Děkuji za kontrolu logu

[timtom]

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/ ... dtoolx.cab (IGDTester Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.17 19:33:12 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\obchod zahraničí
[2010.10.17 17:22:42 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.10.17 14:32:18 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\oprava Acer+ BSOD
[2010.10.15 19:07:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.10.15 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\temp
[2010.10.15 19:05:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.10.12 22:35:36 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.12 22:35:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.12 22:35:20 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.12 22:35:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.12 22:35:18 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.12 22:35:16 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.12 22:35:15 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.12 22:35:14 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.12 22:35:08 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.12 22:35:06 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.12 22:35:06 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.10.12 22:35:06 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.12 22:35:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.10.12 21:58:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.10.11 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\DoctorWeb
[2010.10.11 20:25:47 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Roaming\MxBoost
[2010.10.10 13:00:24 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\fotky vzory rámečky
[2010.10.03 20:38:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.10.03 12:55:36 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\XPERIA
[2010.10.03 12:55:08 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\CENOVKY
[2010.10.02 21:42:04 | 000,063,912 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\sef3x1ci.dll
[2010.10.02 21:42:04 | 000,028,608 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\sef3x1.sys
[2010.10.02 19:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2010.09.29 09:05:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.27 00:16:31 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\US2
[2010.09.26 23:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive
[2009.07.17 22:11:05 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Tomáš\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.10.17 21:27:24 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.17 21:27:24 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.17 17:22:53 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.10.17 11:29:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.10.17 11:27:01 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2010.10.17 01:41:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.10.16 23:32:44 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010.10.16 13:17:34 | 000,055,808 | ---- | M] () -- C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.15 19:00:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.10.13 21:06:23 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.10.13 21:06:23 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.13 21:06:23 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.10.13 21:06:23 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.10.13 19:38:42 | 000,420,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.11 20:50:56 | 000,000,186 | ---- | M] () -- C:\Users\Tomáš\Desktop\HiJackThis.url
[2010.10.11 19:18:28 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.11 19:18:28 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.10 22:26:11 | 000,002,609 | ---- | M] () -- C:\Users\Tomáš\Desktop\Kooperativa.rtf
[2010.10.10 13:16:59 | 000,040,960 | -H-- | M] () -- C:\Users\Tomáš\Desktop\photothumb.db
[2010.10.10 12:49:48 | 000,002,145 | ---- | M] () -- C:\Users\Tomáš\Desktop\Dokument.rtf
[2010.10.09 16:24:18 | 730,996,736 | ---- | M] () -- C:\Users\Tomáš\houbicky super film cz dabing.avi
[2010.10.09 16:22:37 | 734,017,536 | ---- | M] () -- C:\Users\Tomáš\ve-stinu-beethovena-cz-2006.avi
[2010.10.08 22:41:22 | 000,000,198 | ---- | M] () -- C:\Users\Tomáš\Desktop\VIPFile - Hledání Ve stinu Beethovena.url
[2010.10.08 21:49:02 | 000,000,201 | ---- | M] () -- C:\Users\Tomáš\Desktop\Diane Kruger nude pics.url
[2010.10.04 22:13:33 | 907,533,406 | ---- | M] () -- C:\Users\Tomáš\Proklety.ostrov.2010.DVDRip.CZ.by_pablos33_of_PowerUploaders.avi
[2010.10.04 22:13:21 | 716,383,188 | ---- | M] () -- C:\Users\Tomáš\Lovci pokladu 1 (cz) National Treasure 2004.avi
[2010.10.04 00:05:40 | 739,529,946 | ---- | M] () -- C:\Users\Tomáš\Lovci pokladu - Kniha tajemství CZ dabing Vynikající kvalita.avi
[2010.10.03 14:14:01 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010.10.02 21:42:04 | 000,063,912 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\sef3x1ci.dll
[2010.10.02 21:42:04 | 000,028,608 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\sef3x1.sys
[2010.10.02 19:46:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.09.23 22:56:22 | 002,083,140 | ---- | M] () -- C:\Users\Tomáš\13th warrior soundtrack - the sword maker.mp3
[2010.09.23 22:38:14 | 000,000,189 | ---- | M] () -- C:\Users\Tomáš\Desktop\Camtasia Studio 7 download - Slunečnice.cz - programy ke stažení zdarma.url
[2010.09.21 22:02:01 | 000,000,217 | ---- | M] () -- C:\Users\Tomáš\Desktop\Atlas patologie pro studenty medicíny.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.10.17 12:39:40 | 000,024,576 | ---- | C] () -- C:\Users\Tomáš\Desktop\memtest.exe
