V příkazovém řádku se zobrazují znaky místo písmen Vyřešeno

[martas01]

OTL logfile created on: 18.3.2010 22:55:30 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\xp\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,07 Gb Free Space | 20,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 44,55 Gb Total Space | 33,89 Gb Free Space | 76,07% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465,76 Gb Total Space | 315,39 Gb Free Space | 67,72% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: xp
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\xp\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)
PRC - H:\Programy\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\WINDOWS\TBPanel.exe (Gainward Co.)
PRC - E:\Programy\Ufon\UfonCW.exe (MobilKom a.s.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - E:\Programy\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe ()
PRC - E:\Programy\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
PRC - E:\Programy\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca Software Solutions)
PRC - C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe (Yahoo, Inc.)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Software Solutions AB)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - E:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\xp\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (VMnetDHCP) -- C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- H:\Programy\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ufad-ws60) -- H:\Programy\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA)
SRV - (nSvcLog) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA)
SRV - (ForcewareWebInterface) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache Software Foundation)
SRV - (StarWindService) -- E:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)


========== Driver Services (SafeList) ==========

DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (hcmon) -- C:\WINDOWS\system32\drivers\hcmon.sys (VMware, Inc.)
DRV - (vmci) -- C:\WINDOWS\system32\drivers\vmci.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (vmx86) -- C:\WINDOWS\system32\drivers\vmx86.sys (VMware, Inc.)
DRV - (vmkbd) -- C:\WINDOWS\system32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (VMparport) -- C:\WINDOWS\system32\drivers\vmparport.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\WINDOWS\system32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\WINDOWS\system32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (vstor2-ws60) -- H:\Programy\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Axtmvprt) -- C:\WINDOWS\system32\drivers\Axtmvprt.sys (Axesstel)
DRV - (Axtmvmdm) -- C:\WINDOWS\system32\drivers\Axtmvmdm.sys (Axesstel)
DRV - (Axtmvflt) -- C:\WINDOWS\system32\drivers\Axtmvflt.sys (Axesstel)
DRV - (TBPanel) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (Cardex) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (AF15BDA) -- C:\WINDOWS\system32\drivers\AF15BDA.sys (AfaTech )
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (vax347b) -- C:\WINDOWS\system32\DRIVERS\vax347b.sys ( )
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\WINDOWS\system32\drivers\k750bus.sys (MCCI)
DRV - (k750mdfl) -- C:\WINDOWS\system32\drivers\k750mdfl.sys (MCCI)
DRV - (k750mdm) -- C:\WINDOWS\system32\drivers\k750mdm.sys (MCCI)
DRV - (k750mgmt) -- C:\WINDOWS\system32\drivers\k750mgmt.sys (MCCI)
DRV - (k750obex) -- C:\WINDOWS\system32\drivers\k750obex.sys (MCCI)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (vax347s) -- C:\WINDOWS\System32\Drivers\vax347s.sys ( )
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (Elaborate Bytes AG)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "MyHeritage Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: E:\Programy\Mozilla Firefox\components [2009.11.15 16:45:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: E:\Programy\Mozilla Firefox\plugins [2010.02.26 12:37:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.18 14:47:12 | 000,000,000 | ---D | M]

[2009.10.28 03:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\1o2rt52i.default\extensions
[2009.10.28 03:21:54 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\1o2rt52i.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.03.17 21:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\extensions
[2009.10.28 03:28:42 | 000,000,000 | ---D | M] (Grand Green ( GG )) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\extensions\{1e78d6c6-55d1-11dc-8314-0800200c9a66}
[2009.10.28 03:28:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.28 03:28:41 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009.03.08 22:04:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-1.xml
[2008.09.24 20:51:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-2.xml
[2009.02.21 23:58:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-3.xml
[2009.10.28 03:28:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-4.xml
[2009.10.31 18:48:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-5.xml
[2008.09.16 21:31:50 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin.xml

