Prosím o kontrolu logu > zpomalené a zasekané pc.

Barny3 · Příspěvekod **Barny3** » 19 srp 2011 17:39

ok mam to :) :::>

ComboFix 11-08-18.03 - Ferda 19.08.2011 17:20:57.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.702 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ferda\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Ferda\Plocha\CFScript.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-19 do 2011-08-19 )))))))))))))))))))))))))))))))
.
.
2011-08-19 11:28 . 2011-08-19 11:29 -------- d-----w- c:\documents and settings\Ferda\Data aplikací\PriceGong
2011-08-16 12:53 . 2011-08-16 12:53 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{4B0F043C-7F75-4273-8BB4-DA0455DFBF5F}
2011-08-16 12:53 . 2011-08-16 12:53 -------- d-----w- c:\program files\Common Files\Topaz Labs
2011-08-16 12:53 . 2011-08-16 12:53 -------- d-----w- c:\program files\Topaz Labs
2011-08-16 12:00 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-16 12:00 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-08-16 11:59 . 2011-08-16 12:02 -------- d-----w- c:\program files\o.tel.o
2011-08-15 16:44 . 2011-08-15 16:44 -------- d-----w- c:\program files\Driver-Soft
2011-08-15 09:21 . 2011-08-15 09:21 -------- d-----w- c:\documents and settings\Ferda\Data aplikací\DVDVideoSoft
2011-08-15 09:21 . 2011-08-19 11:28 -------- d-----w- c:\documents and settings\Ferda\Local Settings\Data aplikací\DVDVideoSoftTB
2011-08-15 09:20 . 2011-08-15 09:21 -------- d-----w- c:\documents and settings\Ferda\Local Settings\Data aplikací\Conduit
2011-08-15 08:58 . 2011-08-15 08:58 -------- d-----w- c:\windows\system32\NtmsData
2011-08-14 14:45 . 2011-08-14 18:03 -------- d-----w- c:\program files\ICQ7.5
2011-08-13 14:44 . 2011-08-13 14:44 -------- d-----w- c:\documents and settings\Ferda\Data aplikací\Malwarebytes
2011-08-13 14:44 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-13 14:44 . 2011-08-13 14:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-13 14:43 . 2011-08-13 14:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-13 14:43 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-13 14:18 . 2011-08-13 14:18 388096 ----a-r- c:\documents and settings\Ferda\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-13 14:18 . 2011-08-13 14:18 -------- d-----w- c:\program files\Trend Micro
2011-08-13 12:20 . 2011-08-13 12:20 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2011-08-13 12:19 . 2011-08-13 12:19 -------- d-----w- c:\windows\system32\oodag
2011-08-13 11:59 . 2011-08-13 11:59 -------- d-----w- c:\documents and settings\Ferda\Local Settings\Data aplikací\O&O
2011-08-13 11:55 . 2011-08-13 11:55 -------- d-----w- c:\program files\OO Software
2011-08-13 11:16 . 2011-08-13 11:16 -------- d-----w- c:\documents and settings\Ferda\X86
2011-08-13 11:16 . 2011-08-13 11:16 -------- d-----w- c:\documents and settings\Ferda\X64
2011-08-11 07:46 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 07:43 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2002-08-29 01:59 456320 ------w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-09 20:34 . 2011-07-09 20:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-08 14:02 . 2001-10-25 14:00 10496 ------w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 15:22 . 2011-06-29 15:22 1626440 ----a-w- c:\windows\system32\ooscrsav.scr
2011-06-29 15:21 . 2011-06-29 15:21 275784 ----a-w- c:\windows\system32\oodbs.exe
2011-06-29 15:20 . 2011-06-29 15:20 535880 ----a-w- c:\windows\system32\oodssrs.dll
2011-06-29 15:19 . 2011-06-29 15:19 9544 ----a-w- c:\windows\system32\oodbsrs.dll
2011-06-24 14:10 . 2002-01-01 23:04 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2002-09-20 18:05 668160 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2001-10-25 14:00 61952 ------w- c:\windows\system32\tdc.ocx
2011-06-21 18:18 . 2009-07-17 17:05 81920 ------w- c:\windows\system32\ieencode.dll
2011-06-21 18:16 . 2009-07-17 17:05 370176 ------w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2002-09-20 18:05 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2002-09-20 17:41 1858944 ------w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-12 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-06-29 2770248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 08:28 124480 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-06-29 15:22 2770248 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-06-12 16:55 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Ferda\\Plocha\\utorrent.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Day of Defeat\\hl.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\sweeney\\bass4\\TBass4\\TBass4.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18878:TCP"= 18878:TCP:BitComet 18878 TCP
"18878:UDP"= 18878:UDP:BitComet 18878 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.7.2009 19:47 721904]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [29.6.2011 17:22 2468168]
S3 A0380VID;WinFast iCAM100 M;c:\windows\system32\drivers\A0380Vid.sys [20.7.2009 18:08 3935872]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [13.8.2011 16:44 41272]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [27.12.2009 1:50 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [27.12.2009 1:50 8320]
S4 gupdate1ca142dd3f52e28;Služba Google Update (gupdate1ca142dd3f52e28);c:\program files\Google\Update\GoogleUpdate.exe [3.8.2009 13:30 133104]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3.8.2009 13:30 133104]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
.
Obsah adresáře 'Naplánované úlohy'
.
2010-11-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\documents and settings\Ferda\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 90.183.115.6
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-19 17:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1606980848-329068152-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:88,e8,2b,2c,c3,6a,7e,8c,f8,79,07,12,0a,96,cd,0d,21,66,96,5a,47,d7,13,
90,ba,07,72,f8,c9,76,e5,b7,ff,49,1e,54,d5,98,66,ff,92,08,0a,a6,6c,0d,f8,8f,\
"??"=hex:b5,5e,67,b3,49,08,72,ad,41,a9,3a,9c,e3,bb,58,83
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•6~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="09E107CD2F9703BEF80B346438ACF207E4542B3DEEE74349E0046EBB59A18A5B1E697B2E4D2619B77A131FBA2770BB25ED96A7585EFBD90543E2DD5A69204C9D1DACD50AE6009A7ECF5D85D3A409FEF38DA136FD6C82B80B58F93DF4262A311FD1E48B2746E2EE834B920AED92745D2C382FC3062DDA607BDCB2E31FF99F370DDC5082F1CB512F99FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933BA7FD869164D67949DB7CE019D40AA5CC12C5FC557D5765CBBE7C1A81E72836319861DCE6BA0BEC09DBFD664173CE9B8E5013D2E401AEBEE7A575524817483519B66EF9A69ECCB0375EA217D521D13E19054F31B802C7D9C9EEAF87F9187F94E9206A45BBC1C073485D2FD83E4A34573732A1276F9065E67C376CB7CA6C73A049CAC07CC520800CA9150044AEF8CEC4B988B20CEA364F83654D46104AC92C9042AA557CE2950799CAE3F42CB285929285A869654074866D31263419E2289603F833DC7E5D7D9E9E8C97E3AA3574D4E316829E35DC1F67AEE910464FC19146D10BFC8823904C87ACE20F15E94D97063EEC60B6BE507F93918BB1BBC71BBDB11AF4E9DA315EB8B0BD1C4801A82A18EA4CF4E4101091D9E5AC6CC14AAF1434EA23EF01739E85FCDAEDA1F17497535B97F25A86CEF0B5E75C9D656DC079BFE9D2A3FBC13C8494285AB37E9A4BD1CAA449923D8AAF65038D3A883BCE41C2B53C0E4999C74CAEC0CE87A96321DBB4632C6CAE42FA04662AED2CCF2B8A3A90536F145194CA1A9B1CA724C8D5D777CE88C1D1CE5D4F7057056CFBCA7D791E12F342EF0ECDE86C6169E630294A0B0AC1D8DE74F89465DCD4CD9EAB58F7AAD6BD46BB8C0A83A1075BEB9BBB28886C7EE9F9F8B579452802C6BF70B2977D3F7E1C4101743C398B17EF2E6C429A8EEBF56D240AFDBAE1E17A56703D8B9906E77D4F1E814B79907631D1E018963990BA16DB880C0B7671FD8AD7E60C0C2732736C6F3D0BD16E9669D0151785915E4E377AFFB84EEFAAF23032F920B744D992E402F84B86508D6EEDECEBFD1C6227552D10FE908ADE95CC8D608A911689C6188277783A1A169E9282D9FC1A528281C0644F172D536792705970A6D9557240D0E8280F2A4CD4C0C700C7DD22099740F02662E2AD084D8AD1E0E7CABCD3C8D436CEA1DF96C85F50F79066A14017B08641B5313CB6D58E3F0310818D784D9B28EA57D136438ADDF244AABD7471C6E1C987FAC6233B5B431562DD58B0597B4A7DC8BDC9EA0DBEAB864BA0EB055DADB190E2B934EDF45E386A8D64B77EF7916AD0249AEED403DA662CAF9C4CF4BBAEC1F8771B00279CE715F1344C1F3F3300C3F325B9B257C58116F36896A8357C79200ADF9B09AC697ACECA763968A9557E58888"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1016)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1688)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Celkový čas: 2011-08-19 17:34:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-19 15:34
ComboFix2.txt 2011-08-19 15:03
ComboFix3.txt 2011-08-19 11:16
.
Před spuštěním: Volných bajtů: 21 202 329 600
Po spuštění: Volných bajtů: 21 182 562 304
.
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6882849E5FEAB576F93E0DAD4CD7A7BF

