Prosim o kontrolu logu, bude tam toho asi hodne.

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod jaro3 » 11 lis 2010 21:22

mrkni se na asociaci souborů.....

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš



Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 11 lis 2010 21:56

Tu asociaci souboru jsem nenašel, tam se to dá někde nastavit? :/
Systém mě ještě nepustí do prizpusobit, a nedostanu se ani do vlastnosti tohoto pocitace, take ani neotevru system.
jinak logy zde

OTL logfile created on: 11.11.2010 21:48:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jana\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 51,26 Gb Free Space | 34,99% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 308,32 Gb Free Space | 96,57% Space Free | Partition Type: NTFS

Computer Name: A4800X2 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe ()
PRC - C:\Windows\tsnpstd3.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)


========== Modules (SafeList) ==========

MOD - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (RpcLocator) -- C:\Windows\System32\locator.exe File not found
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)


========== Driver Services (SafeList) ==========

DRV - (SetupNTGLM7X) -- E:\NTGLM7X.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NTACCESS) -- E:\NTACCESS.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- E:\INSTALL\GMSIPCI.SYS File not found
DRV - (eamonm) -- C:\Windows\System32\DRIVERS\eamonm.sys File not found
DRV - (catchme) -- C:\Users\Jana\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys File not found
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (ATI Technologies, Inc.)
DRV - (cpuz134) -- C:\Windows\System32\drivers\cpuz134_x32.sys (Windows (R) Win 7 DDK provider)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (VClone) -- C:\Windows\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 20:44:48 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010.11.11 19:12:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.11.11 21:46:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.11.11 19:19:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.11.11 19:15:24 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\temp
[2010.11.11 19:14:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.11 16:43:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\IObit
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.11.10 21:24:45 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\cpuz134_x32.sys
[2010.11.10 21:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010.11.10 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Jana\Desktop\ProbeII
[2010.11.10 20:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.11.10 20:40:28 | 000,000,000 | ---D | C] -- C:\ATI
[2010.11.10 19:25:23 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Malwarebytes
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.09 19:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.10.29 08:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2008.02.16 17:12:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpx32.dll
[2008.02.16 17:12:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2008.02.16 17:12:26 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2008.02.09 21:44:16 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll

========== Files - Modified Within 30 Days ==========

[2010.11.11 21:47:05 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000UA.job
[2010.11.11 21:46:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:43:05 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.11.11 21:43:05 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.11 21:43:05 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.11.11 21:43:05 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.11 21:38:44 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 21:38:43 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 21:38:42 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.11.11 21:38:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.11 21:34:50 | 000,001,670 | ---- | M] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 21:29:15 | 000,575,488 | ---- | M] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 19:20:14 | 000,002,521 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:19:07 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.11.11 19:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.11 16:47:17 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EFE44326-8D13-44FC-BF09-710CA8EE3ABD}.job
[2010.11.10 21:28:44 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.10 20:38:37 | 000,237,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.09 19:51:31 | 001,402,880 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.08 15:27:57 | 001,250,043 | ---- | M] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:42 | 001,104,772 | ---- | M] () -- C:\Users\Jana\naramek1.JPG
[2010.11.08 13:47:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000Core.job
[2010.11.07 16:47:50 | 000,002,037 | ---- | M] () -- C:\Users\Jana\Desktop\Google Chrome.lnk
[2010.11.07 15:41:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.11.06 10:20:10 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WebReg Deskjet F4100 series.job
[2010.11.01 14:22:30 | 000,091,648 | ---- | M] () -- C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.29 08:31:42 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.10.28 18:08:10 | 000,824,978 | ---- | M] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.10.13 22:23:55 | 000,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2010.11.11 21:42:51 | 000,824,978 | ---- | C] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.11.11 21:37:13 | 000,575,488 | ---- | C] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 21:34:50 | 000,001,670 | ---- | C] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 19:20:06 | 000,002,521 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:19:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.11 19:17:47 | 001,402,880 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.10 21:28:50 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.11.10 21:28:44 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.08 15:27:52 | 001,250,043 | ---- | C] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:38 | 001,104,772 | ---- | C] () -- C:\Users\Jana\naramek1.JPG
[2010.10.30 09:20:30 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WebReg Deskjet F4100 series.job
[2010.10.29 08:31:42 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.09.29 02:13:06 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.09.13 13:19:09 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.06.20 11:21:35 | 000,004,156 | ---- | C] () -- C:\Windows\wininit.ini
[2010.06.20 08:48:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.16 17:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2008.09.12 11:31:37 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.07.01 17:24:26 | 000,056,320 | R--- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.06.18 17:13:23 | 000,233,472 | R--- | C] () -- C:\Users\Jana\AppData\Roaming\MafiaSetup.exe
[2008.03.15 19:46:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.03.13 18:33:36 | 000,000,777 | ---- | C] () -- C:\Windows\System32\trial_setup.ini
[2008.02.16 21:36:54 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.02.16 17:12:33 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2008.02.13 18:56:33 | 000,091,648 | ---- | C] () -- C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.11 22:38:08 | 000,002,382 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.02.11 22:31:38 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2008.02.11 22:31:37 | 000,012,664 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2008.02.11 22:31:34 | 000,012,096 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2008.02.11 22:31:34 | 000,010,304 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2008.02.09 00:22:05 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.02.09 00:21:43 | 000,026,113 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.02.09 00:21:32 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008.02.08 23:40:33 | 000,008,620 | ---- | C] () -- C:\Users\Jana\AppData\Local\d3d9caps.dat
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010.06.20 14:00:47 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ESET
[2010.02.17 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Gearbox Software
[2008.02.09 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\GHISLER
[2010.07.18 15:04:24 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\gtk-2.0
[2010.11.01 15:13:17 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ICQ
[2008.07.11 18:54:34 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ICQ Toolbar
[2010.11.10 21:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\IObit
[2009.10.27 21:46:40 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Miranda
[2009.05.21 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Opera
[2010.09.04 12:15:46 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\PhotoScape
[2009.03.24 18:53:31 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\QIP
[2008.09.30 19:54:32 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\TuneUp Software
[2010.10.30 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\uTorrent
[2010.10.09 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Zoner
[2008.09.30 19:54:34 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010.11.11 21:38:42 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010.11.11 21:37:33 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.11 16:47:17 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EFE44326-8D13-44FC-BF09-710CA8EE3ABD}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Jana\Flashdance.avi:TOC.WMV

