Kontrola logu HiJackThis Vyřešeno

[sdsd]

ComboFix 10-03-14.01 - Mamulda 03/14/2010 19:52:22.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.685 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mamulda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mamulda\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\emptyregdb.dat"
"c:\windows\system32\ezsidmv.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mamulda\WINDOWS
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\emptyregdb.dat
c:\windows\system32\ezsidmv.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-14 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-14 16:08 . 2010-03-14 16:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-14 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 15:32 . 2010-03-14 15:32 -------- d-----w- c:\program files\Trend Micro
2010-03-10 19:08 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-08 17:44 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system\wing.dll
2010-03-08 17:43 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system32\wing.dll
2010-03-08 17:43 . 1994-09-20 23:00 6736 ----a-w- c:\windows\system32\wingdib.drv
2010-03-08 17:43 . 1994-08-23 23:00 188960 ----a-w- c:\windows\system32\wingde.dll
2010-03-08 17:43 . 2010-03-08 17:43 -------- d-----w- c:\program files\YDP
2010-03-08 17:34 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system\wing32.dll
2010-03-08 17:23 . 2010-03-08 17:33 -------- d-----w- c:\program files\Virtuální škola
2010-03-08 17:23 . 2010-03-08 17:23 -------- d-----w- c:\program files\Common Files\GraphBoard 1.00
2010-03-08 17:23 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system32\wing32.dll
2010-03-08 17:22 . 1996-11-05 15:13 299008 ----a-w- c:\windows\uninst.exe
2010-02-23 14:28 . 2010-02-23 14:29 -------- d-----w- c:\program files\Yahoo!
2010-02-22 18:39 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-22 18:39 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-02-14 21:22 . 2010-02-14 21:22 -------- d-----w- c:\program files\SweetIM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 10:13 . 2010-02-01 15:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-10 21:17 . 2010-02-01 20:58 -------- d-----w- c:\program files\ICQ7.0
2010-02-11 18:53 . 2010-02-01 19:55 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2010-02-01 19:55 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Common Files\Logitech
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Logitech
2010-02-11 18:42 . 2010-02-01 19:55 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2010-02-01 19:55 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2010-02-01 19:55 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2010-02-01 19:55 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2010-02-01 19:55 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2010-02-01 19:55 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2010-02-01 19:55 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-09 10:34 . 2001-10-25 14:00 79040 ----a-w- c:\windows\system32\perfc005.dat
2010-02-09 10:34 . 2001-10-25 14:00 431998 ----a-w- c:\windows\system32\perfh005.dat
2010-02-09 06:15 . 2010-02-04 19:30 -------- d-----w- c:\program files\The KMPlayer
2010-02-08 13:04 . 2010-02-08 12:59 -------- d-----w- c:\program files\Liquidator
2010-02-08 13:04 . 2010-02-08 13:04 770048 ----a-w- c:\windows\TMUninst.exe
2010-02-04 19:43 . 2010-02-04 19:43 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-04 19:43 . 2010-02-04 19:43 -------- d-----w- c:\program files\DVDFab 6
2010-02-04 19:42 . 2010-02-04 19:42 -------- d-----w- c:\program files\DsNET Corp
2010-02-04 19:34 . 2010-02-04 19:34 -------- d-----w- c:\program files\Microsoft.NET
2010-02-01 20:52 . 2010-02-01 20:52 -------- d-----w- c:\program files\VoipCheapCom.com
2010-02-01 20:04 . 2010-02-01 20:03 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-01 20:04 . 2010-02-01 20:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-01 19:55 . 2010-02-01 19:54 -------- d-----r- c:\program files\Skype
2010-02-01 19:55 . 2010-02-01 19:55 -------- d-----w- c:\program files\Alwil Software
2010-02-01 19:54 . 2010-02-01 19:54 -------- d-----w- c:\program files\Common Files\Skype
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\MSBuild
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\Reference Assemblies
2010-02-01 19:32 . 2010-02-01 19:32 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-01 19:27 . 2010-02-01 19:27 -------- d-----w- c:\program files\Realtek AC97
2010-02-01 19:08 . 2010-02-01 09:39 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-01 18:45 . 2010-02-01 18:45 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-01 18:42 . 2010-02-01 18:40 -------- d-----w- c:\program files\ATI Technologies
2010-02-01 18:40 . 2010-02-01 15:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-01 18:02 . 2010-02-01 15:56 -------- d-----w- c:\program files\AvRack
2010-02-01 16:09 . 2010-02-01 16:09 0 ----a-w- c:\windows\nsreg.dat
2010-02-01 15:56 . 2010-02-01 15:56 -------- d-----w- c:\program files\Realtek Sound Manager
2010-02-01 09:40 . 2010-02-01 09:40 -------- d-----w- c:\program files\microsoft frontpage
2010-01-05 09:58 . 2004-08-17 14:49 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 14:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-17 14:49 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2004-08-03 22:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2010-02-01 09:36 343552 ----a-w- c:\windows\system32\mspaint.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"VoipCheapCom"="c:\program files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" [2009-11-10 9275704]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipCheapCom.com\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\CrossLoopConnect.exe"=
"d:\\hry\\Left 4 Dead\\left4dead.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/1/2010 8:55 PM 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/1/2010 8:55 PM 19024]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2/1/2010 9:04 PM 691696]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 19:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-03-14 19:59:20
ComboFix-quarantined-files.txt 2010-03-14 18:59
ComboFix2.txt 2010-03-14 16:52