Reklama

Příspěvekod **jaro3** » 19 srp 2011 22:59

Tyto složky:
c:\program files\o.tel.o
c:\documents and settings\Ferda\X86
c:\documents and settings\Ferda\X64
znáš??

Můžeš smazat složku:
c:\documents and settings\Ferda\Local Settings\Data aplikací\Conduit

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Vlož nový log z HJT+ info o PC (rychlost , sekání)..

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 00:43

ty dve prvni sem smazal a tahle nejde c:\documents and settings\Ferda\X64 je to nejaka licence k Diskeeper.

c:\documents and settings\Ferda\Local Settings\Data aplikací\Conduit tuhle slozku sem v pc ani nenasel, ale kdyz sem ji nechal vyhledat...tak nvm co s tim:(.

//edit mam takovej bonbonek navic:( zacal se mi sam od sebe vypinat monitor, naskakuje neni signal pak se restartuje pc a treba monitor nenaskoci nebo naskoci za chvilku se vypne. nevim co s tim :( ani cim to muze byt.

Příspěvekod **jaro3** » 20 srp 2011 10:34

asi grafika , zkus jí vyměnit.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 10:55

OTL logfile created on: 20.8.2011 10:37:33 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Ferda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,47 Mb Total Physical Memory | 735,74 Mb Available Physical Memory | 71,89% Memory free
2,40 Gb Paging File | 2,25 Gb Available in Paging File | 93,74% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 19,45 Gb Free Space | 26,09% Space Free | Partition Type: NTFS

Computer Name: FERDA-TP9HWD7XA | User Name: Ferda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ferda\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (helpsvc) -- File not found
SRV - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SRS Labs License Service) -- C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe (SRS Labs)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (A0380VID) -- C:\WINDOWS\system32\drivers\A0380Vid.sys (CNLTF.)
DRV - (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter.sys ()
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (WmHidLo) -- C:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\WINDOWS\system32\drivers\hidgame.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/#utm_source=icq&utm_medium=centrum"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 15:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.04.25 15:55:37 | 000,000,000 | ---D | M]

[2010.01.16 03:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions
[2009.07.17 22:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.01.16 03:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\MediaCoder
[2011.08.13 16:36:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions
[2011.08.15 11:20:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.26 17:23:42 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\searchplugins\qipsearch.xml