< End of report >
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 11 lis 2010 21:56

Tu asociaci souboru jsem nenašel, tam se to dá někde nastavit? :/
Systém mě ještě nepustí do prizpusobit, a nedostanu se ani do vlastnosti tohoto pocitace, take ani neotevru system.
jinak logy zde

OTL logfile created on: 11.11.2010 21:48:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jana\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 51,26 Gb Free Space | 34,99% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 308,32 Gb Free Space | 96,57% Space Free | Partition Type: NTFS

Computer Name: A4800X2 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe ()
PRC - C:\Windows\tsnpstd3.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)


========== Modules (SafeList) ==========

MOD - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (RpcLocator) -- C:\Windows\System32\locator.exe File not found
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)


========== Driver Services (SafeList) ==========

DRV - (SetupNTGLM7X) -- E:\NTGLM7X.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NTACCESS) -- E:\NTACCESS.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- E:\INSTALL\GMSIPCI.SYS File not found
DRV - (eamonm) -- C:\Windows\System32\DRIVERS\eamonm.sys File not found
DRV - (catchme) -- C:\Users\Jana\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys File not found
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (ATI Technologies, Inc.)
DRV - (cpuz134) -- C:\Windows\System32\drivers\cpuz134_x32.sys (Windows (R) Win 7 DDK provider)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (VClone) -- C:\Windows\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 20:44:48 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010.11.11 19:12:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.11.11 21:46:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.11.11 19:19:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.11.11 19:15:24 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\temp
[2010.11.11 19:14:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.11 16:43:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\IObit
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.11.10 21:24:45 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\cpuz134_x32.sys
[2010.11.10 21:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010.11.10 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Jana\Desktop\ProbeII
[2010.11.10 20:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.11.10 20:40:28 | 000,000,000 | ---D | C] -- C:\ATI
[2010.11.10 19:25:23 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Malwarebytes
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.09 19:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.10.29 08:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2008.02.16 17:12:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpx32.dll
[2008.02.16 17:12:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2008.02.16 17:12:26 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2008.02.09 21:44:16 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll

========== Files - Modified Within 30 Days ==========

[2010.11.11 21:47:05 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000UA.job
[2010.11.11 21:46:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:43:05 | 000,598,600 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.11.11 21:43:05 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.11 21:43:05 | 000,114,808 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.11.11 21:43:05 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.11 21:38:44 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 21:38:43 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 21:38:42 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.11.11 21:38:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.11 21:34:50 | 000,001,670 | ---- | M] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 21:29:15 | 000,575,488 | ---- | M] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 19:20:14 | 000,002,521 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:19:07 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.11.11 19:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.11 16:47:17 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EFE44326-8D13-44FC-BF09-710CA8EE3ABD}.job
[2010.11.10 21:28:44 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.10 20:38:37 | 000,237,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.09 19:51:31 | 001,402,880 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.08 15:27:57 | 001,250,043 | ---- | M] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:42 | 001,104,772 | ---- | M] () -- C:\Users\Jana\naramek1.JPG
[2010.11.08 13:47:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000Core.job
[2010.11.07 16:47:50 | 000,002,037 | ---- | M] () -- C:\Users\Jana\Desktop\Google Chrome.lnk
[2010.11.07 15:41:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.11.06 10:20:10 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WebReg Deskjet F4100 series.job
[2010.11.01 14:22:30 | 000,091,648 | ---- | M] () -- C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.29 08:31:42 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.10.28 18:08:10 | 000,824,978 | ---- | M] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.10.13 22:23:55 | 000,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2010.11.11 21:42:51 | 000,824,978 | ---- | C] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.11.11 21:37:13 | 000,575,488 | ---- | C] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 21:34:50 | 000,001,670 | ---- | C] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 19:20:06 | 000,002,521 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:19:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.11 19:17:47 | 001,402,880 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.10 21:28:50 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.11.10 21:28:44 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.08 15:27:52 | 001,250,043 | ---- | C] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:38 | 001,104,772 | ---- | C] () -- C:\Users\Jana\naramek1.JPG
[2010.10.30 09:20:30 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WebReg Deskjet F4100 series.job
[2010.10.29 08:31:42 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.09.29 02:13:06 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.09.13 13:19:09 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.06.20 11:21:35 | 000,004,156 | ---- | C] () -- C:\Windows\wininit.ini
[2010.06.20 08:48:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.16 17:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2008.09.12 11:31:37 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.07.01 17:24:26 | 000,056,320 | R--- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.06.18 17:13:23 | 000,233,472 | R--- | C] () -- C:\Users\Jana\AppData\Roaming\MafiaSetup.exe
[2008.03.15 19:46:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.03.13 18:33:36 | 000,000,777 | ---- | C] () -- C:\Windows\System32\trial_setup.ini
[2008.02.16 21:36:54 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.02.16 17:12:33 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2008.02.13 18:56:33 | 000,091,648 | ---- | C] () -- C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.11 22:38:08 | 000,002,382 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.02.11 22:31:38 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2008.02.11 22:31:37 | 000,012,664 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2008.02.11 22:31:34 | 000,012,096 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2008.02.11 22:31:34 | 000,010,304 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2008.02.09 00:22:05 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.02.09 00:21:43 | 000,026,113 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.02.09 00:21:32 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008.02.08 23:40:33 | 000,008,620 | ---- | C] () -- C:\Users\Jana\AppData\Local\d3d9caps.dat
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010.06.20 14:00:47 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ESET
[2010.02.17 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Gearbox Software
[2008.02.09 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\GHISLER
[2010.07.18 15:04:24 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\gtk-2.0
[2010.11.01 15:13:17 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ICQ
[2008.07.11 18:54:34 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\ICQ Toolbar
[2010.11.10 21:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\IObit
[2009.10.27 21:46:40 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Miranda
[2009.05.21 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Opera
[2010.09.04 12:15:46 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\PhotoScape
[2009.03.24 18:53:31 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\QIP
[2008.09.30 19:54:32 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\TuneUp Software
[2010.10.30 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\uTorrent
[2010.10.09 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Zoner
[2008.09.30 19:54:34 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010.11.11 21:38:42 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010.11.11 21:37:33 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.11 16:47:17 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EFE44326-8D13-44FC-BF09-710CA8EE3ABD}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Jana\Flashdance.avi:TOC.WMV