Před spuštěním: Volných bajtů: 10,448,695,296
Po spuštění: Volných bajtů: 10,413,244,416

- - End Of File - - 55DE516830B0D34F0504B0A5C255F1B4

[Reklama]

[sdsd]

ComboFix 10-03-14.01 - Mamulda 03/14/2010 19:52:22.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.685 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mamulda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mamulda\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\emptyregdb.dat"
"c:\windows\system32\ezsidmv.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mamulda\WINDOWS
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\emptyregdb.dat
c:\windows\system32\ezsidmv.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-14 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-14 16:08 . 2010-03-14 16:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-14 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 15:32 . 2010-03-14 15:32 -------- d-----w- c:\program files\Trend Micro
2010-03-10 19:08 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-08 17:44 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system\wing.dll
2010-03-08 17:43 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system32\wing.dll
2010-03-08 17:43 . 1994-09-20 23:00 6736 ----a-w- c:\windows\system32\wingdib.drv
2010-03-08 17:43 . 1994-08-23 23:00 188960 ----a-w- c:\windows\system32\wingde.dll
2010-03-08 17:43 . 2010-03-08 17:43 -------- d-----w- c:\program files\YDP
2010-03-08 17:34 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system\wing32.dll
2010-03-08 17:23 . 2010-03-08 17:33 -------- d-----w- c:\program files\Virtuální škola
2010-03-08 17:23 . 2010-03-08 17:23 -------- d-----w- c:\program files\Common Files\GraphBoard 1.00
2010-03-08 17:23 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system32\wing32.dll
2010-03-08 17:22 . 1996-11-05 15:13 299008 ----a-w- c:\windows\uninst.exe
2010-02-23 14:28 . 2010-02-23 14:29 -------- d-----w- c:\program files\Yahoo!
2010-02-22 18:39 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-22 18:39 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-02-14 21:22 . 2010-02-14 21:22 -------- d-----w- c:\program files\SweetIM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 10:13 . 2010-02-01 15:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-10 21:17 . 2010-02-01 20:58 -------- d-----w- c:\program files\ICQ7.0
2010-02-11 18:53 . 2010-02-01 19:55 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2010-02-01 19:55 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Common Files\Logitech
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Logitech
2010-02-11 18:42 . 2010-02-01 19:55 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2010-02-01 19:55 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2010-02-01 19:55 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2010-02-01 19:55 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2010-02-01 19:55 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2010-02-01 19:55 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2010-02-01 19:55 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-09 10:34 . 2001-10-25 14:00 79040 ----a-w- c:\windows\system32\perfc005.dat
2010-02-09 10:34 . 2001-10-25 14:00 431998 ----a-w- c:\windows\system32\perfh005.dat
2010-02-09 06:15 . 2010-02-04 19:30 -------- d-----w- c:\program files\The KMPlayer
2010-02-08 13:04 . 2010-02-08 12:59 -------- d-----w- c:\program files\Liquidator
2010-02-08 13:04 . 2010-02-08 13:04 770048 ----a-w- c:\windows\TMUninst.exe