[2010.10.16 23:32:44 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\SmartDefrag.job
[2010.10.12 23:55:05 | 000,007,140 | ---- | C] () -- C:\Users\Tomáš\Report.log
[2010.10.11 20:50:55 | 000,000,186 | ---- | C] () -- C:\Users\Tomáš\Desktop\HiJackThis.url
[2010.10.10 22:26:11 | 000,002,609 | ---- | C] () -- C:\Users\Tomáš\Desktop\Kooperativa.rtf
[2010.10.09 16:24:01 | 730,996,736 | ---- | C] () -- C:\Users\Tomáš\houbicky super film cz dabing.avi
[2010.10.09 16:22:23 | 734,017,536 | ---- | C] () -- C:\Users\Tomáš\ve-stinu-beethovena-cz-2006.avi
[2010.10.08 22:41:22 | 000,000,198 | ---- | C] () -- C:\Users\Tomáš\Desktop\VIPFile - Hledání Ve stinu Beethovena.url
[2010.10.08 21:49:01 | 000,000,201 | ---- | C] () -- C:\Users\Tomáš\Desktop\Diane Kruger nude pics.url
[2010.10.04 00:05:23 | 739,529,946 | ---- | C] () -- C:\Users\Tomáš\Lovci pokladu - Kniha tajemství CZ dabing Vynikající kvalita.avi
[2010.10.03 21:43:21 | 907,533,406 | ---- | C] () -- C:\Users\Tomáš\Proklety.ostrov.2010.DVDRip.CZ.by_pablos33_of_PowerUploaders.avi
[2010.10.03 21:40:25 | 716,383,188 | ---- | C] () -- C:\Users\Tomáš\Lovci pokladu 1 (cz) National Treasure 2004.avi
[2010.10.02 19:46:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.09.23 22:56:13 | 002,083,140 | ---- | C] () -- C:\Users\Tomáš\13th warrior soundtrack - the sword maker.mp3
[2010.09.23 22:38:14 | 000,000,189 | ---- | C] () -- C:\Users\Tomáš\Desktop\Camtasia Studio 7 download - Slunečnice.cz - programy ke stažení zdarma.url
[2010.09.23 21:48:50 | 000,002,145 | ---- | C] () -- C:\Users\Tomáš\Desktop\Dokument.rtf
[2010.09.21 22:02:01 | 000,000,217 | ---- | C] () -- C:\Users\Tomáš\Desktop\Atlas patologie pro studenty medicíny.url
[2010.09.07 19:06:03 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.08.07 21:59:29 | 000,000,068 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2010.05.23 00:31:21 | 000,000,910 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010.05.13 23:46:36 | 000,268,912 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2010.03.17 15:46:21 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.03.14 23:10:20 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010.03.12 22:22:42 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.03.04 20:37:43 | 002,392,064 | ---- | C] () -- C:\Windows\System32\videotrans.dll
[2010.03.04 20:37:43 | 000,215,040 | ---- | C] () -- C:\Windows\System32\videoformat.dll
[2010.03.04 20:37:42 | 000,061,440 | ---- | C] () -- C:\Windows\System32\imgscaler.dll
[2010.03.04 20:37:42 | 000,022,016 | ---- | C] () -- C:\Windows\System32\img_utils.dll
[2010.03.04 20:37:42 | 000,017,920 | ---- | C] () -- C:\Windows\System32\videocore.dll
[2010.03.04 20:37:35 | 000,128,512 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2009.12.30 22:11:11 | 000,027,167 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\NMM-MetaData.db
[2009.10.29 14:00:43 | 000,240,640 | ---- | C] () -- C:\Windows\System32\Nmocod.dll
[2009.10.23 00:12:48 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.10.23 00:12:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.10.23 00:12:45 | 000,217,088 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.10.23 00:12:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.10.23 00:12:44 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.10.23 00:12:42 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.09.11 16:11:52 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.09.11 16:11:51 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009.09.11 16:11:51 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2009.09.11 16:11:51 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2009.08.30 00:49:12 | 000,000,056 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2009.08.09 21:06:41 | 000,000,080 | RHS- | C] () -- C:\Windows\System32\1CFD0C990E.dll
[2009.07.18 16:46:10 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.07.17 22:12:26 | 000,001,057 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\vso_ts_preview.xml
[2009.07.17 22:11:05 | 000,087,608 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\inst.exe
[2009.07.17 22:11:05 | 000,007,887 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\pcouffin.cat
[2009.07.17 22:11:05 | 000,001,144 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\pcouffin.inf
[2009.07.17 21:16:29 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009.07.17 21:16:29 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009.07.17 21:16:29 | 000,262,144 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009.07.17 21:16:29 | 000,112,640 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009.07.11 14:14:53 | 000,000,022 | ---- | C] () -- C:\Windows\System32\sysdate64.ini
[2009.07.01 20:28:00 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.29 21:32:31 | 000,000,004 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\wklnhst.dat
[2009.03.17 16:36:41 | 000,004,134 | ---- | C] () -- C:\Windows\System32\drivers\FlyPCI.sys
[2009.03.16 20:44:13 | 000,100,560 | ---- | C] () -- C:\Windows\System32\drivers\VBoxDrv.sys
[2009.03.13 03:06:58 | 000,001,657 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2009.02.15 17:33:35 | 000,000,074 | ---- | C] () -- C:\Windows\DosHlpLnk.ini
[2009.02.15 17:33:27 | 000,002,745 | ---- | C] () -- C:\Windows\LottoBuster.ini
[2009.01.24 19:33:30 | 000,138,624 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.01.20 22:29:45 | 000,001,277 | ---- | C] () -- C:\Windows\ARPR.INI
[2009.01.13 16:13:14 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008.12.29 03:48:58 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\giveio.sys