< End of report >
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 11 lis 2010 21:57

OTL Extras logfile created on: 11.11.2010 21:48:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jana\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 51,26 Gb Free Space | 34,99% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 308,32 Gb Free Space | 96,57% Space Free | Partition Type: NTFS

Computer Name: A4800X2 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2885730464-1649813371-635353934-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00604BEE-00BC-4933-BCBC-06A15771FEE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02B1700C-B407-4146-AAEB-A19D104F94D8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0317EBF5-E5A9-426C-AB71-3DC306EF62F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04370126-BD94-44AE-B5CC-9CF270FF8E88}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05DE422C-6AE9-4F76-A1E7-1E2B0CE7D2D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{067A23EB-1F1F-4CA5-979F-C70339A52E3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0696CBAD-1AC2-448B-9753-6AD6664438AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{073550FC-D008-4B5F-8B81-66BA6A7C9F10}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08C46452-24B0-443B-9412-81BCD561FA68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09B2BB7A-83A5-4C8C-AED1-42F91C9AA1AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A2342FC-3F57-443C-9E83-E8874D8C707A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{0AFED76B-F284-4451-98E3-D11F73927DAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B56EDE9-E2DA-426A-93DC-AAD4BB00AC0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BBE3F51-F708-4F53-A69A-3ED32BC9A11E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CDD2C90-EE6B-4D49-A3BA-AE65AB375AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D436325-4F0F-43E0-B542-B75B1F5B3645}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EB00BA0-41AB-4C35-BED6-54DE3D458045}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EE57F39-3C34-4CE9-A0D4-4E3F686736CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F6197FE-638D-4842-91AA-6A6E7C67B4D7}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{0FD51D67-21C3-4320-B603-559C75D8232B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14100364-BF9B-4AA0-ABB5-2021C871AC8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15F305E8-B09D-46F4-919A-01930B5AF172}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17000DA9-4966-4E97-A0A6-BF4F94C475FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1767FC3D-A7C3-4A1B-AA76-552F981DB7FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19AC9535-8B0C-44ED-85A0-79407604F99E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{19EE0FAD-0BAB-4195-A581-614BD8E4391D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1AD899BE-ED5D-4C14-9E6D-1C241FC8B397}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C902D7C-421F-4467-B4A8-BA13C2EF67BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1CE8B361-3EDD-4085-8FAC-B2A07926EF07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F5B84B1-1CC3-4239-A91A-3ECE5EEBF9ED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2059A1B0-771C-4619-B5DC-E18295EBFDFB}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{20DF0A19-F2EA-43B5-9049-548DFDF34D46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2126D3E8-DB6B-461F-B316-3AE9EEF29A6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21C1A772-77AC-439E-8740-694110373DD5}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{21ED8BAC-70A4-44EC-AFD1-3C996EA6EA9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2227B5AF-B0E6-4146-9BD2-83EF44B207B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22DDFF2B-0A52-40D9-8E87-03AC46DE6771}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2354F9E3-2073-48AA-8EEC-3BCF46A074E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23D44135-31DE-457C-80B6-A11D6659D120}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24C21BCE-A2C8-44AC-9442-F92B25E916CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{266386E3-C7E6-4C7B-A604-930D9D38AC87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{27A26092-1523-4588-B8B7-403A81C3C5D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2876B13E-1E57-4D35-B649-C4874F69C97C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B2B3547-272E-46A4-A3AB-6836199691E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C6A884B-EF0B-4212-A49C-E99952E56632}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{327918E0-D1A3-40EA-AAF3-CBD5271F78A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{327AC123-6DD5-4FD1-B620-31F7DC6A48F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{333E33C6-0D88-4517-8255-651862ECA7EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{343F44F1-BD45-42FF-91D3-C8E28110DE32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3564312D-E958-4806-85A9-7598B76F591E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35D9C324-F22B-48F1-9AEF-50B73BFA793D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{362714EA-D4D1-4374-B6C7-3B581D82962F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{37D9D6ED-000E-42DE-8D4B-F87E2DFC1CA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{383AD73B-8667-4657-B29E-E8F9FC80CE8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3858AC27-8286-4493-96C5-587BC69D6F95}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{385D3782-C224-4FBF-9FF2-4FB990E67C51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38DCFA2E-B304-4543-BCEE-BBE539EE96B5}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{3A5301F3-3E35-4548-9BC1-33B1C660E17B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3A70B91B-ED3B-4939-95D4-492AF6BCBC3C}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{3BA550CA-0CEB-4E65-BEE6-F0C5993DFB8C}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{3D59A83E-9A82-4169-B359-702ED29661FC}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{3E4AFA41-E472-493F-A962-3FDB24E272DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F907E25-E4B4-4C35-BE8C-2132303C353C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40246DA0-FD32-4DE4-B917-8D9C37DA9CE0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{406030E4-A4C5-42AF-B5AA-96F60C28BC82}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{40965952-FCF5-46F0-9942-4EFBE4CD40B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{421FDBFD-5B64-49F1-81F3-B7A59D804509}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4333AF8A-BC57-4DAD-AC6A-507A4AC0801E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{435D1A69-3E3D-4F5C-B724-7B27A63CC3B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44234D6F-7BFC-4FFB-BE0D-77B799DB6440}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44D223AD-8D5C-4343-83BE-229B1A89229E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44D39CF6-B148-41A0-B6FE-4A3DB4427A53}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4653045A-D959-4585-8512-4D83FE9C6D22}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46551811-458D-4B88-B429-95A5CFF21781}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{465FFC95-96BE-4ABE-AD49-F37213BD46A4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47FED1BF-4FD5-4434-AD7B-9625E9010A62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4ADD778D-2CFF-44BC-A684-A5EA3DAD6006}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BA254A8-A5E4-4C17-97BB-A30D29D43B24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D9FC7FA-6990-4387-B0D2-02A8029AEC5F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F53E54A-7FE9-46E0-A016-DAB3BDB6F173}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50ACDEE4-11AA-477A-8C06-57D3F14EE98B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{538ED371-B9A9-40BC-AB15-DAF74473E9F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53A28FE9-A9D1-4741-8D21-3EC93B384459}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53C07DC1-188D-4AD1-AE0C-0D22675F3F5B}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{54C2937D-B37E-4CEF-B1ED-C492A1ABC617}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{54D21FA1-DCB2-4051-BF23-75D0F62390E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57BD0CEF-8ECE-4588-8934-D9D7C96AE6A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57C0ADBB-6C5F-47EE-85F5-775F579AF1F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57E5AECF-8574-4F73-965E-58851702DCAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57F5D291-F6CC-464B-951A-7FAB304617E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59286F54-A621-4276-AEF4-7686B5439A32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B122858-6C8F-4DDE-9EA9-235C30F1372B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B83E286-29D4-4DD4-A659-5E9B2F7DCDBE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5BA6B794-0852-449A-93DC-6021631E29C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C245882-51D7-4C26-9103-F657230CF5EC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5EC81379-2314-4561-ADE0-A61BF183F20C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5ED2B8A0-C756-460D-A1E2-34A775BAAC8C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{5FF6D34A-073E-4F55-9501-8C67633283F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61BE0EAA-FFAC-4191-8E19-ACCE9ADA8075}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62F506DE-D672-4B43-AB53-A67B5BF0D963}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63AB1F4E-15BE-4468-AB59-6CF34A4DEA54}