2010-02-04 19:43 . 2010-02-04 19:43 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-04 19:43 . 2010-02-04 19:43 -------- d-----w- c:\program files\DVDFab 6
2010-02-04 19:42 . 2010-02-04 19:42 -------- d-----w- c:\program files\DsNET Corp
2010-02-04 19:34 . 2010-02-04 19:34 -------- d-----w- c:\program files\Microsoft.NET
2010-02-01 20:52 . 2010-02-01 20:52 -------- d-----w- c:\program files\VoipCheapCom.com
2010-02-01 20:04 . 2010-02-01 20:03 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-01 20:04 . 2010-02-01 20:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-01 19:55 . 2010-02-01 19:54 -------- d-----r- c:\program files\Skype
2010-02-01 19:55 . 2010-02-01 19:55 -------- d-----w- c:\program files\Alwil Software
2010-02-01 19:54 . 2010-02-01 19:54 -------- d-----w- c:\program files\Common Files\Skype
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\MSBuild
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\Reference Assemblies
2010-02-01 19:32 . 2010-02-01 19:32 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-01 19:27 . 2010-02-01 19:27 -------- d-----w- c:\program files\Realtek AC97
2010-02-01 19:08 . 2010-02-01 09:39 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-01 18:45 . 2010-02-01 18:45 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-01 18:42 . 2010-02-01 18:40 -------- d-----w- c:\program files\ATI Technologies
2010-02-01 18:40 . 2010-02-01 15:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-01 18:02 . 2010-02-01 15:56 -------- d-----w- c:\program files\AvRack
2010-02-01 16:09 . 2010-02-01 16:09 0 ----a-w- c:\windows\nsreg.dat
2010-02-01 15:56 . 2010-02-01 15:56 -------- d-----w- c:\program files\Realtek Sound Manager
2010-02-01 09:40 . 2010-02-01 09:40 -------- d-----w- c:\program files\microsoft frontpage
2010-01-05 09:58 . 2004-08-17 14:49 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 14:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-17 14:49 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2004-08-03 22:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2010-02-01 09:36 343552 ----a-w- c:\windows\system32\mspaint.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"VoipCheapCom"="c:\program files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" [2009-11-10 9275704]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipCheapCom.com\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\CrossLoopConnect.exe"=
"d:\\hry\\Left 4 Dead\\left4dead.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/1/2010 8:55 PM 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/1/2010 8:55 PM 19024]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2/1/2010 9:04 PM 691696]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 19:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-03-14 19:59:20
ComboFix-quarantined-files.txt 2010-03-14 18:59
ComboFix2.txt 2010-03-14 16:52

Před spuštěním: Volných bajtů: 10,448,695,296
Po spuštění: Volných bajtů: 10,413,244,416

- - End Of File - - 55DE516830B0D34F0504B0A5C255F1B4

[sdsd]

ComboFix 10-03-14.01 - Mamulda 03/14/2010 19:52:22.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.685 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mamulda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mamulda\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\emptyregdb.dat"
"c:\windows\system32\ezsidmv.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mamulda\WINDOWS
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\emptyregdb.dat
c:\windows\system32\ezsidmv.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.