O1 HOSTS File: ([2011.08.19 17:29:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Ferda\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: ([]msn in Tento počítač)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.01.02 01:08:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.08.20 10:35:42 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ferda\Plocha\OTL.exe
[2011.08.20 00:35:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.08.19 17:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.08.19 13:28:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Data aplikací\PriceGong
[2011.08.19 13:02:19 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.08.19 12:59:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.08.19 12:59:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.08.19 12:59:52 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.08.19 12:59:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.08.19 12:01:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ferda\Recent
[2011.08.16 15:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\c4d
[2011.08.16 14:53:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{4B0F043C-7F75-4273-8BB4-DA0455DFBF5F}
[2011.08.16 14:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Topaz Labs
[2011.08.16 14:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2011.08.16 14:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Topaz Labs
[2011.08.16 14:52:18 | 019,692,521 | ---- | C] (Topaz Labs ) -- C:\Documents and Settings\Ferda\Plocha\topazclean_setup.exe
[2011.08.16 14:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\Adobe Photoshop CS5
[2011.08.16 14:00:32 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011.08.16 10:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\sign
[2011.08.15 18:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Dokumenty\SuperOvladac
[2011.08.15 18:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Super Ovladac
[2011.08.15 18:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2011.08.15 18:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\Reflexy
[2011.08.15 11:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Data aplikací\DVDVideoSoft
[2011.08.15 11:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Local Settings\Data aplikací\DVDVideoSoftTB
[2011.08.15 11:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine
[2011.08.15 11:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Local Settings\Data aplikací\Conduit
[2011.08.15 11:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Data aplikací\DVDVideoSoftIEHelpers
[2011.08.15 10:58:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.08.14 16:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ICQ7.5
[2011.08.14 16:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.08.13 22:46:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.08.13 22:45:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.13 22:42:54 | 004,177,927 | R--- | C] (Swearware) -- C:\Documents and Settings\Ferda\Plocha\ComboFix.exe
[2011.08.13 20:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\moto gp
[2011.08.13 16:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Data aplikací\Malwarebytes
[2011.08.13 16:44:04 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.13 16:44:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.08.13 16:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.08.13 16:43:57 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.13 16:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.13 16:43:10 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ferda\Plocha\mbam-setup-1.51.1.1800.exe
[2011.08.13 16:33:23 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Ferda\Plocha\ATF-Cleaner.exe
[2011.08.13 16:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.08.13 16:18:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Nabídka Start\Programy\HiJackThis
[2011.08.13 14:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Plocha\mp3
[2011.08.13 14:19:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oodag
[2011.08.13 13:59:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\Local Settings\Data aplikací\O&O
[2011.08.13 13:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\O&O Software
[2011.08.13 13:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2011.08.13 13:30:45 | 020,372,288 | ---- | C] (O&O Software GmbH) -- C:\Documents and Settings\Ferda\Plocha\OODefrag14ProfessionalEnu.exe
[2011.08.13 13:16:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ferda\X64
[2011.08.11 19:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[2011.08.11 09:46:20 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011.08.11 09:43:19 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2009.07.28 13:11:44 | 000,032,768 | ---- | C] ( ) -- C:\WINDOWS\System32\ShellLnkSSE.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Ferda\Data aplikací\*.tmp files -> C:\Documents and Settings\Ferda\Data aplikací\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.20 10:35:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ferda\Plocha\OTL.exe
[2011.08.20 10:28:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.20 10:28:37 | 000,044,964 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.08.20 10:28:30 | 000,074,008 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011.08.20 01:24:43 | 367,509,504 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Simpsonovi-22-15-Příběh-skorpiona-cz.avi
[2011.08.19 17:29:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.08.19 13:02:28 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.08.19 12:59:16 | 004,177,927 | R--- | M] (Swearware) -- C:\Documents and Settings\Ferda\Plocha\ComboFix.exe
[2011.08.19 12:15:41 | 001,341,084 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\kosile.JPG
[2011.08.19 12:03:16 | 000,009,426 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110819_120313.reg
[2011.08.18 15:34:58 | 000,035,596 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\oko-f526_290.jpeg
[2011.08.17 14:53:55 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2011.08.16 14:53:09 | 000,064,828 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\bushbinladen.jpg
[2011.08.16 14:52:41 | 019,692,521 | ---- | M] (Topaz Labs ) -- C:\Documents and Settings\Ferda\Plocha\topazclean_setup.exe
[2011.08.16 14:38:42 | 005,091,864 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\David-Guetta-Ft--Flo-Rida-&-Nicki-Minaj---Where-Them-Girls-At-Original-Version.mp3
[2011.08.15 18:44:45 | 000,000,860 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Super Ovladač.lnk
[2011.08.15 13:25:01 | 003,980,047 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Fuerza-arma---Tak-ho-sejmi.mp3
[2011.08.15 13:24:34 | 007,811,689 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\85101---Nas-Svet.mp3