[2008.12.28 02:58:07 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.12.28 02:58:07 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.11.13 22:25:48 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.11.12 23:57:41 | 000,000,225 | ---- | C] () -- C:\Windows\wininit.ini
[2008.11.10 19:42:18 | 000,000,050 | ---- | C] () -- C:\Windows\winzipme.ini
[2008.11.09 03:22:59 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini
[2008.11.09 03:22:59 | 000,000,018 | ---- | C] () -- C:\Windows\usdthank.ini
[2008.10.09 22:40:40 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.09.09 22:34:16 | 000,055,808 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.07 14:26:31 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
[2008.09.07 14:22:14 | 000,000,809 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2008.05.23 10:53:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.05.23 02:37:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.23 02:37:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.23 01:45:22 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.05.23 01:37:31 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.01.21 04:24:13 | 000,023,775 | ---- | C] () -- C:\Windows\System32\aaleas.dll
[2008.01.21 04:24:13 | 000,000,240 | ---- | C] () -- C:\Windows\System32\ctd4.sys
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2006.11.02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.09 10:18:10 | 000,036,992 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys
[2006.10.09 10:18:10 | 000,034,048 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter.sys
[2006.10.09 10:18:08 | 000,044,160 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys
[2006.10.09 10:18:08 | 000,042,240 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys
[2004.06.12 11:28:36 | 000,000,085 | ---- | C] () -- C:\Windows\System32\inetjbk12.dll
[2004.06.06 17:02:40 | 000,000,091 | ---- | C] () -- C:\Windows\System32\mstjmr11.dll
[2004.05.31 02:13:34 | 000,000,011 | ---- | C] () -- C:\Windows\System32\inetjtl.dll
[2002.12.05 18:51:00 | 000,059,392 | R--- | C] () -- C:\Windows\streamhlp.dll
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.08.29 20:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001.07.10 15:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010.03.04 22:07:53 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\AnvSoft
[2010.08.07 20:36:21 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Ashampoo
[2009.09.04 01:51:24 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
[2010.08.27 22:55:10 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Foxit
[2010.08.27 22:55:11 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Foxit Software
[2009.09.03 23:38:24 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\GHISLER
[2010.09.15 00:56:29 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\GlarySoft
[2010.03.13 15:57:58 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Hardcore
[2010.09.06 23:27:27 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2010.03.15 02:13:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\iolo
[2010.03.13 15:56:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Juce VST Host
[2009.04.27 01:43:35 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\LangSoft
[2010.07.13 00:54:06 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Maxthon2
[2010.10.11 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\MxBoost
[2010.03.12 22:57:53 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\NetMedia Providers
[2009.12.30 22:11:11 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Nokia
[2009.12.30 22:17:33 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Nokia Multimedia Player
[2009.06.04 14:34:29 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\OpenOffice.org
[2009.12.24 21:54:45 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\PC Suite
[2010.03.12 22:57:53 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Publish Providers
[2010.03.13 15:53:06 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Sawer
[2010.10.17 01:26:47 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Sony
[2010.08.12 14:29:20 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Sony Setup
[2008.09.05 22:29:18 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Template
[2009.08.30 01:10:55 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Thinstall
[2010.09.13 20:07:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\TuneUp Software
[2010.03.15 00:14:56 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Uniblue
[2010.05.31 19:09:11 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\XnView
[2010.09.06 15:17:16 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010.09.01 02:01:40 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.10.16 23:32:44 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2010.09.13 18:55:59 | 000,000,228 | ---- | M] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2010.09.01 02:00:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CC1E17FB-0828-49BF-BDED-4C33B9AC7779}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:EC2246A6
@Alternate Data Stream - 64 bytes -> C:\Users\Tomáš\Proklety.ostrov.2010.DVDRip.CZ.by_pablos33_of_PowerUploaders.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Tomáš\Lovci pokladu 1 (cz) National Treasure 2004.avi:TOC.WMV
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1F8C9007
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:F072AFAF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:3E7393FC
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:580E04D8