O1 HOSTS File: ([2010.03.18 20:26:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDElbyCDFL] E:\Programy\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Gainward] C:\WINDOWS\TBPanel.exe (Gainward Co.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] E:\Programy\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [tvjbmonitor] E:\Programy\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ICQ] E:\Programy\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\xp\Nabídka Start\Programy\Po spuštění\Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe (Yahoo, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programy\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programy\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - H:\Programy\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - H:\Programy\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.18 15:22:19 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.18 15:22:19 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.18 15:22:19 | 000,000,000 | R--D | M] - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.03.18 22:53:52 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xp\Plocha\OTL.exe
[2010.03.18 20:55:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.03.18 20:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\VMware
[2010.03.18 20:18:31 | 000,098,432 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata_2.sys
[2010.03.18 15:22:19 | 000,000,000 | R--D | C] -- C:\autorun.inf
[2010.03.18 14:36:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2010.03.18 14:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2010.03.18 14:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2010.03.18 14:36:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2010.03.17 22:54:44 | 006,386,794 | ---- | C] (by Hamdy Abu Zeid) -- C:\Documents and Settings\xp\Plocha\eset_nod32.exe
[2010.03.17 15:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Data aplikací\Malwarebytes
[2010.03.17 15:24:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.17 15:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.03.17 15:24:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.17 15:05:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.03.17 14:46:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Local Settings\Data aplikací\ESET
[2010.03.17 14:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2010.03.16 23:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.03.16 23:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.10.28 18:53:41 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347b.sys
[2009.10.28 18:53:41 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347s.sys
[2006.02.19 03:28:56 | 000,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.03.18 22:56:02 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010.03.18 22:45:05 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Plocha\OTL.exe
[2010.03.18 20:55:00 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\fix.reg
[2010.03.18 20:26:51 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.18 20:26:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.18 20:26:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.18 20:26:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.18 20:25:11 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\xp\NTUSER.DAT
[2010.03.18 20:25:11 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\xp\ntuser.ini
[2010.03.18 17:13:26 | 000,100,908 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\SystemLook.exe
[2010.03.18 16:23:30 | 045,942,928 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\setup_av_free.exe
[2010.03.18 15:05:58 | 008,880,605 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\Sharam Feat. Daniel Bedingfield - The One.mp3
[2010.03.17 23:40:42 | 031,604,224 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\eav_nt32_enu.msi
[2010.03.17 23:09:43 | 006,386,794 | ---- | M] (by Hamdy Abu Zeid) -- C:\Documents and Settings\xp\Plocha\eset_nod32.exe
[2010.03.17 15:05:52 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\HijackThis.lnk
[2010.03.17 13:34:15 | 000,000,711 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.17 13:34:15 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.03.16 23:30:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.16 23:11:29 | 000,000,000 | RHS- | M] () -- C:\khw
[2010.03.16 23:09:55 | 000,001,203 | RHS- | M] () -- C:\WINDOWS\System32\autorun.i
[2010.03.16 23:09:55 | 000,000,555 | RHS- | M] () -- C:\WINDOWS\System32\autorun.in
[2010.03.16 23:01:32 | 000,003,930 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.03.16 23:01:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.03.14 23:21:32 | 000,162,304 | ---- | M] () -- C:\Documents and Settings\xp\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 23:52:20 | 000,021,350 | ---- | M] () -- C:\Documents and Settings\xp\Dokumenty\piday10-hp.gif