2010-03-14 16:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-14 16:08 . 2010-03-14 16:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-14 16:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-14 15:32 . 2010-03-14 15:32 -------- d-----w- c:\program files\Trend Micro
2010-03-10 19:08 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-08 17:44 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system\wing.dll
2010-03-08 17:43 . 1994-12-05 23:00 92208 ----a-w- c:\windows\system32\wing.dll
2010-03-08 17:43 . 1994-09-20 23:00 6736 ----a-w- c:\windows\system32\wingdib.drv
2010-03-08 17:43 . 1994-08-23 23:00 188960 ----a-w- c:\windows\system32\wingde.dll
2010-03-08 17:43 . 2010-03-08 17:43 -------- d-----w- c:\program files\YDP
2010-03-08 17:34 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system\wing32.dll
2010-03-08 17:23 . 2010-03-08 17:33 -------- d-----w- c:\program files\Virtuální škola
2010-03-08 17:23 . 2010-03-08 17:23 -------- d-----w- c:\program files\Common Files\GraphBoard 1.00
2010-03-08 17:23 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system32\wing32.dll
2010-03-08 17:22 . 1996-11-05 15:13 299008 ----a-w- c:\windows\uninst.exe
2010-02-23 14:28 . 2010-02-23 14:29 -------- d-----w- c:\program files\Yahoo!
2010-02-22 18:39 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-22 18:39 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-02-18 13:55 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-02-14 21:22 . 2010-02-14 21:22 -------- d-----w- c:\program files\SweetIM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 10:13 . 2010-02-01 15:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-10 21:17 . 2010-02-01 20:58 -------- d-----w- c:\program files\ICQ7.0
2010-02-11 18:53 . 2010-02-01 19:55 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2010-02-01 19:55 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Common Files\Logitech
2010-02-11 18:44 . 2010-02-11 18:44 -------- d-----w- c:\program files\Logitech
2010-02-11 18:42 . 2010-02-01 19:55 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2010-02-01 19:55 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2010-02-01 19:55 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2010-02-01 19:55 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2010-02-01 19:55 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2010-02-01 19:55 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2010-02-01 19:55 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-09 10:34 . 2001-10-25 14:00 79040 ----a-w- c:\windows\system32\perfc005.dat
2010-02-09 10:34 . 2001-10-25 14:00 431998 ----a-w- c:\windows\system32\perfh005.dat
2010-02-09 06:15 . 2010-02-04 19:30 -------- d-----w- c:\program files\The KMPlayer
2010-02-08 13:04 . 2010-02-08 12:59 -------- d-----w- c:\program files\Liquidator
2010-02-08 13:04 . 2010-02-08 13:04 770048 ----a-w- c:\windows\TMUninst.exe
2010-02-04 19:43 . 2010-02-04 19:43 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-04 19:43 . 2010-02-04 19:43 -------- d-----w- c:\program files\DVDFab 6
2010-02-04 19:42 . 2010-02-04 19:42 -------- d-----w- c:\program files\DsNET Corp
2010-02-04 19:34 . 2010-02-04 19:34 -------- d-----w- c:\program files\Microsoft.NET
2010-02-01 20:52 . 2010-02-01 20:52 -------- d-----w- c:\program files\VoipCheapCom.com
2010-02-01 20:04 . 2010-02-01 20:03 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-01 20:04 . 2010-02-01 20:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-01 19:55 . 2010-02-01 19:54 -------- d-----r- c:\program files\Skype
2010-02-01 19:55 . 2010-02-01 19:55 -------- d-----w- c:\program files\Alwil Software
2010-02-01 19:54 . 2010-02-01 19:54 -------- d-----w- c:\program files\Common Files\Skype
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\MSBuild
2010-02-01 19:40 . 2010-02-01 19:40 -------- d-----w- c:\program files\Reference Assemblies
2010-02-01 19:32 . 2010-02-01 19:32 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-01 19:27 . 2010-02-01 19:27 -------- d-----w- c:\program files\Realtek AC97
2010-02-01 19:08 . 2010-02-01 09:39 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-01 18:45 . 2010-02-01 18:45 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-01 18:42 . 2010-02-01 18:40 -------- d-----w- c:\program files\ATI Technologies
2010-02-01 18:40 . 2010-02-01 15:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-01 18:02 . 2010-02-01 15:56 -------- d-----w- c:\program files\AvRack
2010-02-01 16:09 . 2010-02-01 16:09 0 ----a-w- c:\windows\nsreg.dat
2010-02-01 15:56 . 2010-02-01 15:56 -------- d-----w- c:\program files\Realtek Sound Manager
2010-02-01 09:40 . 2010-02-01 09:40 -------- d-----w- c:\program files\microsoft frontpage
2010-01-05 09:58 . 2004-08-17 14:49 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 14:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-17 14:49 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2004-08-03 22:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2010-02-01 09:36 343552 ----a-w- c:\windows\system32\mspaint.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"VoipCheapCom"="c:\program files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" [2009-11-10 9275704]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipCheapCom.com\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Mamulda\\Local Settings\\Data aplikací\\CrossLoop\\CrossLoopConnect.exe"=
"d:\\hry\\Left 4 Dead\\left4dead.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/1/2010 8:55 PM 162512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/1/2010 8:55 PM 19024]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2/1/2010 9:04 PM 691696]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 19:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-03-14 19:59:20
ComboFix-quarantined-files.txt 2010-03-14 18:59
ComboFix2.txt 2010-03-14 16:52

