2010.04.19 19:50:20 | 000,112,000 | ---- | M] () -- C:\Users\Tomáš\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.18 19:31:23 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\BlackSite Area 51.lnk
[2010.04.16 22:26:30 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.04.16 22:26:30 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.04.16 19:31:50 | 004,915,831 | ---- | M] (Nadeo ) -- C:\TmNationsForever_Update_2010-03-15_Setup.exe
[2010.04.16 19:28:14 | 528,345,264 | ---- | M] (Nadeo ) -- C:\trackmania_nations_forever.exe
[2010.04.16 19:28:04 | 000,000,725 | ---- | M] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2010.04.16 13:46:15 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.04.11 20:38:20 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.11 20:38:20 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.04 12:33:07 | 000,000,961 | ---- | M] () -- C:\Users\Tomáš\Desktop\cabal.lnk
[5 C:\Users\Tomáš\Documents\*.tmp files -> C:\Users\Tomáš\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.02 10:06:07 | 1017,118,720 | ---- | C] () -- C:\rld-jc2.part1.rar.dap
[2010.05.01 15:14:53 | 000,022,474 | ---- | C] () -- C:\Users\Tomáš\Desktop\Desktop.rar
[2010.05.01 12:21:52 | 000,002,991 | ---- | C] () -- C:\Users\Tomáš\Desktop\HiJackThis.lnk
[2010.05.01 12:20:56 | 001,402,880 | ---- | C] () -- C:\HiJackThis.msi
[2010.05.01 11:36:23 | 000,410,190 | ---- | C] () -- C:\asd.jpg
[2010.04.30 08:32:56 | 018,499,623 | ---- | C] () -- C:\vlc-1.0.5-win32.exe
[2010.04.29 20:47:38 | 2850,328,016 | ---- | C] () -- C:\mov_huf2.avi
[2010.04.29 14:49:07 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2010.04.27 15:00:35 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.04.25 19:32:31 | 003,307,908 | ---- | C] () -- C:\stromae - alors on danse.mp3
[2010.04.23 22:24:13 | 000,111,513 | ---- | C] () -- C:\Windows\SysWow64\mH--ID.exe
[2010.04.23 22:24:01 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\FLV Direct Player.lnk
[2010.04.23 22:23:21 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.04.22 14:44:03 | 000,001,039 | ---- | C] () -- C:\Users\Tomáš\Desktop\Silent Hunter 5.lnk
[2010.04.19 22:24:10 | 000,009,779 | -HS- | C] () -- C:\AlbumArt_{2EB80187-8C28-47BF-8DC7-A615F20D82E5}_Large.jpg
[2010.04.19 22:24:10 | 000,002,380 | -HS- | C] () -- C:\AlbumArt_{2EB80187-8C28-47BF-8DC7-A615F20D82E5}_Small.jpg
[2010.04.19 20:56:07 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\BReWErS.dll
[2010.04.18 19:31:23 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\BlackSite Area 51.lnk
[2010.04.16 22:26:30 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.04.16 22:26:30 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.04.16 19:28:04 | 000,000,725 | ---- | C] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2010.04.04 12:32:04 | 000,000,961 | ---- | C] () -- C:\Users\Tomáš\Desktop\cabal.lnk
[2010.03.28 20:44:51 | 000,000,028 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2010.03.18 22:20:18 | 000,000,077 | ---- | C] () -- C:\Windows\huffyuv.ini
[2010.03.18 21:59:43 | 000,000,071 | ---- | C] () -- C:\Windows\lagarith.ini
[2010.02.23 20:44:57 | 000,000,034 | ---- | C] () -- C:\Windows\DAP.INI
[2010.01.26 19:32:14 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.01.26 19:32:12 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.01.23 01:37:16 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.01.02 20:56:51 | 001,523,110 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.01.01 23:18:35 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.31 19:40:29 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.31 19:29:25 | 000,002,476 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2009.12.31 18:22:11 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.28 18:40:48 | 000,173,552 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[1999.07.29 10:27:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2010.05.01 13:02:51 | 000,050,688 | ---- | M] (Atribune.org) -- C:\ATF-Cleaner.exe
[2010.04.16 19:31:50 | 004,915,831 | ---- | M] (Nadeo ) -- C:\TmNationsForever_Update_2010-03-15_Setup.exe
[2010.04.16 19:28:14 | 528,345,264 | ---- | M] (Nadeo ) -- C:\trackmania_nations_forever.exe
[2010.04.30 08:35:44 | 018,499,623 | ---- | M] () -- C:\vlc-1.0.5-win32.exe

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
< End of report >

Příspěvekod **jaro3** » 02 kvě 2010 21:00

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..keyword.URL: "http://flvdirect.iamwired.net/websearch.php?src=tops&search="
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0

:Files

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

prosím o kontrolu Vyřešeno

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Kdo je online