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63ECA530-158A-4F01-9FE8-AC1588730361}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64AF6315-0004-4137-BCE4-B63C7292C989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64FB51BB-5636-4707-BD72-3411AC44BA87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{652719B3-94C3-4618-9F85-E8186DFA2F8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6644C16F-3EB9-4FCD-BF4F-1E692FAA65B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{684DC05D-ED4A-470B-AF89-FB25315BF748}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68FEB298-D39A-4503-BF01-B258FB4322A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{695AF7DB-408E-4F32-8EAC-57F70B501A82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A0DC9B9-36B3-4707-BEA3-C5B865D34965}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6B25F325-5DE1-4B59-9198-2B13C15DECB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CD874BA-84CF-41DB-9979-9FE248DAC3BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D879160-DCB5-43D6-A88A-3D4BC825A33D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D8AA2A6-5B95-4C02-A63A-879C8FF11703}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FA3A650-82D6-4514-B346-E7F49C79F94D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73AFCB76-2E6C-452A-B81C-2D6BC3C96D8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75855715-EC1D-4852-AF01-8869EDD94131}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75861571-3984-4B42-BC98-F68C4A30175F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{76649943-ED12-4AC2-8D6D-5F44A2154768}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{775A20F5-62AE-4E4F-B49C-AB3002A40F3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77BE1033-D7E5-43FB-B483-7C49DDDEC798}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{7A1C2A2D-5672-49CF-9896-11F99357C8C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B5491B3-2675-46E3-9D3F-B58995513464}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B67345D-133F-4C8C-A310-E95C41FE5CEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7BF5E184-E58E-4B8F-9BD5-B47AD7F0F3AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C58D4F6-6C7C-4368-8EAE-C8F701840CF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C9B1427-BA1A-4FBC-B802-0C6F7FF6730B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81B332A9-A964-4069-81C2-469AC0C3D3A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{82BD935A-F41B-4736-844A-35EE826F9973}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{8360D49D-A22D-458E-AEF6-F87EA2FC50E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83FE5BA3-2A41-43C7-979E-E018827D5BC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{862C951C-CDF1-4ABF-A156-78A4093A097A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8638A07B-2796-45D5-9D96-5D3710D0124B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89343BC6-343C-4621-AF44-9CF49F2C8E2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A9D63CF-7661-41B1-A5FB-2CFF7B5B3F79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BB55AC9-8B3B-476B-A702-3003D6D5ABD5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BBB77D8-A337-445F-B2A3-41171529EEEF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C38DE05-60AA-407F-8FC2-8F1681FD7827}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CF11B52-CAD1-4B9E-B027-297AE1ADF70B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F5400E7-2764-414E-8B0C-428F1C9EDD4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FF56063-BF11-44C9-B918-519828FD482F}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe |
"{9408273B-A393-4C11-9DD2-D55E38F5F221}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94AF3296-22A0-4C64-93F8-C261013ABCCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94BB5DE6-DCD6-4595-ADA6-0AA74C79FBE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{955FC71E-0811-4C24-A219-833011F570DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9690DBA9-7024-44A5-B9CC-7AA8E65D1BC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{979ECC72-FF9B-4A22-AB82-785A4E945534}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9882F481-B82B-4A1A-A25C-2383D08CB58F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{9A224598-9645-4649-B69E-42A36A074490}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9A3D70F3-ADA2-4489-ABEB-B8E7D2A5BC26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B54F64C-5AD1-4C31-A9C1-5E757FD7C146}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9C8AE6D1-D646-4442-84BE-28EF555C04F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D7649E3-AF1B-4806-9074-A436F578700B}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9DAB90B9-9A08-4221-8B4A-9175E9C46CCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E249FA8-4645-4EB9-8CC5-CC66A004A306}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E53C895-5088-460A-966E-91131A4D67C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FE7C4FE-2EFF-4051-9FC7-3ACB971A39E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A00B56C7-EBC3-43A8-86E7-8FC6F2BF92FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0D263DA-314E-48B8-A814-2DCEC2F7F41E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A182F186-28A3-4E35-9CC7-38FC15CAB2A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1A227C5-2698-43AE-B66F-76D2AAC014B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1F12FFD-BBB6-46F5-A246-20224AE74940}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A275E90F-815C-4B6E-8584-C900E8E7E892}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2BA640C-5266-4301-A498-A7EF9260AA06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3CA1EA7-FF0E-499D-A162-D36808CD7BF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A50E4577-00A9-42E0-AFF3-53AE87822ABA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A57B147B-2E55-45B3-9041-9A3D522314F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A651452E-7393-431E-A414-037873D612AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6A6301F-209F-43F9-906D-4225885FF1A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7669824-B109-42A5-86F5-69BBFFEC9984}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A81BD141-CB1C-4567-BD66-C5B8D599C438}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A859557D-0F12-484B-A703-9D99F84189CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA13719B-F62D-4CC2-9678-4EECE2103743}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA587974-9CF9-48CA-B377-2EEF386A878F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB1430C4-3907-4259-A90E-62A2026994E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB9DE830-AF2F-460F-A0B1-BEAC6DFC9A32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD1BCBF7-30A6-4E9A-980F-80DBCAC7A019}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD901EA9-78A2-4879-AE2C-443655A17DF8}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{ADA76B38-AF29-4D8B-891C-C88D8A5A3750}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B0297D2A-5436-4C37-AB75-6A242E631B20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B0DBD01F-59AE-40EC-8F00-89EFC80CC501}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2E2A7D2-FE3F-4324-9846-C192C7677050}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B351C191-6547-4039-A9E4-17CD22796037}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3B84BB1-32EF-48FF-AFA7-1C6B03438FA5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B47525F0-0861-4E5A-8A8C-89C4DDFD16C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6016078-6FD9-4BA4-BFDC-B1B7F527F1CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B68B4453-C563-4AE2-897B-B30841AD8351}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8B2776A-4177-449D-B4EC-D033912F8D0E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B936F611-FF40-4384-9DDA-EE889FFB06CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BBE6EA1A-E35D-4FE6-ADF8-E07526387B41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD4E49A6-D42B-42B0-9821-CE561B0A0128}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BEB50D25-0773-4FC7-A2D2-F6FE4BED81E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1149DE8-970D-4A29-A75F-BBC051669CC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1502D69-4646-4533-A32C-6E4E2094BF67}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{C3D2895A-7CD0-4328-AE2C-C95282A0ACA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5B7B551-90C7-4D55-AB8A-6F36EC3BAE44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6247CB8-1D07-4A08-A848-80031E066B27}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C631FDBE-C380-4D53-AC4E-6C649758FE00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C63D4C6A-F56A-43FE-B006-A45125E31851}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C837DDE5-45B3-43C2-B8AC-AE9758118125}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C86243D8-BAB5-4854-BD5A-C5488F4AAD26}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{C9E503FC-6846-4770-B097-B3C1FE56B8AA}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CA009AC3-52C1-4B27-A257-BC18BD76CACE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA0C7240-27AD-49AD-BF09-3C6029CE6763}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB731E56-E8DD-4129-9C88-C81B64AC37B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CEDD3285-9289-4FD9-8F3A-EB72C460F563}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{D0642932-E85A-4BE6-9646-105E7696DFCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2C9ADFD-30A7-4E79-A3C6-4C84D4F42EDF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