Před spuštěním: Volných bajtů: 10,448,695,296
Po spuštění: Volných bajtů: 10,413,244,416

- - End Of File - - 55DE516830B0D34F0504B0A5C255F1B4



to by mel být on

[sdsd]

Omlouvam se že sem to vložil tolikrat :)

[Damned]

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[sdsd]

Prosímtě co je OTL????

[Damned]

Eh, omlouvám se: Vypadl mi řádek.

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[sdsd]

Extras.TXT :


OTL Extras logfile created on: 3/14/2010 9:07:22 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Mamulda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: Spojené státy | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 695.00 Mb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 9.78 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive D: | 56.79 Gb Total Space | 2.84 Gb Free Space | 4.99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TEREZKA
Current User Name: Mamulda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5910:TCP" = 5910:TCP:*:Enabled:vnc5910

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe" = C:\Program Files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe:*:Enabled:VoipCheapCom -- (VoipCheapCom)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\CrossLoop\vncviewer.exe" = C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
"C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe" = C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing -- (CrossLoop)
"D:\hry\Left 4 Dead\left4dead.exe" = D:\hry\Left 4 Dead\left4dead.exe:*:Disabled:left4dead -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch
"{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek
"{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish
"{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean
"{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility
"{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese
"{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese
"{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All
"{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French
"{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static
"{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light
"{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish
"{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German
"{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall
"{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins
"{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish
"{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish
"{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian
"{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common
"{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian
"{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New
"{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"CrossLoop_is1" = CrossLoop 2.70
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Lingua Land" = Lingua Land
"Liquidator" = Liquidator
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5." = Mozilla Firefox (3.5.
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"QcDrv" = ##CAMERADRIVERNAME##
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Virtuální škola" = Virtuální škola
"VoipCheapCom_is1" = VoipCheapCom
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/13/2010 6:55:53 AM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 3:23:57 AM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 5:52:45 AM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 12:06:24 PM | Computer Name = TEREZKA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 7.0.6000.16981, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x02210fd0.

Error - 3/14/2010 12:06:29 PM | Computer Name = TEREZKA | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 3/14/2010 12:07:15 PM | Computer Name = TEREZKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 7.0.6000.16981, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 3/14/2010 12:41:26 PM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 12:55:45 PM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 12:57:57 PM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 3/14/2010 1:01:13 PM | Computer Name = TEREZKA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ System Events ]
Error - 3/4/2010 11:07:43 AM | Computer Name = TEREZKA | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 0000001d, parametr2 00000002, parametr3
00000000, parametr4 804f783b.