[2011.08.15 11:20:18 | 000,000,948 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Free Audio CD Burner.lnk
[2011.08.15 11:20:17 | 000,001,051 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Free YouTube to MP3 Converter.lnk
[2011.08.15 11:20:17 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\DVDVideoSoft Free Studio.lnk
[2011.08.14 23:21:56 | 000,008,760 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110814_232154.reg
[2011.08.14 16:47:09 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.5.lnk
[2011.08.13 22:17:49 | 150,031,472 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Simpsonovi-22x14-Vzteklej-fotr-ve-filmu.avi
[2011.08.13 20:41:40 | 000,461,988 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.13 20:41:40 | 000,458,870 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.08.13 20:41:40 | 000,090,752 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.08.13 20:41:40 | 000,079,802 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.13 16:44:04 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.13 16:43:36 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ferda\Plocha\mbam-setup-1.51.1.1800.exe
[2011.08.13 16:33:24 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Ferda\Plocha\ATF-Cleaner.exe
[2011.08.13 16:32:25 | 000,001,622 | -HS- | M] () -- C:\Documents and Settings\Ferda\Plocha\AlbumArt_{E2EC3652-5B11-4FDD-8C74-5731C75D1EE7}_Small.jpg
[2011.08.13 16:32:24 | 000,004,868 | -HS- | M] () -- C:\Documents and Settings\Ferda\Plocha\Folder.jpg
[2011.08.13 16:32:24 | 000,004,868 | -HS- | M] () -- C:\Documents and Settings\Ferda\Plocha\AlbumArt_{E2EC3652-5B11-4FDD-8C74-5731C75D1EE7}_Large.jpg
[2011.08.13 16:32:24 | 000,001,622 | -HS- | M] () -- C:\Documents and Settings\Ferda\Plocha\AlbumArtSmall.jpg
[2011.08.13 16:19:19 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\HiJackThis.lnk
[2011.08.13 16:18:19 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\HiJackThis.msi
[2011.08.13 15:06:02 | 005,457,336 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\David-Guetta-Ft-Nicki-Minaj-Flo-Rida-Where-Dem-Girls-At.mp3
[2011.08.13 14:57:37 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_145734.reg
[2011.08.13 14:57:24 | 009,372,761 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\Katy Perry - Last Friday Night.mp3
[2011.08.13 14:54:26 | 003,465,843 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\David Guetta feat Taio Cruz - Little Bad Girl.mp3
[2011.08.13 14:31:43 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2011.08.13 14:20:28 | 000,302,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.08.13 13:32:56 | 020,372,288 | ---- | M] (O&O Software GmbH) -- C:\Documents and Settings\Ferda\Plocha\OODefrag14ProfessionalEnu.exe
[2011.08.13 12:50:20 | 000,036,906 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_125011.reg
[2011.08.13 12:29:03 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_122901.reg
[2011.08.13 12:28:29 | 000,020,884 | ---- | M] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_122824.reg
[2011.08.11 19:47:03 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.08.11 10:02:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.11 09:21:49 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.03 12:57:04 | 000,204,036 | ---- | M] () -- C:\Documents and Settings\Ferda\Plocha\sdads.png
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Ferda\Data aplikací\*.tmp files -> C:\Documents and Settings\Ferda\Data aplikací\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.20 00:59:52 | 367,509,504 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Simpsonovi-22-15-Příběh-skorpiona-cz.avi
[2011.08.19 13:02:28 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.08.19 13:02:23 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.08.19 12:59:52 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.08.19 12:59:52 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.08.19 12:59:52 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.08.19 12:59:52 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.08.19 12:59:52 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.08.19 12:15:40 | 001,341,084 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\kosile.JPG
[2011.08.19 12:03:14 | 000,009,426 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110819_120313.reg
[2011.08.18 15:49:01 | 000,204,036 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\sdads.png
[2011.08.18 15:34:58 | 000,035,596 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\oko-f526_290.jpeg
[2011.08.17 14:53:55 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2011.08.17 14:53:54 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2011.08.16 14:53:09 | 000,064,828 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\bushbinladen.jpg
[2011.08.15 18:44:45 | 000,000,860 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Super Ovladač.lnk
[2011.08.15 13:25:37 | 005,091,864 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\David-Guetta-Ft--Flo-Rida-&-Nicki-Minaj---Where-Them-Girls-At-Original-Version.mp3
[2011.08.15 13:24:49 | 003,980,047 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Fuerza-arma---Tak-ho-sejmi.mp3
[2011.08.15 13:24:08 | 007,811,689 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\85101---Nas-Svet.mp3
[2011.08.15 11:20:18 | 000,000,948 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Free Audio CD Burner.lnk
[2011.08.15 11:20:17 | 000,001,051 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Free YouTube to MP3 Converter.lnk
[2011.08.14 23:21:55 | 000,008,760 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110814_232154.reg
[2011.08.14 16:47:09 | 000,001,487 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.5.lnk
[2011.08.13 22:06:08 | 150,031,472 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Simpsonovi-22x14-Vzteklej-fotr-ve-filmu.avi
[2011.08.13 16:44:04 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.13 16:32:24 | 000,004,868 | -HS- | C] () -- C:\Documents and Settings\Ferda\Plocha\AlbumArt_{E2EC3652-5B11-4FDD-8C74-5731C75D1EE7}_Large.jpg
[2011.08.13 16:32:24 | 000,001,622 | -HS- | C] () -- C:\Documents and Settings\Ferda\Plocha\AlbumArt_{E2EC3652-5B11-4FDD-8C74-5731C75D1EE7}_Small.jpg
[2011.08.13 16:18:42 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\HiJackThis.lnk
[2011.08.13 16:18:14 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\HiJackThis.msi
[2011.08.13 14:57:35 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_145734.reg
[2011.08.13 14:55:11 | 005,457,336 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\David-Guetta-Ft-Nicki-Minaj-Flo-Rida-Where-Dem-Girls-At.mp3
[2011.08.13 14:54:26 | 003,465,843 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\David Guetta feat Taio Cruz - Little Bad Girl.mp3
[2011.08.13 14:20:26 | 000,074,008 | ---- | C] () -- C:\WINDOWS\System32\oodbs.lor