< End of report >

[Reklama]

[jaro3]

Odinstaluj:
McAfee

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (DwProt) -- File not found
DRV - (AmdLLD) -- C:\Windows\System32\DRIVERS\AmdLLD.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/ ... dtoolx.cab (IGDTester Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O34 - HKLM BootExecute: (autocheck) - File not found
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:EC2246A6
@Alternate Data Stream - 64 bytes -> C:\Users\Tomáš\Proklety.ostrov.2010.DVDRip.CZ.by_pablos33_of_PowerUploaders.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Tomáš\Lovci pokladu 1 (cz) National Treasure 2004.avi:TOC.WMV
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1F8C9007
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:F072AFAF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:3E7393FC
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:580E04D8

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Windows\bthservsdp.dat
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\System32\perfh005.dat
C:\Windows\System32\perfh009.dat
C:\Windows\System32\perfc005.dat
C:\Windows\System32\perfc009.dat
C:\Windows\System32\1CFD0C990E.dll
C:\Users\Tomáš\AppData\Roaming\inst.exe
C:\Users\Tomáš\AppData\Roaming\wklnhst.dat
C:\Windows\winzipme.ini
C:\Windows\usdthank.ini
C:\Windows\JCMKR32.INI
C:\Windows\NTIWVEDT.INI
C:\Windows\System32\SysHook.dll
C:\Windows\System32\CddbCdda.dll
C:\Windows\System32\inetjbk12.dll
C:\Windows\System32\mstjmr11.dll
C:\Windows\System32\inetjtl.dll
C:\Windows\streamhlp.dll
C:\Windows\System32\lcppn21.dll

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\System32\atitmpxx.dll
C:\Windows\DosHlpLnk.ini
C:\Windows\System32\NTIOFM4.dll
C:\Windows\System32\NTIBUN5.dll
C:\Windows\System32\aaleas.dll
C:\Windows\System32\multiplex_vcd.dll
C:\Windows\System32\Hmpg12.dll
C:\Windows\System32\sysdate64.ini
C:\Windows\System32\addurl41.DLL
C:\Windows\System32\HMPV2_ENC.dll
C:\Windows\System32\HMPV2_ENC_MMX.dll
C:\Windows\System32\winwatch.DLL

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Tento program sis nainstaloval sám:
C:\Users\Tomáš\AppData\Roaming\Juce VST Host ?? Nemá to být spíš Juice??
*****************************************************************************************************************************************
Program PowerWheels si někdy instaloval?

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

[timtom]

Ahoj, díky že se mi tak věnuješ? Budu na tom dělat, buď zítra nebo ve středu a ozvu se. Kdybych měl nějaký problém nebo něco nechápal tak ti pisnu. S tím Mcafee uplně koukám protože jsem to už odinstaloval(teda aspoň jsem si myslel) ale jak se zbavit těch zbytků po McAfee absolutně netuším.

C:\Users\Tomáš\AppData\Roaming\Juce VST Host ?? Nemá to být spíš Juice?? Já vůbec netuším co to je? Nic takového názvu jsem neinstaloval

PowerWheels jsem asi instaloval a snad i odinstaloval. Je to program na tvorbu kombinací pro číselné hry.

Mám za to, že té různé špíny a zbytků tam bude po víc. A to i když pravidelně čistím ale zbytky v registrech jsou pro mě tabu.

Každopádně, jdu plnit tvé úkoly.

[timtom]

Tak tady je ten log z OTL:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: Unable to stop service mfehidk!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mfehidk deleted successfully.
C:\Windows\System32\drivers\mfehidk.sys moved successfully.
Service mfeavfk stopped successfully!
Service mfeavfk deleted successfully!
C:\Windows\System32\drivers\mfeavfk.sys moved successfully.
Service mfesmfk stopped successfully!
Service mfesmfk deleted successfully!
C:\Windows\System32\drivers\mfesmfk.sys moved successfully.
Service mfebopk stopped successfully!
Service mfebopk deleted successfully!
C:\Windows\System32\drivers\mfebopk.sys moved successfully.
Service mferkdk stopped successfully!
Service mferkdk deleted successfully!
C:\Windows\System32\drivers\mferkdk.sys moved successfully.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Error: No service named DwProt was found to stop!
Service\Driver key DwProt not found.
File File not found not found.
Service AmdLLD stopped successfully!
Service AmdLLD deleted successfully!
File C:\Windows\System32\DRIVERS\AmdLLD.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Page_Transitions| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {99FE5072-78AA-4FEE-89BA-69A5FA55343F}
C:\Windows\Downloaded Program Files\igdtoolx.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{99FE5072-78AA-4FEE-89BA-69A5FA55343F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99FE5072-78AA-4FEE-89BA-69A5FA55343F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{99FE5072-78AA-4FEE-89BA-69A5FA55343F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99FE5072-78AA-4FEE-89BA-69A5FA55343F}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck deleted successfully.
ADS C:\ProgramData\TEMP:EC2246A6 deleted successfully.
Unable to delete ADS C:\Users\Tomáš\Proklety.ostrov.2010.DVDRip.CZ.by_pablos33_of_PowerUploaders.avi:TOC.WMV .
Unable to delete ADS C:\Users\Tomáš\Lovci pokladu 1 (cz) National Treasure 2004.avi:TOC.WMV .
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
ADS C:\ProgramData\TEMP:1F8C9007 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
ADS C:\ProgramData\TEMP:F072AFAF deleted successfully.
ADS C:\ProgramData\TEMP:861A898F deleted successfully.
ADS C:\ProgramData\TEMP:8AB6C1D7 deleted successfully.
ADS C:\ProgramData\TEMP:4CF61E54 deleted successfully.
ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully.
ADS C:\ProgramData\TEMP:8173A019 deleted successfully.
ADS C:\ProgramData\TEMP:3E7393FC deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:9F683177 deleted successfully.
ADS C:\ProgramData\TEMP:580E04D8 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GlaryInitialize.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\SmartDefrag.job moved successfully.
c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{CC1E17FB-0828-49BF-BDED-4C33B9AC7779}.job moved successfully.
File\Folder C:\*.tmp not found.
C:\Windows\bthservsdp.dat moved successfully.
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\System32\1CFD0C990E.dll moved successfully.
C:\Users\Tomáš\AppData\Roaming\inst.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\wklnhst.dat moved successfully.
C:\Windows\winzipme.ini moved successfully.
C:\Windows\usdthank.ini moved successfully.
C:\Windows\JCMKR32.INI moved successfully.
C:\Windows\NTIWVEDT.INI moved successfully.
C:\Windows\System32\SysHook.dll moved successfully.
C:\Windows\System32\CddbCdda.dll moved successfully.
C:\Windows\System32\inetjbk12.dll moved successfully.
C:\Windows\System32\mstjmr11.dll moved successfully.
C:\Windows\System32\inetjtl.dll moved successfully.
C:\Windows\streamhlp.dll moved successfully.
C:\Windows\System32\lcppn21.dll moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tomáš
->Temp folder emptied: 3240702 bytes
->Temporary Internet Files folder emptied: 56842227 bytes
->Java cache emptied: 56064120 bytes
->FireFox cache emptied: 66625102 bytes
->Flash cache emptied: 5990 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 44172 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 174,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Tomáš
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.15.2 log created on 10182010_215340