Error - 3/11/2010 3:04:47 PM | Computer Name = TEREZKA | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{EDDCF968-A139-4954-8D5E-676D58E33193},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 3/14/2010 12:41:12 PM | Computer Name = TEREZKA | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.



< End of report >





OTL.TXT :


OTL logfile created on: 3/14/2010 9:07:22 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Documents and Settings\Mamulda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: Spojené státy | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 695.00 Mb Available Physical Memory | 68.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 9.78 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive D: | 56.79 Gb Total Space | 2.84 Gb Free Space | 4.99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TEREZKA
Current User Name: Mamulda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Mamulda\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\Video\FxSvr2.exe (Logitech Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Mamulda\Plocha\OTL.exe (OldTimer Tools)


========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)


========== Driver Services (SafeList) ==========

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/02/03 10:37:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/21 16:12:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 21:52:12 | 000,000,000 | ---D | M]

[2010/02/01 17:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Extensions
[2010/02/01 17:09:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/03/13 21:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\extensions
[2010/02/03 10:49:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/14 22:22:13 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2008/03/31 12:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.gif
[2008/03/31 12:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.src
[2010/03/09 21:01:24 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.xml
[2010/02/14 22:22:09 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\sweetim.xml
[2010/03/14 20:40:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/01 21:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/02/18 21:52:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/02/01 20:55:23 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010/02/18 21:52:05 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/02/18 21:52:05 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/02/18 21:52:08 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003/07/15 06:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/12/22 04:24:43 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/12/22 04:24:43 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009/12/22 04:24:43 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009/12/22 04:24:43 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009/12/22 04:24:43 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009/12/22 04:24:43 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001/10/25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [VoipCheapCom] C:\Program Files\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe (VoipCheapCom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5048586250 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.109.255.34 10.109.255.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/14 21:06:08 | 000,555,008 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mamulda\Plocha\OTL.exe
[2010/03/14 19:59:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/14 17:45:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/14 17:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mamulda\Data aplikací\Malwarebytes
[2010/03/14 17:08:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/14 17:08:37 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/14 17:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/14 17:08:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010/03/14 16:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/13 22:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mamulda\Plocha\Heroes 3
[2010/03/10 20:08:43 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/08 18:44:44 | 000,092,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\wing.dll
[2010/03/08 18:43:58 | 000,188,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wingde.dll
[2010/03/08 18:43:58 | 000,092,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wing.dll
[2010/03/08 18:43:58 | 000,055,296 | ---- | C] (Media Architects, Inc.) -- C:\WINDOWS\System32\Video32.ocx
[2010/03/08 18:43:58 | 000,006,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wingdib.drv
[2010/03/08 18:43:58 | 000,005,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Wingpal.wnd
[2010/03/08 18:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\YDP
[2010/03/08 18:34:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\wing32.dll
[2010/03/08 18:23:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wing32.dll
[2010/03/08 18:23:07 | 000,000,000 | ---D | C] -- C:\Program Files\Virtuální škola
[2010/03/08 18:23:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GraphBoard 1.00
[2010/03/08 18:22:59 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2010/03/04 14:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
[2010/03/03 18:00:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/02/04 20:43:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Mamulda\Data aplikací\pcouffin.sys
[2010/02/01 20:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2010/02/01 10:45:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2010/02/01 10:45:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010/02/01 10:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/14 21:05:40 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamulda\Plocha\OTL.exe