[2011.08.13 13:57:31 | 000,002,341 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2011.08.13 13:52:08 | 009,372,761 | ---- | C] () -- C:\Documents and Settings\Ferda\Plocha\Katy Perry - Last Friday Night.mp3
[2011.08.13 12:50:14 | 000,036,906 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_125011.reg
[2011.08.13 12:29:02 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_122901.reg
[2011.08.13 12:28:27 | 000,020,884 | ---- | C] () -- C:\Documents and Settings\Ferda\Dokumenty\cc_20110813_122824.reg
[2011.08.11 19:47:03 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.10.07 15:10:52 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
[2010.06.23 19:31:38 | 000,371,944 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.05.18 22:25:00 | 000,302,592 | ---- | C] () -- C:\WINDOWS\mauninst.exe
[2010.05.10 17:08:48 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\winitn.dll
[2010.05.10 17:08:21 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.01.16 03:22:36 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2009.11.08 19:28:16 | 000,001,638 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.09.27 16:33:26 | 000,041,952 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.09.24 10:02:10 | 000,000,054 | ---- | C] () -- C:\WINDOWS\SESSION8.INI
[2009.09.01 13:53:43 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.08.31 16:18:14 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\Ferda\Data aplikací\VoiceSFX.ini
[2009.08.31 16:17:23 | 000,000,066 | ---- | C] () -- C:\WINDOWS\System32\MASHTWTY.SYS
[2009.08.31 15:31:53 | 000,000,019 | ---- | C] () -- C:\WINDOWS\smrpro.INI
[2009.08.29 12:58:05 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2009.08.29 12:54:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009.08.29 12:52:34 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.08.29 12:52:19 | 000,006,330 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.08.26 18:14:50 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.08.20 17:23:51 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez3550.dat
[2009.08.19 23:21:13 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2009.08.12 15:13:49 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009.08.12 15:13:47 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.08.12 15:13:43 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.08.12 15:06:47 | 000,000,055 | ---- | C] () -- C:\WINDOWS\videotoaudio.ini
[2009.08.12 15:05:28 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySatm.dat
[2009.08.07 10:04:43 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2009.07.29 23:38:05 | 000,081,332 | ---- | C] () -- C:\WINDOWS\System32\BASS.DLL
[2009.07.29 12:49:06 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.07.28 14:13:43 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009.07.28 13:11:53 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SSEUninstaller.exe
[2009.07.28 13:11:44 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2009.07.28 11:21:16 | 000,001,114 | ---- | C] () -- C:\WINDOWS\cu-seeme.INI
[2009.07.22 12:51:38 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.07.20 19:44:51 | 000,002,775 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.07.20 18:09:02 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\YMAP.dat
[2009.07.20 18:09:02 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\iCAM.exe
[2009.07.20 18:09:02 | 000,070,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\t2.dat
[2009.07.20 18:09:02 | 000,070,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\t1.dat
[2009.07.20 18:09:01 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\XMAP.dat
[2009.07.20 18:09:00 | 001,089,536 | ---- | C] () -- C:\WINDOWS\System32\SnapImg.exe
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\TV.dat
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Pp.dat
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mn.dat
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mg.dat
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cv.dat
[2009.07.20 18:09:00 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Am.dat
[2009.07.20 18:09:00 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\DHTray.exe
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMTV.dat
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMPp.dat
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMMn.dat
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMMg.dat
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMAM.dat
[2009.07.20 18:09:00 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\IMAd.dat
[2009.07.20 18:09:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SetupDrv.exe
[2009.07.20 18:08:59 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\Ad.dat
[2009.07.18 21:11:38 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Ferda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.17 23:06:20 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS50.DLL
[2009.07.17 22:22:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.07.17 21:42:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.07.17 21:41:31 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008.08.21 03:37:54 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008.08.21 03:37:54 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.08.21 03:37:54 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008.08.05 23:14:13 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ATIBRTMON.EXE
[2008.07.17 14:23:36 | 000,174,818 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006.12.31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.09 10:18:10 | 000,036,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2006.10.09 10:18:10 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter.sys
[2006.10.09 10:18:08 | 000,044,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2006.10.09 10:18:08 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2003.12.20 18:45:26 | 000,112,128 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.12.20 18:44:34 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.09.20 20:19:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002.01.02 01:58:59 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002.01.02 01:57:57 | 000,302,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002.01.02 01:11:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002.01.02 01:05:13 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,461,988 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,458,870 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,090,752 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,079,802 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.11 13:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.11 13:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 10:56