3EAE6B8-BCD8-4D02-8F0F-D6C2C0228809}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D41953FA-CE3B-44C3-8804-70C9F5419434}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4429956-C4AD-4473-8791-7FAB8B677217}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D5764DC3-6D90-4BA5-962E-5630BE9F12B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5A26CAF-972D-4571-BCDD-A71DA1A90569}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5FB290F-932B-4284-A909-D5AE2E471CB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6AF7ED4-8ACB-417B-A971-7B1CC751CE63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D775BD6D-C99B-4E7F-830A-0AB16DD03C78}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7A2ACA7-C3B4-414B-9747-7F7651D0005B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D88EC5EF-0866-4F7E-9507-9CC004FA240B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{DAEE735C-6149-46B1-8DC9-1ACF36C001E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DB587F4E-CC43-43AF-B641-0C0CB1C32BB0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC77F832-648C-4255-91AD-2F25C4C23B48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD9DC083-DA61-4D03-9F2B-378F82F3E5AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E067BF6B-0340-46FA-B83E-223671FCB367}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E10B5C6A-1BB6-435F-88D9-8D8D981FC984}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E16376E2-0261-46E6-9F57-D4F6C20EA14D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E2036239-F758-4C96-93CF-BB7670E90FDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E207B831-1AB3-4A2A-B9A8-E203F97C368A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E277ED54-DA65-4C2A-8449-B0A8E9DFC973}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E33529C1-B38B-4FC6-A1B7-8E1EFCB39B07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4175992-75EC-4EE8-BB9C-05CDAF294139}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E45F20F6-DA98-4721-A4CA-394696EAC84E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E62AC0BA-C2A9-42EE-8848-E03BA21DD570}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6D86342-5249-436F-8650-4F1336D95192}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E82A2F9C-B8FF-4984-94B4-24ABD84C0EEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E98488B2-9479-4503-A772-750F46074791}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9C420F7-E4F1-46C4-A6F0-385F10A50761}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA5DD444-A2EB-4A42-823E-DAFD6475E538}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEF39B48-233B-458D-BDD5-91049097B082}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F00968CA-F1A3-40D2-84DB-52EB6A6A7DC4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F5095A59-5B16-49DB-B3B6-AC8B5AD18807}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{F59BAB64-5763-47F7-97F5-9833CA59720C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6528387-1D89-4465-BB28-0415303C55EB}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{F7D1B130-248B-4464-A0D7-261EBDE5448F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8DDEBF0-1A8E-4657-AADC-16DC6AB65EC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8E0182C-677C-4FFC-AA3F-4A15926BB9A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F93B7A5F-1B9F-4F8B-A86E-EE690D6D9B16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F95FC78A-56F4-4499-9DE4-5C1D1EB86E69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9B2FE21-376A-484B-9098-B9803B044450}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9DF3F7D-F171-4729-9FC5-5A8DA3056B94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA72D4B9-6C18-4F19-89EA-D85A9F738A1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAF6E565-AFF8-4BBF-A888-51F89614735B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB02BDB5-6AD8-4393-824C-9B0B2B0B5FA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FBB9C77C-CA9F-44EB-8401-194D8A60A8C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FBFB67DE-B819-46B8-8D87-ADD2A9CDD30B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC12762C-AAA9-465A-BE7C-34E9A709154B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC88E17E-9FFA-42DB-A16F-8D93D0742BAD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF0373D9-2877-4F1D-AE06-DFDFA21E5968}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FFA7C1F3-232D-4452-8D76-21419C79C324}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{3B657649-4D6E-4C5A-957C-99458E3571FF}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4C24BFDE-BEE1-4463-ABBA-CF5690E2D58C}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{7CB07864-646E-41CD-B2D0-D1B41CD5758E}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"TCP Query User{7D19C91F-9957-48AF-9FB8-B188376B95C4}C:\users\jana\desktop\qip infium pafopack\inf.exe" = protocol=6 | dir=in | app=c:\users\jana\desktop\qip infium pafopack\inf.exe |
"TCP Query User{863E478E-3603-4C13-9134-02CFF0E1C89C}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{891D3249-A6A5-43E6-B525-01CA99C99322}D:\program files\sierra\swat 4\content\system\swat4.exe" = protocol=6 | dir=in | app=d:\program files\sierra\swat 4\content\system\swat4.exe |
"TCP Query User{B5210560-2254-427E-863E-6F1B073E08BC}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{B7FA14BA-9965-4568-A495-9467437005A7}C:\users\jana\miranda im kp v4.2\miranda32.exe" = protocol=6 | dir=in | app=c:\users\jana\miranda im kp v4.2\miranda32.exe |
"TCP Query User{C7EFAF7B-127F-4763-8F3F-0F6C48F7CDCA}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |
"TCP Query User{CF9EF0ED-83F0-4B8B-B977-4D8EFC015B59}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{FE546772-6A1C-4F8B-9FE9-982058617D03}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{14F97ECC-693E-4232-9209-C101BB34CC99}C:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\gearbox software\brothersinarms\system\bia.exe |
"UDP Query User{153FED36-DBBA-41A4-8C12-C51F26C07CCA}D:\program files\sierra\swat 4\content\system\swat4.exe" = protocol=17 | dir=in | app=d:\program files\sierra\swat 4\content\system\swat4.exe |
"UDP Query User{42EAA50C-B453-4C4D-8B91-52C21352F44D}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{606761BA-5063-47D3-8D30-B628A13164DD}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{77462C29-7067-4811-BAB4-FBB9C208C315}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{A3386AC7-EB37-4922-944C-639D82471363}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{CD8F63DF-D867-4E44-8DE5-4943FEE48F17}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{E35172C7-379E-4A37-83EC-B58FAD54338B}C:\users\jana\desktop\qip infium pafopack\inf.exe" = protocol=17 | dir=in | app=c:\users\jana\desktop\qip infium pafopack\inf.exe |
"UDP Query User{E7B60692-E0D3-401C-89EB-C9EB62FA0857}C:\users\jana\miranda im kp v4.2\miranda32.exe" = protocol=17 | dir=in | app=c:\users\jana\miranda im kp v4.2\miranda32.exe |
"UDP Query User{E8527288-A483-4954-905A-08BEB360DD92}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{FE648DA8-92B9-4D6E-B371-5CF8FCEA15A7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2C7C0033-0EB0-4271-853D-5A4ED6825641}_is1" = Ford Racing 2
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{30C0CF88-8368-5783-A72E-F9A5B9F9A917}" = Catalyst Control Center Graphics Previews Vista
"{39CDC80C-4330-4556-990D-1975211E2370}" = OpenOffice.org 2.3
"{3BDEE284-1516-40E8-B784-00FEBE1B1029}" = Nero 7 Essentials
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4999E00F-EB5E-402E-B5AE-BB5710F77EEB}" = Music Alarm
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62BFDFDD-2310-F283-9428-D552F6D8AC93}" = CCC Help English
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DD653A-0577-DEDC-2C9B-F32669E06921}" = Catalyst Control Center Graphics Previews Common
"{8018AD38-3EBB-A031-D4F8-EF6A5952F168}" = ATI Catalyst Install Manager
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{9531658F-BA09-EBFB-B2EE-06D639030828}" = Catalyst Control Center InstallProxy
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A6F873F6-F266-4CE4-945D-DFC06388F2CC}" = Hledá se Nemo
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{ColdWar}" = Cold War
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA6348E0-1696-549D-3EFF-58F94CCDA81A}" = ccc-core-static
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = MSI Star Cam 370i
"{ED64E78D-1BA3-3EEC-108B-04F16AA38E2C}" = ccc-utility
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"BrothersInArms" = Brothers In Arms
"CCleaner" = CCleaner (remove only)
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"Crash Time II/EN-English_is1" = Crash Time II
"Defraggler" = Defraggler
"DVD Shrink_is1" = DVD Shrink 3.2
"e82e0fc16e9d0018e614cb2044d3715a-31170409" = Věda hrou
"EAX Unified" = EAX Unified
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InstallShield_{A6F873F6-F266-4CE4-945D-DFC06388F2CC}" = Hledá se Nemo
"Mercedes-Benz Truck Racing" = Mercedes-Benz Truck Racing
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM KenDASS Pack_is1" = Miranda IM KenDASS Pack v4.2
"Network Play System (Patching)" = Network Play System (Patching)
"PhotoFilter" = PhotoFilter
"PhotoFiltre" = PhotoFiltre
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"SWAT 4" = SWAT 4
"The Sims" = The Sims
"Totalcmd" = Total Commander (Remove or Repair)
"VirtualCloneDrive" = VirtualCloneDrive
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13
"Zoo Tycoon 2" = Zoo Tycoon 2
"Zoo tycoon CZ 1.03" = Zoo tycoon CZ 1.03