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[jaro3]

Až dodáš další sken OTL ( se scriptem) budeme pokračovat .

musím to ještě jednou projít , něco jsem tam viděl od PowerWheels( zbytek)..

C:\Users\Tomáš\AppData\Roaming\Juce VST Host---zkus najít a odinstalovat , pokud ho nenajdeš , smaž tu složku.

[timtom]

Ahoj, tady je kontrola přes virustotal-něco to našlo, a zatím je sken z OTL:

http://www.virustotal.com/file-scan/rep ... 1287433369

http://www.virustotal.com/file-scan/rep ... 1287433595

http://www.virustotal.com/file-scan/rep ... 1287518798

http://www.virustotal.com/file-scan/rep ... 1287519390

Tady to něco našlo:
http://www.virustotal.com/file-scan/rep ... 1287520078

http://www.virustotal.com/file-scan/rep ... 1287521829

http://www.virustotal.com/file-scan/rep ... 1287524139

http://www.virustotal.com/file-scan/rep ... 1287524342

http://www.virustotal.com/file-scan/rep ... 1287525189

http://www.virustotal.com/file-scan/rep ... 1287575586

http://www.virustotal.com/file-scan/rep ... 1287575889

http://www.virustotal.com/file-scan/rep ... 1287576110

http://www.virustotal.com/file-scan/rep ... 1287576314






OTL logfile created on: 20.10.2010 14:41:12 - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Tomáš\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 25,52 Gb Free Space | 22,90% Space Free | Partition Type: NTFS
Drive D: | 107,90 Gb Total Space | 77,91 Gb Free Space | 72,21% Space Free | Partition Type: NTFS

Computer Name: TOMÁŠ-PC | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Tomáš\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe ()
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\IObit\IObit Security 360\is360tray.exe (IObit)
PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)


========== Modules (SafeList) ==========

MOD - C:\Users\Tomáš\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Aladdin SQL Server) -- C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe ()
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (SRS Labs License Service) -- C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe (SRS Labs)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()


========== Driver Services (SafeList) ==========

DRV - (sef3x1) -- C:\Windows\System32\drivers\sef3x1.sys (Sony Ericsson Mobile Communications)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (Safetica) -- C:\Windows\System32\drivers\safetica.sys (COSECT, Computer Security Technologies Ltd.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (ahcix86s) -- C:\Windows\system32\DRIVERS\ahcix86s.sys (AMD Technologies Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (Wasay)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (u3kh) -- C:\Windows\System32\drivers\u3kh.sys (DiBcom)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (u3khrc) -- C:\Windows\System32\drivers\u3khrc.sys (DiBcom S.A.)
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (emAudio) -- C:\Windows\System32\drivers\emAudio.sys (eMPIA Technology, Inc.)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) -- C:\Windows\System32\drivers\SRS_SSCFilter.sys ()
DRV - (FlyPCI) -- C:\Windows\System32\drivers\FlyPCI.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Hledat"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.myheritage.com/?orig=ds&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true

FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.12 19:01:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.27 22:54:47 | 000,000,000 | ---D | M]