========== LOP Check ==========

[2009.12.07 21:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acoustica
[2011.08.19 12:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2009.07.17 23:06:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.03.18 16:05:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.07.20 19:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.08.29 22:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HighAndes
[2011.08.14 16:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.07 21:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2009.08.29 12:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2009.08.31 16:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NCH Swift Sound
[2010.01.23 14:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.12.27 01:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2009.12.27 01:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2010.10.07 15:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2010.08.03 16:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.29 23:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pianosoft
[2010.05.11 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.05.11 18:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2009.08.29 22:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Screaming Bee
[2009.08.28 23:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.04.01 19:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SRS Labs
[2009.08.17 19:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.08.16 14:53:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{4B0F043C-7F75-4273-8BB4-DA0455DFBF5F}
[2009.07.29 20:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\A0380
[2009.12.12 21:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Acoustica
[2010.03.18 18:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\BitComet
[2010.01.16 03:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Broad Intelligence
[2010.10.07 15:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Carambis
[2009.07.20 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\DAEMON Tools Lite
[2011.02.12 11:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\DAEMON Tools Pro
[2010.01.21 11:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Desktopicon
[2011.08.15 11:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\DVDVideoSoft
[2011.08.15 11:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\DVDVideoSoftIEHelpers
[2009.09.24 13:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Free Audio Editor
[2010.10.07 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\GetRightToGo
[2009.08.29 22:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\HighAndes
[2011.08.18 15:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\ICQ
[2009.09.19 22:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Leadertech
[2009.08.29 12:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\MAGIX
[2009.09.24 12:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\n-Track Studio5
[2009.09.01 12:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\n-Track Studio6
[2009.09.19 14:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\NCH Swift Sound
[2009.08.29 00:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\NetMedia Providers
[2010.01.23 14:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Nokia
[2009.07.17 22:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Opera
[2010.01.23 14:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\PC Suite
[2011.08.19 13:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\PriceGong
[2009.10.03 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Publish Providers
[2009.07.23 18:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\QIP
[2010.05.10 16:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\REAPER
[2009.08.31 16:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Recordpad
[2009.08.29 22:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Screaming Bee
[2009.10.07 21:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\SMS posílač Treca
[2010.05.13 00:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Sony
[2009.08.28 20:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Sony Setup
[2010.05.11 15:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Steinberg
[2009.11.18 13:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.10.07 15:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\Uniblue
[2011.08.20 10:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\uTorrent
[2009.08.16 18:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ferda\Data aplikací\VoipBuster

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE

< End of report >

^ posilam to na 2x , protoze do jedny zpravy se mi to nechtelo vejit, snad to nevadi. ^

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 10:56

a jeste Extras.>>>>>>
OTL Extras logfile created on: 20.8.2011 10:37:33 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Ferda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,47 Mb Total Physical Memory | 735,74 Mb Available Physical Memory | 71,89% Memory free
2,40 Gb Paging File | 2,25 Gb Available in Paging File | 93,74% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 19,45 Gb Free Space | 26,09% Space Free | Partition Type: NTFS

Computer Name: FERDA-TP9HWD7XA | User Name: Ferda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"18878:TCP" = 18878:TCP:*:Enabled:BitComet 18878 TCP
"18878:UDP" = 18878:UDP:*:Enabled:BitComet 18878 UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Ferda\Plocha\utorrent.exe" = C:\Documents and Settings\Ferda\Plocha\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Day of Defeat\hl.exe" = C:\Program Files\Day of Defeat\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\sweeney\bass4\TBass4\TBass4.exe" = C:\sweeney\bass4\TBass4\TBass4.exe:*:Enabled:Trophy Bass 4 -- (Dynamix, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe" = C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007 -- ()
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{12F4BE69-6614-41D3-BB3B-DF7F921DF2BB}" = Sony ACID Music Studio 5.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{4877CCD5-6B0B-4B3A-8EF1-911D946B8B94}" = SRS Audio Sandbox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{564B16F4-6B5B-47B0-9AB6-FF2E943947F7}" = Nokia Ovi Suite Software Updater
"{5E2A70F7-5A7B-4C65-B647-2DD0ACB62F12}" = WinFast iCAM100 M
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{87DABCF7-2C38-4996-8FBE-053CA6536168}" = Sony ACID Pro 6.0
"{8D100E0C-1A5A-43AD-93EF-76F94AE61C30}" = OviMPlatform
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A6BA9745-45AC-4FB1-87FF-FF4DADDC8195}" = O&O Defrag Professional
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}" = Nokia Ovi Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C5334C85-F601-427C-85F7-CDD9FDC8C69F}" = StubbsPatchInstaller
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.83
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0D6AF0F-A943-4295-9A49-B25A2B807C63}" = n-Track Studio 5
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1" = Texas Hold'em Poker 3D - Deluxe Edition 1.0
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F1C3541D-5B93-4131-B440-692FBA3DD250}" = Ovi Desktop Sync Engine
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AoA Audio Extractor_is1" = AoA Audio Extractor 1.0
"ATI Display Driver" = ATI Display Driver
"CANONBJ_Deinstall_CNMCP50.DLL" = Canon i250
"CCleaner" = CCleaner
"Collab" = Collab
"Counter-Strike 1.6" = Counter-Strike 1.6
"Defraggler" = Defraggler
"EasyBoot_is1" = EasyBoot V5.06
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fotosizer" = Fotosizer 1.22
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.7.804
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"IL Download Manager" = IL Download Manager
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad
"Motocross The Force" = Motocross The Force (remove only)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019
"Nokia Ovi Suite" = Nokia Ovi Suite
"Opera 11.50.1074" = Opera 11.50
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PRO100_is1" = PRO100 Demo ver 4.41
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"QIP2005" = QIP 2005 Uninstall
"Skype_is1" = Skype 3.0
"Super Ovladač_is1" = Super Ovladač
"The KMPlayer" = The KMPlayer (remove only)
"Topaz Clean 3" = Topaz Clean 3
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.8.2011 4:03:51 | Computer Name = FERDA-TP9HWD7XA | Source = Application Error | ID = 1000
Description = Chybující aplikace nokiaovisuite.exe, verze 2.0.2.42, chybující modul
qtcore4.dll, verze 4.5.0.0, adresa chyby 0x000f0522.