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Beach Soccer" = Beach Soccer
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.9.2009 3:43:38 | Computer Name = A4800X2 | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 7.0.6000.16890 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: eb8 Čas zahájení: 01ca2c6770b9bf63 Čas ukončení: 61

Error - 4.9.2009 13:16:11 | Computer Name = A4800X2 | Source = Application Error | ID = 1000
Description = Chybující aplikace KMPlayer.exe, verze 2.9.3.1214, časové razítko
0x2a425e19, chybující modul LibDTS.dll_unloaded, verze 0.0.0.0, časové razítko 0x4452b95b,
kód výjimky 0xc0000005, posun chyby 0x0357d084, ID procesu 0x1a1c, čas spuštění
aplikace 0x01ca2d8060fa2b00.

Error - 4.9.2009 16:39:52 | Computer Name = A4800X2 | Source = Application Error | ID = 1000
Description = Chybující aplikace ICQ.exe, verze 6.5.0.1042, časové razítko 0x49aa6a1d,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x1737f280, ID procesu 0x980, čas spuštění aplikace 0x01ca2d52d450d246.

Error - 4.9.2009 16:41:54 | Computer Name = A4800X2 | Source = Application Error | ID = 1000
Description = Chybující aplikace ICQ.exe, verze 6.5.0.1042, časové razítko 0x49aa6a1d,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x0e2b2732, ID procesu 0x1f08, čas spuštění aplikace 0x01ca2d9fe3be2db0.

Error - 7.9.2009 7:20:22 | Computer Name = A4800X2 | Source = Application Error | ID = 1000
Description = Chybující aplikace ShowTime.exe, verze 3.2.3.2, časové razítko 0x45792f44,
chybující modul USER32.dll, verze 6.0.6000.16438, časové razítko 0x45d3dc0e, kód
výjimky 0xc00000fd, posun chyby 0x00021845, ID procesu 0x1574, čas spuštění aplikace
0x01ca2fad2b6ecd90.

