a druhý extras.txt
OTL Extras logfile created on: 17.3.2011 21:31:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Eda\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 685,00 Mb Available Physical Memory | 67,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 31,03 Gb Total Space | 13,60 Gb Free Space | 43,82% Space Free | Partition Type: NTFS
Drive D: | 39,21 Gb Total Space | 5,28 Gb Free Space | 13,47% Space Free | Partition Type: NTFS
Drive E: | 6,08 Gb Total Space | 6,02 Gb Free Space | 99,00% Space Free | Partition Type: NTFS
Computer Name: EDA | User Name: Eda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot
"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot
"1034:TCP" = 1034:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client
"G:\MLB\mlb2k10.exe" = G:\MLB\mlb2k10.exe:*:Enabled:2K Sports Major League Baseball 2K10
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)
"C:\Program Files\DarkZone2 Installation\DarkZone2.exe" = C:\Program Files\DarkZone2 Installation\DarkZone2.exe:*:Enabled:DarkZone2
"C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam
"D:\HRY\Left4Dead\hl2.exe" = D:\HRY\Left4Dead\hl2.exe:*:Enabled:hl2 -- ()
"G:\MVP Baseball 2005\mvp2005.exe" = G:\MVP Baseball 2005\mvp2005.exe:*:Enabled:mvp2005
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\HRY\Quake4Ded.exe" = D:\HRY\Quake4Ded.exe:*:Enabled:Quake 4 -- ()
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX47.437\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX47.437\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX03.484\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX03.484\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.953\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.953\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.015\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.015\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.390\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.390\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.859\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.859\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.328\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.328\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.515\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX01.515\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.593\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.593\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.109\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.109\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.750\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.750\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX02.718\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX02.718\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.015\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.015\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.750\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.750\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX25.312\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX25.312\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.578\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.578\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Dokumenty\Downloads\SindicateM2\metin2client.bin" = C:\Documents and Settings\Eda\Dokumenty\Downloads\SindicateM2\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Dokumenty\Downloads\SindicateM2\client.bin" = C:\Documents and Settings\Eda\Dokumenty\Downloads\SindicateM2\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.218\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.218\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.406\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.406\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.796\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.796\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX14.312\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX14.312\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.000\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.000\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.296\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.296\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX16.531\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX16.531\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.687\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.687\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.968\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.968\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.171\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.171\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client
"D:\Dragon Age\bin_ship\daorigins.exe" = D:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra -- (BioWare)
"D:\Dragon Age\DAOriginsLauncher.exe" = D:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit -- (BioWare)
"D:\Dragon Age\bin_ship\daupdatersvc.service.exe" = D:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat -- (BioWare)
"D:\PvAll-MT2\game.bin" = D:\PvAll-MT2\game.bin:*:Enabled:game -- ()
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\Shinobu\Shinobu.exe" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.453\Shinobu\Shinobu.exe:*:Enabled:Shinobu
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.265\Metin2United\Metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.265\Metin2United\Metin2client.bin:*:Enabled:Metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX32.140\Metin2United\Metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX32.140\Metin2United\Metin2client.bin:*:Enabled:Metin2client
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.437\Metin2United\Metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.437\Metin2United\Metin2client.bin:*:Enabled:Metin2client
"C:\Documents and Settings\Eda\Plocha\Counter-Strike 1.6+ZBot\hl.exe" = C:\Documents and Settings\Eda\Plocha\Counter-Strike 1.6+ZBot\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Documents and Settings\Eda\Plocha\SindicateM2 - Kopie (6)\metin2client.bin" = C:\Documents and Settings\Eda\Plocha\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\Eda\Plocha\SindicateM2 - Kopie (6)\client.bin" = C:\Documents and Settings\Eda\Plocha\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client -- ()
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.156\Metin2United\Metin2client.bin" = C:\Documents and Settings\Eda\Local Settings\Temp\Rar$EX00.156\Metin2United\Metin2client.bin:*:Enabled:Metin2client
"C:\Documents and Settings\Eda\Plocha\Metin2United\Metin2client.bin" = C:\Documents and Settings\Eda\Plocha\Metin2United\Metin2client.bin:*:Enabled:Metin2client -- ()
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG
"C:\Documents and Settings\Eda\Plocha\ShadowMt\mc.exe" = C:\Documents and Settings\Eda\Plocha\ShadowMt\mc.exe:*:Enabled:mc
"C:\Documents and Settings\Eda\Plocha\DarknessMt2\mc.exe" = C:\Documents and Settings\Eda\Plocha\DarknessMt2\mc.exe:*:Enabled:mc
"C:\NVIDIA\DisplayDriver\197.45\WinXP\International\Metin2United\Metin2client.bin" = C:\NVIDIA\DisplayDriver\197.45\WinXP\International\Metin2United\Metin2client.bin:*:Enabled:Metin2client
"C:\Documents and Settings\Eda\Dokumenty\Downloads\Metin2client.bin" = C:\Documents and Settings\Eda\Dokumenty\Downloads\Metin2client.bin:*:Enabled:Metin2client -- ()
"C:\Documents and Settings\Eda\Dokumenty\Downloads\Blacknight-mt2 client 1.2\lib\game\Game.exe" = C:\Documents and Settings\Eda\Dokumenty\Downloads\Blacknight-mt2 client 1.2\lib\game\Game.exe:*:Enabled:Game -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK 11n USB Wireless LAN Driver and Utility
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Ares" = Ares 2.1.7
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Hamachi" = Hamachi 1.0.1.5
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"VLC media player" = VLC media player 1.0.5
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WolfTeam International_is1" = WolfTeam International
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2010" = QIP 2010 10.4.23.3289
"QipGuard" = QIP Internet Guardian
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.7.2010 12:35:59 | Computer Name = EDA | Source = MPSampleSubmission | ID = 5000
Description =
Error - 17.7.2010 7:51:14 | Computer Name = EDA | Source = MPSampleSubmission | ID = 5000
Description =
Error - 17.7.2010 7:51:29 | Computer Name = EDA | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 27.7.2010 3:11:35 | Computer Name = EDA | Source = MPSampleSubmission | ID = 5000
Description =
Error - 27.7.2010 3:11:50 | Computer Name = EDA | Source = MSSecurityEssentials | ID = 5000
Description =
Error - 1.8.2010 5:14:01 | Computer Name = EDA | Source = Application Error | ID = 1000
Description = Chybující aplikace metin2.bin, verze 0.0.0.0, chybující modul metin2.bin,
verze 0.0.0.0, adresa chyby 0x001fb0cf.