Error - 13.8.2011 5:55:26 | Computer Name = FERDA-TP9HWD7XA | Source = ESENT | ID = 490
Description = svchost (692) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 13.8.2011 5:55:26 | Computer Name = FERDA-TP9HWD7XA | Source = ESENT | ID = 439
Description = Catalog Database (692) Pro soubor C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
nelze zapsat stínové záhlaví. Chyba -1032

Error - 13.8.2011 5:55:27 | Computer Name = FERDA-TP9HWD7XA | Source = ESENT | ID = 473
Description = Catalog Database (692) Databáze C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error - 13.8.2011 7:29:14 | Computer Name = FERDA-TP9HWD7XA | Source = MsiInstaller | ID = 11316
Description = Product: Diskeeper 2010 Professional -- Error 1316.A network error
occurred while attempting to read from the file C:\WINDOWS\Installer\{38AA77BD-00A5-4C5D-A9EE-F9DC2FFC5802}\Diskeeper
2010.msi

Error - 13.8.2011 8:07:10 | Computer Name = FERDA-TP9HWD7XA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 13.8.2011 8:07:12 | Computer Name = FERDA-TP9HWD7XA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 13.8.2011 8:07:33 | Computer Name = FERDA-TP9HWD7XA | Source = crypt32 | ID = 131077
Description = Načtení automatické aktualizace kořenového certifikátu jiného výrobce
z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212.crt>
se nezdařilo. Chyba: Server vrátil neplatnou nebo nerozpoznatelnou odezvu.

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 10:57

Error - 13.8.2011 12:23:52 | Computer Name = FERDA-TP9HWD7XA | Source = ESENT | ID = 490
Description = svchost (900) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 15.8.2011 5:58:05 | Computer Name = FERDA-TP9HWD7XA | Source = Application Error | ID = 1000
Description = Chybující aplikace ffmpeg.exe, verze 0.0.0.0, chybující modul avcodec-53.dll,
verze 0.0.0.0, adresa chyby 0x0000fa60.

[ System Events ]
Error - 19.8.2011 18:41:53 | Computer Name = FERDA-TP9HWD7XA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 19.8.2011 18:45:55 | Computer Name = FERDA-TP9HWD7XA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 19.8.2011 18:46:57 | Computer Name = FERDA-TP9HWD7XA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 19.8.2011 18:53:37 | Computer Name = FERDA-TP9HWD7XA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 19.8.2011 18:53:41 | Computer Name = FERDA-TP9HWD7XA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 19.8.2011 19:03:23 | Computer Name = FERDA-TP9HWD7XA | Source = Service Control Manager | ID = 7023
Description = Služba Nápověda a odborná pomoc byla ukončena s následující chybou:
%%126

Error - 19.8.2011 19:42:01 | Computer Name = FERDA-TP9HWD7XA | Source = Service Control Manager | ID = 7023
Description = Služba Nápověda a odborná pomoc byla ukončena s následující chybou:
%%126

Error - 19.8.2011 19:47:04 | Computer Name = FERDA-TP9HWD7XA | Source = Service Control Manager | ID = 7023
Description = Služba Nápověda a odborná pomoc byla ukončena s následující chybou:
%%126

Error - 19.8.2011 19:51:12 | Computer Name = FERDA-TP9HWD7XA | Source = Service Control Manager | ID = 7023
Description = Služba Nápověda a odborná pomoc byla ukončena s následující chybou:
%%126

Error - 20.8.2011 4:29:22 | Computer Name = FERDA-TP9HWD7XA | Source = Service Control Manager | ID = 7023
Description = Služba Nápověda a odborná pomoc byla ukončena s následující chybou:
%%126

< End of report >

taky na dvarkrat..

Příspěvekod **jaro3** » 20 srp 2011 12:39

Odinstaloval bych:
SuperOvladac
µTorrent
jestli nechceš a používáš , ponech..

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (HidServ) -- File not found
SRV - (helpsvc) -- File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
[2010.01.16 03:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions
[2009.07.17 22:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.08.13 16:36:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions
O1 HOSTS File: ([2011.08.19 17:29:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O15 - HKCU\..Trusted Domains: ([]msn in Tento počítač)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Ferda\Data aplikací\*.tmp files -> C:\Documents and Settings\Ferda\Data aplikací\*.tmp -> ]
[2011.08.13 20:41:40 | 000,461,988 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.13 20:41:40 | 000,458,870 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.08.13 20:41:40 | 000,090,752 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.08.13 20:41:40 | 000,079,802 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,461,988 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,458,870 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,090,752 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,079,802 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\NIRCMD.exe
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine
C:\Qoobox
C:\Documents and Settings\Ferda\Plocha\ComboFix.exe
C:\Documents and Settings\Ferda\X64
C:\WINDOWS\PEV.exe
C:\WINDOWS\MBR.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\grep.exe
C:\WINDOWS\zip.exe
C:\WINDOWS\System32\winitn.dll
C:\WINDOWS\System32\mlfcache.dat
C:\WINDOWS\mgxoschk.ini
C:\WINDOWS\dsez3550.dat
C:\WINDOWS\Sof2.INI
C:\WINDOWS\System32\unrar.dll
C:\WINDOWS\System32\ezsidmv.dat
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\ativpsrm.bin
C:\Documents and Settings\All Users\Data aplikací\avg9

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

C:\Documents and Settings\Ferda\Plocha\sign--- znáš ten program??