Error - 7.9.2009 7:38:07 | Computer Name = A4800X2 | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 6.5.0.1042 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 8e8 Čas zahájení: 01ca2f79a9e311b6 Čas ukončení: 11

Error - 8.9.2009 18:20:18 | Computer Name = A4800X2 | Source = EventSystem | ID = 4621
Description =

Error - 11.9.2009 14:26:28 | Computer Name = A4800X2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 7.0.6000.16890, časové razítko
0x4a619d6d, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0b6dcee0, ID procesu 0xa5c, čas spuštění aplikace
0x01ca32e4da240370.

Error - 12.9.2009 18:17:04 | Computer Name = A4800X2 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12.9.2009 18:17:04 | Computer Name = A4800X2 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ Media Center Events ]
Error - 14.7.2010 11:10:03 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 15.7.2010 9:24:03 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 19.7.2010 1:23:11 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 26.7.2010 6:09:59 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 26.7.2010 13:34:38 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 30.7.2010 13:01:50 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 21.9.2010 5:06:16 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 25.10.2010 7:58:12 | Computer Name = A4800X2 | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ System Events ]
Error - 11.11.2010 14:03:32 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7000
Description =

Error - 11.11.2010 14:03:32 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7026
Description =

Error - 11.11.2010 14:07:25 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7030
Description =

Error - 11.11.2010 14:12:52 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7030
Description =

Error - 11.11.2010 14:19:35 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7000
Description =

Error - 11.11.2010 14:19:35 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7026
Description =

Error - 11.11.2010 16:28:55 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7000
Description =

Error - 11.11.2010 16:28:55 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7026
Description =

Error - 11.11.2010 16:38:52 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7000
Description =

Error - 11.11.2010 16:38:52 | Computer Name = A4800X2 | Source = Service Control Manager | ID = 7026
Description =


< End of report >
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod jaro3 » 11 lis 2010 22:54

Tu asociaci souboru jsem nenašel, tam se to dá někde nastavit? :/
Systém mě ještě nepustí do prizpusobit, a nedostanu se ani do vlastnosti tohoto pocitace
Vyzkoušíme potom , po čištění.
Jedná se o ikony , nebo i soubory .exe aj.??

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (RpcLocator) -- C:\Windows\System32\locator.exe File not found
DRV - (SetupNTGLM7X) -- E:\NTGLM7X.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NTACCESS) -- E:\NTACCESS.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- E:\INSTALL\GMSIPCI.SYS File not found
DRV - (eamonm) -- C:\Windows\System32\DRIVERS\eamonm.sys File not found
DRV - (catchme) -- C:\Users\Jana\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\System32\perfh005.dat
C:\Windows\System32\perfh009.dat
C:\Windows\System32\perfc005.dat
C:\Windows\System32\perfc009.dat
C:\Windows\ativpsrm.bin
C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Jana\AppData\Local\d3d9caps.dat
C:\Users\Jana\AppData\Roaming\ICQ Toolbar

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
************************************************************************************************************************************
Nainstaluj si javu:
Java SE Runtime Environment 6u22
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u22-windows-i586-p.exe
************************************************************************************************************************************
Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT


Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 12 lis 2010 20:59

Vyzkoušíme potom , po čištění.
Jedná se o ikony , nebo i soubory .exe aj.??

Stále nic, a je to uplně u všech souboru jak na ploše tak ve slozkach...
Zde jsou logy:


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service RpcLocator stopped successfully!
Service RpcLocator deleted successfully!
File C:\Windows\System32\locator.exe File not found not found.
Service SetupNTGLM7X stopped successfully!
Service SetupNTGLM7X deleted successfully!
File E:\NTGLM7X.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service NTACCESS stopped successfully!
Service NTACCESS deleted successfully!
File E:\NTACCESS.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File E:\INSTALL\GMSIPCI.SYS File not found not found.
Service eamonm stopped successfully!
Service eamonm deleted successfully!
File C:\Windows\System32\DRIVERS\eamonm.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Jana\AppData\Local\Temp\catchme.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\System32\drivers\blbdrive.sys File not found not found.
Service ADIHdAudAddService stopped successfully!
Service ADIHdAudAddService deleted successfully!
File C:\Windows\System32\drivers\ADIHdAud.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
C:\Windows\Downloaded Program Files\OberonGameHost_dbg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\comfile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully!
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\1-Click Maintenance.job moved successfully.
c:\windows\Tasks\AWC Startup.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2885730464-1649813371-635353934-1000UA.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{EFE44326-8D13-44FC-BF09-710CA8EE3ABD}.job moved successfully.
c:\windows\Tasks\WebReg Deskjet F4100 series.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\ativpsrm.bin moved successfully.
C:\Users\Jana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Jana\AppData\Local\d3d9caps.dat moved successfully.
C:\Users\Jana\AppData\Roaming\ICQ Toolbar folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jana
->Temp folder emptied: 233534 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 17754507 bytes
->Flash cache emptied: 233 bytes

User: Public
->Temp folder emptied: 0 bytes

User: tytytýnka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 114917 bytes
->Flash cache emptied: 405 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25176 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11122010_204442

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 12 lis 2010 21:00

OTL logfile created on: 12.11.2010 20:50:34 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jana\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 50,58 Gb Free Space | 34,53% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 308,32 Gb Free Space | 96,57% Space Free | Partition Type: NTFS
Drive L: | 7,46 Gb Total Space | 7,23 Gb Free Space | 96,98% Space Free | Partition Type: NTFS

Computer Name: A4800X2 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe ()
PRC - C:\Windows\tsnpstd3.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)


========== Modules (SafeList) ==========

MOD - C:\Users\Jana\Desktop\OTL (2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)