Error - 1.8.2010 5:19:23 | Computer Name = EDA | Source = Application Error | ID = 1000
Description = Chybující aplikace metin2.bin, verze 0.0.0.0, chybující modul metin2.bin,
verze 0.0.0.0, adresa chyby 0x001fb0cf.
Error - 2.8.2010 5:49:26 | Computer Name = EDA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
[ OSession Events ]
Error - 4.5.2010 5:08:56 | Computer Name = EDA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12.2.2011 18:55:24 | Computer Name = EDA | Source = DCOM | ID = 10010
Description = Server {0002DF01-0000-0000-C000-000000000046} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 27.2.2011 13:33:14 | Computer Name = EDA | Source = Service Control Manager | ID = 7031
Description = Služba Akamai NetSession Interface byla nečekaně ukončena. Stalo se
to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat
službu.
Error - 5.3.2011 7:33:50 | Computer Name = EDA | Source = Print | ID = 6161
Description = Tisk dokumentu Prihlaska_SS.xls (vlastník: Eda) na tiskárně Canon
iP4200 se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty):
0 Počet vytištěných bajtů: 0 Celkový počet stran v dokumentu: 0 Počet vytištěných stran:
0 Klientský počítač: \\EDA Kód chyby Win32, vrácený tiskovým procesorem: 259 (0x103)
Error - 7.3.2011 6:47:15 | Computer Name = EDA | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek C: spustit nástroj chkdsk.
Error - 7.3.2011 14:13:01 | Computer Name = EDA | Source = Service Control Manager | ID = 7031
Description = Služba Akamai NetSession Interface byla nečekaně ukončena. Stalo se
to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat
službu.
Error - 17.3.2011 11:49:59 | Computer Name = EDA | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.
Error - 17.3.2011 11:50:11 | Computer Name = EDA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: IntelIde
Error - 17.3.2011 13:55:18 | Computer Name = EDA | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 17.3.2011 13:55:44 | Computer Name = EDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 17.3.2011 13:56:42 | Computer Name = EDA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Fips intelppm sptd
< End of report >
prosím o kontrolu logu +
-
Nejezchlebicek
- Level 3
- Příspěvky: 425
- Registrován: prosinec 08
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu +
Odinstaluj:
DAEMON Tools Toolbar
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
DAEMON Tools Toolbar
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [nwiz] File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O33 - MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\Shell - "" = AutoRun
O33 - MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe
[2004.08.18 13:00:00 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,432,272 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,079,220 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,068,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\Eda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\d3d9caps.dat
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Nejezchlebicek
- Level 3
- Příspěvky: 425
- Registrován: prosinec 08
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu +
díky, zde je log
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
File G:\USBAutoRun.exe not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002554_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Eda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Eda
->Temp folder emptied: 12722696 bytes
->Temporary Internet Files folder emptied: 1592406 bytes
->Google Chrome cache emptied: 38418983 bytes
->Opera cache emptied: 1810619 bytes
->Flash cache emptied: 1960239 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 2372276 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 90933080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 143,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 03182011_134631
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_268.dat not found!
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Documents and Settings\Eda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed18634-7e42-11df-b536-001f1f867533}\ not found.
File G:\USBAutoRun.exe not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002554_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Eda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Eda
->Temp folder emptied: 12722696 bytes
->Temporary Internet Files folder emptied: 1592406 bytes
->Google Chrome cache emptied: 38418983 bytes
->Opera cache emptied: 1810619 bytes
->Flash cache emptied: 1960239 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 2372276 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 90933080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 143,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 03182011_134631
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_268.dat not found!
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím o kontrolu logu +
Nemáš zač!
Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 56 hostů