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\MASHTWTY.SYS
C:\WINDOWS\Robota.INI
C:\WINDOWS\System32\DLLDEV32i.dll
C:\WINDOWS\System32\SySatm.dat
C:\WINDOWS\System32\drivers\YMAP.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Budu asi až zítra večer..

Barny3 · Příspěvekod **Barny3** » 20 srp 2011 13:50

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File File not found not found.
Service helpsvc stopped successfully!
Service helpsvc deleted successfully!
File File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\MediaCoder folder moved successfully.
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions folder moved successfully.
Folder C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Documents and Settings\Ferda\Data aplikací\Mozilla\Firefox\Profiles\kl5ie6pf.default\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET5DD.tmp deleted successfully.
C:\WINDOWS\System32\SET5E1.tmp deleted successfully.
C:\WINDOWS\System32\SET5E2.tmp deleted successfully.
C:\WINDOWS\System32\SET5E9.tmp deleted successfully.
C:\WINDOWS\002558_.tmp deleted successfully.
C:\WINDOWS\DXT66F.tmp deleted successfully.
C:\WINDOWS\DXT670.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\Documents and Settings\Ferda\Data aplikací\DRO527.tmp deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfh005.dat not found.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
File C:\WINDOWS\System32\perfc005.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\SWREG.exe moved successfully.
C:\WINDOWS\SWSC.exe moved successfully.
C:\WINDOWS\SWXCACLS.exe moved successfully.
C:\WINDOWS\NIRCMD.exe moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Repository\conduit_ConduitEngine\dynamicDialogs folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Repository\conduit_ConduitEngine folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Repository folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\MyStuffApps folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Logs folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\ExternalComponent folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\UntrustedAppPendingDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\UntrustedAppApprovalDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\UntrustedAddedAppDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\ToolbarUntrustedAppsApprovalDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\ToolbarFirstTimeDialog\images folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\ToolbarFirstTimeDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\SearchProtectorDialog\Images folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\SearchProtectorDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\SearchProtectorBubbleDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\NewSearchProtectorDialog\images folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\NewSearchProtectorDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\EngineFirstTimeDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\DetectedAppDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\DefualtImages folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs\AddedAppDialog folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\Dialogs folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine\CacheIcons folder moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\ConduitEngine folder moved successfully.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\Tasks folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32 folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\EHome folder moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\Messenger folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\ICQ6Toolbar folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\DVDVideoSoftTB folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\ConduitEngine folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\Conduit folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\AskSearch\bin folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\AskSearch folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Ferda\WINDOWS folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Ferda folder moved successfully.
C:\Qoobox\Quarantine\C\Documents and Settings folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Documents and Settings\Ferda\Plocha\ComboFix.exe moved successfully.
C:\Documents and Settings\Ferda\X64 folder moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\MBR.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
C:\WINDOWS\System32\winitn.dll moved successfully.
C:\WINDOWS\System32\mlfcache.dat moved successfully.
C:\WINDOWS\mgxoschk.ini moved successfully.
C:\WINDOWS\dsez3550.dat moved successfully.
C:\WINDOWS\Sof2.INI moved successfully.
C:\WINDOWS\System32\unrar.dll moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Ferda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
C:\Documents and Settings\All Users\Data aplikací\avg9\Temp folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\avg9\Log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\avg9\Chjw\b65c68095c67c32b folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\avg9\Chjw folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\avg9 folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41085 bytes

User: Ferda
->Temp folder emptied: 90009368 bytes
->Temporary Internet Files folder emptied: 33172 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21607771 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 48857 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 58757242 bytes

Total Files Cleaned = 163,00 mb

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Ferda
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.26.5 log created on 08202011_125515

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!

Registry entries deleted on Reboot...

sign to je slozka mam v tom obrazky.

http://www.virustotal.com/file-scan/rep ... 1313839195

http://www.virustotal.com/file-scan/rep ... 1313839389

http://www.virustotal.com/file-scan/rep ... 1313840162

http://www.virustotal.com/file-scan/rep ... 1313840443

http://www.virustotal.com/file-scan/rep ... 1313840102

tak tady to je a diky moc za rady..

Příspěvekod **jaro3** » 21 srp 2011 21:39

Fajn , jsou ještě nějaké problémy?

Barny3 · Příspěvekod **Barny3** » 22 srp 2011 00:48

no kazdopadne se pocitac hooodne zrychlil, ale porad si myslim ze by z toho slo dostat jeste vic. Nebo aby se treba nevypinal (jestli je to grafikou, kdyz se vypne cely pc a bud nenaskoci nebo naskoci bios nebo se spusti a treba zase vypne.) Nemuze byt nejak spatne nainstalovanej nejakej ovladac? Vubec se v tom nevyznam, tak mozna placam blbosti.

Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Re: Prosím o kontrolu logu > zpomalené a zasekané pc.

Kdo je online