[2010/03/14 20:36:18 | 000,210,432 | ---- | M] () -- C:\Documents and Settings\Mamulda\Plocha\T-Cleaner.exe
[2010/03/14 19:59:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/14 19:56:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/14 19:49:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/14 19:49:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/14 19:49:02 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/14 19:48:18 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Mamulda\NTUSER.DAT
[2010/03/14 19:48:18 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Mamulda\ntuser.ini
[2010/03/14 19:48:14 | 004,263,574 | -H-- | M] () -- C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\IconCache.db
[2010/03/14 17:46:00 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/14 17:08:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010/03/14 16:32:23 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Mamulda\Plocha\HijackThis.lnk
[2010/03/13 10:13:41 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010/03/10 21:11:24 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/08 18:44:50 | 000,000,251 | ---- | M] () -- C:\WINDOWS\Lingua.ini
[2010/03/08 18:33:51 | 000,000,243 | ---- | M] () -- C:\WINDOWS\VSMath.INI
[2010/03/08 18:23:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PROTOCOL.INI
[2010/03/04 20:37:33 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\Mamulda\Plocha\Heroes III In the Wake of Gods.lnk
[2010/03/01 20:07:28 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/14 20:37:24 | 000,210,432 | ---- | C] () -- C:\Documents and Settings\Mamulda\Plocha\T-Cleaner.exe
[2010/03/14 17:46:00 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/14 17:45:56 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010/03/14 17:08:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010/03/14 16:32:23 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Mamulda\Plocha\HijackThis.lnk
[2010/03/08 18:44:11 | 000,000,251 | ---- | C] () -- C:\WINDOWS\Lingua.ini
[2010/03/08 18:23:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2010/03/08 18:23:07 | 000,000,243 | ---- | C] () -- C:\WINDOWS\VSMath.INI
[2010/03/04 20:16:38 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\Mamulda\Plocha\Heroes III In the Wake of Gods.lnk
[2010/03/04 15:10:20 | 000,088,606 | ---- | C] () -- C:\Documents and Settings\Mamulda\Plocha\left4dead.exe
[2010/02/11 19:45:00 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/02/04 20:43:54 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Mamulda\Data aplikací\pcouffin.log
[2010/02/04 20:43:48 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Mamulda\Data aplikací\inst.exe
[2010/02/04 20:43:48 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Mamulda\Data aplikací\pcouffin.cat
[2010/02/04 20:43:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Mamulda\Data aplikací\pcouffin.inf
[2010/02/04 20:37:39 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/01 21:53:48 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Mamulda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/01 17:04:02 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010/02/01 16:56:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2003/04/09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/02/01 20:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010/02/02 16:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bubblistik
[2010/02/01 21:03:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010/02/01 21:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010/02/14 22:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010/02/02 10:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\DAEMON Tools Lite
[2010/02/04 20:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\Desktopicon
[2010/02/01 21:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\GHISLER
[2010/03/14 17:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\ICQ
[2010/02/03 18:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\VoipCheapCom
[2010/02/04 20:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamulda\Data aplikací\Vso

========== Purity Check ==========


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
[2008/03/31 12:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.gif
[2008/03/31 12:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.src
[2010/03/09 21:01:24 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.xml
[2010/02/14 22:22:09 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\sweetim.xml


:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[sdsd]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from browser.search.defaulturl
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL
Prefs.js: "ICQ Search" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Mamulda\Data aplikací\Mozilla\Firefox\Profiles\vpk9r513.default\searchplugins\sweetim.xml moved successfully.
========== FILES ==========
C:\WINDOWS\002662_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\RECYCLER\S-1-5-21-507921405-1580818891-1417001333-1003 folder moved successfully.
C:\RECYCLER folder moved successfully.
File\Folder C:\$RECYCLE.BIN not found.
File\Folder C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat not found.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Mamulda
->Temp folder emptied: 13563544 bytes
->Temporary Internet Files folder emptied: 164203 bytes
->FireFox cache emptied: 89270485 bytes
->Flash cache emptied: 109295 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 505 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 98.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Mamulda
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.1.37.1 log created on 03152010_185236

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Damned]

Měl by si to mít již OK.

Smaž složku C:\_OTL


Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.



Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.