[2010.03.04 21:57:08 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Extensions
[2010.03.04 21:57:08 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.08.27 23:02:16 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\nl7020e5.default\extensions
[2009.08.24 15:14:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\nl7020e5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.09.04 01:50:20 | 000,002,399 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\nl7020e5.default\searchplugins\daemon-search.xml
[2010.04.19 11:41:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.19 11:41:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.27 22:54:20 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009.01.14 23:12:32 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.01.14 23:12:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.02 21:33:48 | 000,003,803 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MyHeritage.xml
[2009.01.14 23:12:32 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.01.14 23:12:32 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.01.14 23:12:32 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.10.18 21:55:03 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.10.18 21:53:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.17 19:33:12 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\obchod zahraničí
[2010.10.17 17:22:42 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.10.17 14:32:18 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\oprava Acer+ BSOD
[2010.10.15 19:07:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.10.15 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\temp
[2010.10.15 19:05:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.10.12 22:35:36 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.12 22:35:28 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.12 22:35:20 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.12 22:35:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.12 22:35:18 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.12 22:35:16 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.12 22:35:15 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.12 22:35:14 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.12 22:35:08 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.12 22:35:06 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.12 22:35:06 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.10.12 22:35:06 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.12 22:35:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.10.12 21:58:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.10.11 20:25:47 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Roaming\MxBoost
[2010.10.10 13:00:24 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\fotky vzory rámečky
[2010.10.03 20:38:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.10.03 12:55:36 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\XPERIA
[2010.10.03 12:55:08 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\CENOVKY
[2010.10.02 21:42:04 | 000,063,912 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\sef3x1ci.dll
[2010.10.02 21:42:04 | 000,028,608 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\sef3x1.sys
[2010.10.02 19:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2010.09.29 09:05:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.26 23:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive
[2009.07.17 22:11:05 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Tomáš\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010.10.20 14:14:58 | 000,002,003 | ---- | M] () -- C:\Users\Tomáš\Desktop\odkazy-virustotal.rtf
[2010.10.20 13:50:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 13:50:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 13:50:01 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.10.20 13:48:33 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2010.10.20 00:07:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.10.19 22:24:56 | 001,764,336 | ---- | M] () -- C:\Users\Tomáš\Desktop\nokia-6555-cz.pdf
[2010.10.18 21:56:48 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2010.10.18 21:55:03 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010.10.17 22:40:22 | 002,222,738 | ---- | M] () -- C:\Users\Tomáš\Desktop\Saga - Briefcase Drumsolo.mp3
[2010.10.17 17:22:53 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2010.10.13 19:38:42 | 000,420,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.11 20:50:56 | 000,000,186 | ---- | M] () -- C:\Users\Tomáš\Desktop\HiJackThis.url
[2010.10.10 22:26:11 | 000,002,609 | ---- | M] () -- C:\Users\Tomáš\Desktop\Kooperativa.rtf
[2010.10.10 13:16:59 | 000,040,960 | -H-- | M] () -- C:\Users\Tomáš\Desktop\photothumb.db
[2010.10.10 12:49:48 | 000,002,145 | ---- | M] () -- C:\Users\Tomáš\Desktop\Dokument.rtf
[2010.10.08 21:49:02 | 000,000,201 | ---- | M] () -- C:\Users\Tomáš\Desktop\Diane Kruger nude pics.url
[2010.10.03 14:14:01 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010.10.02 21:42:04 | 000,063,912 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\sef3x1ci.dll
[2010.10.02 21:42:04 | 000,028,608 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\sef3x1.sys
[2010.10.02 19:46:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.09.23 22:38:14 | 000,000,189 | ---- | M] () -- C:\Users\Tomáš\Desktop\Camtasia Studio 7 download - Slunečnice.cz - programy ke stažení zdarma.url
[2010.09.21 22:02:01 | 000,000,217 | ---- | M] () -- C:\Users\Tomáš\Desktop\Atlas patologie pro studenty medicíny.url