========== Driver Services (SafeList) ==========

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (ATI Technologies, Inc.)
DRV - (cpuz134) -- C:\Windows\System32\drivers\cpuz134_x32.sys (Windows (R) Win 7 DDK provider)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (VClone) -- C:\Windows\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.11.11 19:12:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jana\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.11.12 20:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.11.12 20:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.11.12 20:49:00 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.12 20:49:00 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.12 20:49:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.12 20:49:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.12 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.11.12 20:47:48 | 016,074,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Jana\Desktop\jre-6u22-windows-i586.exe
[2010.11.12 20:44:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.11 21:46:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.11.11 19:19:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.11.11 19:15:24 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\temp
[2010.11.11 19:14:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.11 16:43:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\IObit
[2010.11.10 21:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.11.10 21:24:45 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\cpuz134_x32.sys
[2010.11.10 21:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010.11.10 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Jana\Desktop\ProbeII
[2010.11.10 20:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.11.10 20:40:28 | 000,000,000 | ---D | C] -- C:\ATI
[2010.11.10 19:25:23 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Malwarebytes
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.10 19:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.09 19:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.10.29 08:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2008.02.16 17:12:27 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpx32.dll
[2008.02.16 17:12:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2008.02.16 17:12:26 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2008.02.09 21:44:16 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.12 20:48:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.12 20:48:44 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.12 20:48:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.12 20:48:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.12 20:46:10 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.12 20:46:09 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.12 20:46:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.12 20:46:04 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.11.12 20:42:17 | 016,074,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Jana\Desktop\jre-6u22-windows-i586.exe
[2010.11.11 21:46:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL (2).exe
[2010.11.11 21:34:50 | 000,001,670 | ---- | M] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 21:29:15 | 000,575,488 | ---- | M] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 19:20:14 | 000,002,521 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.10 21:28:44 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.10 20:38:37 | 000,237,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.09 19:51:31 | 001,402,880 | ---- | M] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.08 15:27:57 | 001,250,043 | ---- | M] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:42 | 001,104,772 | ---- | M] () -- C:\Users\Jana\naramek1.JPG
[2010.11.07 16:47:50 | 000,002,037 | ---- | M] () -- C:\Users\Jana\Desktop\Google Chrome.lnk
[2010.11.07 15:41:58 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.10.29 08:31:42 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.10.28 18:08:10 | 000,824,978 | ---- | M] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.10.13 22:23:55 | 000,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.12 20:46:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.11 21:42:51 | 000,824,978 | ---- | C] () -- C:\Users\Jana\Desktop\otlv4.h
[2010.11.11 21:37:13 | 000,575,488 | ---- | C] () -- C:\Users\Jana\Desktop\OTL.exe
[2010.11.11 21:34:50 | 000,001,670 | ---- | C] () -- C:\Users\Jana\Desktop\CCleaner.lnk
[2010.11.11 19:20:06 | 000,002,521 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.lnk
[2010.11.11 19:17:47 | 001,402,880 | ---- | C] () -- C:\Users\Jana\Desktop\HiJackThis.msi
[2010.11.10 21:28:44 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.11.10 21:24:45 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.11.10 20:42:54 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
[2010.11.08 15:27:52 | 001,250,043 | ---- | C] () -- C:\Users\Jana\naramek2.JPG
[2010.11.08 15:27:38 | 001,104,772 | ---- | C] () -- C:\Users\Jana\naramek1.JPG
[2010.10.29 08:31:42 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ6.5.lnk
[2010.09.29 02:13:06 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.09.13 13:19:09 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.06.20 11:21:35 | 000,004,156 | ---- | C] () -- C:\Windows\wininit.ini
[2010.06.20 08:48:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.16 17:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2008.09.12 11:31:37 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.07.01 17:24:26 | 000,056,320 | R--- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.06.18 17:13:23 | 000,233,472 | R--- | C] () -- C:\Users\Jana\AppData\Roaming\MafiaSetup.exe
[2008.03.15 19:46:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.03.13 18:33:36 | 000,000,777 | ---- | C] () -- C:\Windows\System32\trial_setup.ini
[2008.02.16 21:36:54 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.02.16 17:12:33 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2008.02.11 22:38:08 | 000,002,382 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.02.11 22:31:38 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2008.02.11 22:31:37 | 000,012,664 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2008.02.11 22:31:34 | 000,012,096 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2008.02.11 22:31:34 | 000,010,304 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2008.02.09 00:22:05 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.02.09 00:21:43 | 000,026,113 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.02.09 00:21:32 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.18 22:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.18 22:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.18 22:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.18 22:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2008.01.18 22:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.18 22:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.07.13 08:59:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.07.13 08:59:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.07.13 08:59:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2008.01.18 22:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.18 22:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2008.01.18 22:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2007.01.05 21:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007.01.05 21:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_45f67928\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2008.01.18 22:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.18 22:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2008.01.18 22:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Jana\Flashdance.avi:TOC.WMV

< End of report >
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod jaro3 » 12 lis 2010 22:19

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found

:Files
C:\Windows\ativpsrm.bin

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Start---ovl. panely----programy---výchozí programy----nastavení výchozích programů.
či nastavení přidružení.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 12 lis 2010 22:25

Log


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
C:\Windows\System32\GPhotos.scr moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}\ not found.
========== FILES ==========
C:\Windows\ativpsrm.bin moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jana
->Temp folder emptied: 113820 bytes
->Temporary Internet Files folder emptied: 38424 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: tytytýnka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 4838 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7002 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11122010_222241

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod jaro3 » 12 lis 2010 22:31

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud Ti asociace nepůjde , mrknu na net , nebo zadej nové téma v sekci Windows , kolegové Ti rádi poradí.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Razzell
Level 2
Level 2
Příspěvky: 231
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod Razzell » 12 lis 2010 22:33

Tak ta asociace nejde, a system to take neotevira :( vazne nevim jak dal :( kazdopadne dekuji.
MSI KA780G, DualCore AMD Althon X2 (5400+, 2,80GHz)+ Arctic Cooling Freezer 64 Pro, Kingston 2X512 DDR2, 2X1GB A-DATA EXTREME DDR2,W. D. 250GB SATA II + Seagate Barracuda 250GB SATA II + Fujitsu Siemens (w.d.) 250GB USB, Asus 8600GT 256MB RAM DDR3, EuroCase 450W, LCD 19´ Asus VW192

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, bude tam toho asi hodne.

Příspěvekod jaro3 » 12 lis 2010 22:46

Systém to neotvírá? Myslíš Start--ovl. panely--Systém a zabezpečení??

Stáhni si VistaManager
Kde máš možnost opravit systém windows. (Repair windows)
Opravy by měly pomoci i tehdy, kdy systém naběhne, ale některá jeho komponenta je poškozena.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 17 hostů