========== Files Created - No Company Name ==========

[2010.10.19 22:24:54 | 001,764,336 | ---- | C] () -- C:\Users\Tomáš\Desktop\nokia-6555-cz.pdf
[2010.10.18 23:33:26 | 000,002,003 | ---- | C] () -- C:\Users\Tomáš\Desktop\odkazy-virustotal.rtf
[2010.10.18 22:08:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2010.10.18 22:05:43 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.10.18 21:56:48 | 000,000,228 | ---- | C] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2010.10.17 22:40:13 | 002,222,738 | ---- | C] () -- C:\Users\Tomáš\Desktop\Saga - Briefcase Drumsolo.mp3
[2010.10.17 12:39:40 | 000,024,576 | ---- | C] () -- C:\Users\Tomáš\Desktop\memtest.exe
[2010.10.11 20:50:55 | 000,000,186 | ---- | C] () -- C:\Users\Tomáš\Desktop\HiJackThis.url
[2010.10.10 22:26:11 | 000,002,609 | ---- | C] () -- C:\Users\Tomáš\Desktop\Kooperativa.rtf
[2010.10.08 21:49:01 | 000,000,201 | ---- | C] () -- C:\Users\Tomáš\Desktop\Diane Kruger nude pics.url
[2010.10.02 19:46:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2010.09.23 22:38:14 | 000,000,189 | ---- | C] () -- C:\Users\Tomáš\Desktop\Camtasia Studio 7 download - Slunečnice.cz - programy ke stažení zdarma.url
[2010.09.23 21:48:50 | 000,002,145 | ---- | C] () -- C:\Users\Tomáš\Desktop\Dokument.rtf
[2010.09.21 22:02:01 | 000,000,217 | ---- | C] () -- C:\Users\Tomáš\Desktop\Atlas patologie pro studenty medicíny.url
[2010.09.07 19:06:03 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.08.07 21:59:29 | 000,000,068 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2010.05.23 00:31:21 | 000,000,910 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010.05.13 23:46:36 | 000,268,912 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2010.03.17 15:46:21 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.03.14 23:10:20 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010.03.12 22:22:42 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.03.04 20:37:43 | 002,392,064 | ---- | C] () -- C:\Windows\System32\videotrans.dll
[2010.03.04 20:37:43 | 000,215,040 | ---- | C] () -- C:\Windows\System32\videoformat.dll
[2010.03.04 20:37:42 | 000,061,440 | ---- | C] () -- C:\Windows\System32\imgscaler.dll
[2010.03.04 20:37:42 | 000,022,016 | ---- | C] () -- C:\Windows\System32\img_utils.dll
[2010.03.04 20:37:42 | 000,017,920 | ---- | C] () -- C:\Windows\System32\videocore.dll
[2010.03.04 20:37:35 | 000,128,512 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2009.12.30 22:11:11 | 000,027,167 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\NMM-MetaData.db
[2009.10.29 14:00:43 | 000,240,640 | ---- | C] () -- C:\Windows\System32\Nmocod.dll
[2009.10.23 00:12:48 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.10.23 00:12:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.10.23 00:12:45 | 000,217,088 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.10.23 00:12:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.10.23 00:12:44 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.10.23 00:12:42 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.09.11 16:11:52 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.09.11 16:11:51 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009.09.11 16:11:51 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2009.09.11 16:11:51 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2009.08.30 00:49:12 | 000,000,056 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2009.07.18 16:46:10 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.07.17 22:12:26 | 000,001,057 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\vso_ts_preview.xml
[2009.07.17 22:11:05 | 000,007,887 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\pcouffin.cat
[2009.07.17 22:11:05 | 000,001,144 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\pcouffin.inf
[2009.07.17 21:16:29 | 002,255,360 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009.07.17 21:16:29 | 000,395,776 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009.07.17 21:16:29 | 000,262,144 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009.07.17 21:16:29 | 000,112,640 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009.07.11 14:14:53 | 000,000,022 | ---- | C] () -- C:\Windows\System32\sysdate64.ini
[2009.07.01 20:28:00 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.17 16:36:41 | 000,004,134 | ---- | C] () -- C:\Windows\System32\drivers\FlyPCI.sys
[2009.03.16 20:44:13 | 000,100,560 | ---- | C] () -- C:\Windows\System32\drivers\VBoxDrv.sys
[2009.03.13 03:06:58 | 000,001,657 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2009.02.15 17:33:35 | 000,000,074 | ---- | C] () -- C:\Windows\DosHlpLnk.ini
[2009.02.15 17:33:27 | 000,002,745 | ---- | C] () -- C:\Windows\LottoBuster.ini
[2009.01.24 19:33:30 | 000,138,624 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.01.20 22:29:45 | 000,001,277 | ---- | C] () -- C:\Windows\ARPR.INI
[2009.01.13 16:13:14 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2008.12.29 03:48:58 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\giveio.sys
[2008.12.28 02:58:07 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.12.28 02:58:07 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.11.13 22:25:48 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.11.12 23:57:41 | 000,000,225 | ---- | C] () -- C:\Windows\wininit.ini
[2008.11.09 03:22:59 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini
[2008.10.09 22:40:40 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.05.23 10:53:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.05.23 02:37:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.23 02:37:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.23 01:37:31 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.01.21 04:24:13 | 000,023,775 | ---- | C] () -- C:\Windows\System32\aaleas.dll
[2008.01.21 04:24:13 | 000,000,240 | ---- | C] () -- C:\Windows\System32\ctd4.sys
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2006.11.02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.10.09 10:18:10 | 000,036,992 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys
[2006.10.09 10:18:10 | 000,034,048 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter.sys
[2006.10.09 10:18:08 | 000,044,160 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys
[2006.10.09 10:18:08 | 000,042,240 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.08.29 20:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001.07.10 15:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008.04.15 07:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=E331924FDF522CD7CEA1B647503784E8 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.04.15 07:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=E331924FDF522CD7CEA1B647503784E8 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_2908f969\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< >

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Files
C:\Users\Tomáš\AppData\Roaming\Juce VST Host
C:\Windows\System32\NTIOFM4.dll
C:\Windows\System32\NTIBUN5.dll
C:\Windows\bthservsdp.dat

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

+
stáhni SuperAntiSpyware
aktualizuj databázi , proveď sken a následně nákazy smaž

[timtom]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
========== FILES ==========
File\Folder C:\Users\Tomáš\AppData\Roaming\Juce VST Host not found.
C:\Windows\System32\NTIOFM4.dll moved successfully.
C:\Windows\System32\NTIBUN5.dll moved successfully.
C:\Windows\bthservsdp.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tomáš
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 54584187 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 1303 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2645372 bytes

Total Files Cleaned = 55,00 mb


OTL by OldTimer - Version 3.2.15.2 log created on 10202010_194124

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...







Jdu na ten superantispyware :-)

[jaro3]

Fajn , ještě:

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

pak napiš ještě , zda jsou problémy.

[timtom]

tak už jsem se radoval, protože po probuzení ze spánku se ukázala plocha ale pak to zas spadlo...aut.restart. Ale jdeme dle mě správným směrem protože se to změnilo, předtím se to restartlo hned a teď se normálně ukázala plocha vč. ikon asi na 1 vteřinu. Možná to dělá nějaká aktualizace nebo aktualizované ovladače.

Jinak počítač se zrychlil a připadá mi takový odlehčený. Takže super. Určitě očista nebyla na škodu. Vlastně když nebudu použíávat funkci "spánek" tak je NTB jak nový.

[jaro3]

Poslední , (snad) věc na viry:

Vypni rez.ochrany a firewall.

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .

[timtom]

Hlášení kontroly
Pátek, Říjen 22, 2010 21:45:27 - 22:42:28
Název počítače: TOMÁŠ-PC
Typ kontroly: Kontrolovat systém na přítomnost malwaru, spywaru a programů rootkit
Cíl: C:\ D:\


--------------------------------------------------------------------------------

Nalezený malware: 2
Suspicious:W32/Malware!Gemini (spyware)
Systém (Vyléčeno)
Suspicious:W32/Malware!Gemini (virus)
C:\PROGRAM FILES\HIGH QUALITY PHOTO RESIZER\RESIZER.EXE (Nevyčištěno)

--------------------------------------------------------------------------------

Statistika
Kontrolováno:
Soubory: 60745
Systém: 4652
Nekontrolováno: 35
Akce:
Vyléčeno: 1
Přejmenováno: 0
Odstraněno: 0
Nevyčištěno: 1
Odesláno: 0
Nekontrolované soubory:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\COMPONENTS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\COMPONENTS
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\USERS\TOMÁŠ\APPDATA\LOCAL\TEMP\LOW\HSPERFDATA_TOMÁŠ\3240
C:\USERS\TOMÁŠ\APPDATA\LOCAL\TEMP\HSPERFDATA_TOMÁŠ\3332
C:\SYSTEM VOLUME INFORMATION\{9C12EF3F-DBAC-11DF-9F5F-001EEC4C73BA}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{5424F9A0-DAD8-11DF-B822-001EEC4C73BA}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\200B2CB22EE102B3DDFB802950C0A46C_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07ECD5D055FC0BB6EAB0D38B2336357E_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44AF2AB020640A351F3B6BCD58560C89_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4574373D420004F75B1EF4B615060053_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D0FD777AF410C154E0DFF6DB0447B6B_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4DC27F7A4BEAAD93F970DAB5A6F86F4D_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\56D665EACC875D418AF84A1D6DBCDD2E_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\66A042328883225D6C30F2DDAE6928ED_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55920EF75A96FD22A40ADAC1E3B82F47_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\708FC3C429E10C9D4265D4339D9DABE8_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\937E8BC092DB57AAB0D63DFC26443186_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A439E53E85BDB87C3A734C256EF3ED1D_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\98A770139F6146A27D41B961B7BAED0C_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BD8E745096A7182B13E910BB1A8B921B_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DF547AC8C775151D9A1075EAEFC47AB2_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AEF05FBEB1AC499DCA4C15A0BF92499B_B4E125C3-C4FA-408B-AE81-BC6344EB6AC6

--------------------------------------------------------------------------------

Možnosti
Moduly kontroly:
Možnosti kontroly:
Kontrolovat určené soubory: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Používat pokročilou heuristiku

--------------------------------------------------------------------------------

Copyright © 1998–2009 Podpora produktu | Odeslat vzorek viru společnosti F-Secure
Společnost F-Secure nepřejímá jakoukoli odpovědnost za materiály vytvořené nebo publikované třetími stranami, na které odkazují webové stránky společnosti F-Secure. Pokud odešlete na kterýkoli z našich serverů jakýkoli materiál (například pomocí e-mailu nebo prostřednictvím e-mailu F-Secure CGI), souhlasíte, že všechny vámi zpřístupněné materiály mohou být publikovány na webových stránkách společnosti F-Secure nebo tiskově publikovány, s výjimkou případu, kdy jednoznačně oznámíte svůj nesouhlas. Veřejné webové stránky společnosti F-Secure navštívíte klepnutím na následující odkazy. Současně bude váš přístup zaznamenán do našich osobních statistik přístupu pro název vaší domény. Tato informace nebude předávána třetím stranám. Tímto vyjadřujete svůj souhlas s tím, že ohledně odesílaných materiálů nepodniknete vůči nám jakékoli právní kroky. Odesláním materiálu opravňujete společnost F-Secure k tomu, že může začlenit jakékoli koncepty popsané v těchto materiálech bez dalších závazků, pokud výslovně neuvedete jinak.