[2010.03.10 20:55:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.07 22:32:49 | 000,018,094 | ---- | M] () -- C:\Documents and Settings\xp\Dokumenty\n100000351505896_315.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.18 20:55:00 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\fix.reg
[2010.03.18 17:13:19 | 000,100,908 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\SystemLook.exe
[2010.03.18 15:21:34 | 045,942,928 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\setup_av_free.exe
[2010.03.18 14:43:56 | 008,880,605 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\Sharam Feat. Daniel Bedingfield - The One.mp3
[2010.03.17 22:46:05 | 031,604,224 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\eav_nt32_enu.msi
[2010.03.17 15:05:52 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\HijackThis.lnk
[2010.03.16 23:35:04 | 000,000,352 | -H-- | C] () -- C:\WINDOWS\nod32fixtemdono.reg
[2010.03.16 23:11:29 | 000,000,000 | RHS- | C] () -- C:\khw
[2010.03.16 23:09:55 | 000,001,203 | RHS- | C] () -- C:\WINDOWS\System32\autorun.i
[2010.03.16 23:09:55 | 000,000,555 | RHS- | C] () -- C:\WINDOWS\System32\autorun.in
[2010.03.13 23:52:20 | 000,021,350 | ---- | C] () -- C:\Documents and Settings\xp\Dokumenty\piday10-hp.gif
[2010.03.07 22:32:49 | 000,018,094 | ---- | C] () -- C:\Documents and Settings\xp\Dokumenty\n100000351505896_315.jpg
[2010.02.14 18:10:11 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.02.01 18:54:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2010.01.30 01:31:58 | 000,001,641 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2010.01.25 20:05:34 | 000,055,856 | R--- | C] () -- C:\WINDOWS\System32\vnetinst.dll
[2009.12.13 19:30:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.11.29 17:11:22 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.11.02 16:48:28 | 000,003,930 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.10.31 17:15:15 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009.10.30 01:14:14 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.10.28 22:14:18 | 000,000,121 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009.10.28 02:51:47 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dx7ogl32.dll
[2009.10.28 01:34:30 | 000,162,304 | ---- | C] () -- C:\Documents and Settings\xp\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.27 07:06:42 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\xp\Local Settings\Data aplikací\fusioncache.dat
[2009.10.26 23:15:13 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.10.26 23:07:18 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.10.26 22:53:27 | 000,007,801 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.10.26 21:58:58 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.10.26 21:58:56 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.10.26 21:58:56 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.10.26 21:58:56 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.10.26 21:58:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.10.26 21:58:54 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.10.26 21:16:24 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2009.10.26 21:09:48 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.10.26 21:09:47 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.10.26 21:09:46 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.10.26 21:09:46 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.10.26 21:09:46 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009.10.26 21:08:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\TBPanelExt.dll
[2009.10.26 21:08:55 | 000,012,285 | ---- | C] () -- C:\WINDOWS\Cadx3.ini
[2009.10.26 21:08:55 | 000,005,120 | ---- | C] () -- C:\WINDOWS\TBManage.dll
[2009.10.26 21:02:44 | 000,000,705 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2009.10.26 21:02:44 | 000,000,265 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2009.10.26 21:01:22 | 000,019,291 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.10.26 21:01:21 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.10.26 21:01:07 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.01.29 12:16:16 | 000,007,237 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2004.08.17 16:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.07.17 12:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.10.28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2001.07.07 03:00:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1993.07.23 18:31:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll

========== LOP Check ==========

[2009.11.05 21:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.03.16 23:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.10.28 02:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.26 21:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\muvee Technologies
[2009.12.31 01:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2009.11.29 17:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TechSmith
[2009.11.02 21:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.11.16 01:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.11.30 22:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Autodesk
[2010.02.01 21:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\DeepBurner
[2010.01.22 14:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\ICQ
[2009.12.31 01:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\MyHeritage
[2009.10.28 19:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\PDFCreator
[2009.11.02 21:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Teleca
[2009.10.29 22:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\TweakNow RegCleaner
[2009.11.21 23:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\uTorrent
[2010.02.09 20:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 480 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
< End of report >

[Reklama]

[martas01]

OTL Extras logfile created on: 18.3.2010 22:55:30 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\xp\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,07 Gb Free Space | 20,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 44,55 Gb Total Space | 33,89 Gb Free Space | 76,07% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465,76 Gb Total Space | 315,39 Gb Free Space | 67,72% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: xp
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- E:\PROGRAMY\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- E:\PROGRAMY\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Programy\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "E:\Programy\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "E:\Programy\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"E:\Programy\ICQ6.5\ICQ.exe" = E:\Programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"H:\Programy\uTorrent\uTorrent.exe" = H:\Programy\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"H:\Programy\VMware\VMware Workstation\vmware-authd.exe" = H:\Programy\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.6.0.198
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5 - zkušební verze
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7ED5371F-F4EA-48F9-B8F7-C8777AD9DF69}" = Borland Turbo C++
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83A936D4-2FE6-4953-95C6-223A7B88B7D8}" = Camtasia Studio 5
"{85C70286-A56F-4834-BD24-B34EB76A93A2}" = ESET NOD32 Antivirus
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB06A0B3-9016-4926-9C92-97ECB2722D8F}" = Konfabulator
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7 Ultra Edition
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{e5fc4c12-396a-4894-baf3-7d9a4ceb18b0}" = Nero 9 Essentials
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EB9BD1D5-8DFB-48C4-927B-10BB47CA59B3}" = Microsoft .NET Framework SDK (English) 1.1
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.0
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"3D Fish School 3 Screen Saver_is1" = 3D Fish School Screen Saver 3.92
"9064803E0E54025576C9E14BEBF5082D307FE9D3" = Balíček ovladače systému Windows - Axesstel (Axtmvmdm) Modem (03/22/2007 1.0.1.123)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"AutoCAD 2008 - Český SP1" = AutoCAD 2008 - Český SP1
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"E3E6D025997CEEBE54FFAA538A9639F3443A676F" = Balíček ovladače systému Windows - Axesstel (Axtmvprt) Ports (03/22/2007 1.0.1.123)
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"Fraps" = Fraps
"Free Christmas Screensaver_is1" = Free Christmas Screensaver 1.0
"Gainward" = EXPERTool
"GoldWave v5.06" = GoldWave v5.06
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ChristmasTree_is1" = ChristmasTree 1.6
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)
"NOD32 v3.x FiX 1.1 by TemDono_is1" = NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
"NVIDIA Drivers" = NVIDIA Drivers
"PSPad editor_is1" = PSPad editor
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"U:fonův průvodce připojením1.0 (WinXP)" = U:fonův průvodce připojením
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Home Edition - Atomix Productions" = Virtual DJ Home Edition - Atomix Productions
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16.1.2010 12:13:52 | Computer Name = AMD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.8.20081.21709, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2010 10:28:11 | Computer Name = AMD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WinRAR.exe, verze 3.80.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.1.2010 7:30:48 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:30:49 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:30:55 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:30:57 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:30:59 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:30:59 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 23.1.2010 7:31:00 | Computer Name = AMD | Source = MsiInstaller | ID = 11311
Description = Product: VMware Workstation -- Error 1311. Source file not found(cabinet):
C:\DOCUME~1\xp\LOCALS~1\Temp\{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}~setup\ImageC~1.cab.
Verify that the file exists and that you can access it.

Error - 25.1.2010 15:50:20 | Computer Name = AMD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vmware.exe, verze 6.5.3.8888, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


< End of report >

[Damned]

Co je to za složku: C:\khw?

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "MyHeritage Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2009.03.08 22:04:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-1.xml
[2008.09.24 20:51:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-2.xml
[2009.02.21 23:58:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-3.xml
[2009.10.28 03:28:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-4.xml
[2009.10.31 18:48:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-5.xml
[2008.09.16 21:31:50 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin.xml
@Alternate Data Stream - 480 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
C:\RECYCLER
C:\$RECYCLE.BIN
C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat
C:\autorun.inf
C:\Documents and Settings\xp\Plocha\fix.reg
C:\WINDOWS\System32\autorun.i
C:\WINDOWS\System32\autorun.in
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[martas01]

posledni radu jsem ani nevyzkousel, ale neska jsem prisel zapnul PC a uz to jede normalne takze proble vyresen, diky za rady

[Damned]

Tak poslední radu proveď. Je to skript na odstranění zbytků po tý nemravný aplikaci. Jinak to tam máš zítra zas.

[martas01]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "MyHeritage Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\xp\Data aplikací\Mozilla\Firefox\Profiles\exqd7skw.default\searchplugins\icqplugin.xml moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
C:\WINDOWS\NV4361220.TMP folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\RECYCLER\S-1-5-21-682003330-1454471165-2147069159-1003 folder moved successfully.
C:\RECYCLER folder moved successfully.
File\Folder C:\$RECYCLE.BIN not found.
File\Folder C:\Documents and Settings\NetworkService\Data aplikací\rbuwzv.dat not found.
C:\autorun.inf folder moved successfully.
File\Folder C:\Documents and Settings\xp\Plocha\fix.reg not found.
C:\WINDOWS\System32\autorun.i moved successfully.
C:\WINDOWS\System32\autorun.in moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 4207613 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: home
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 56855199 bytes
->Flash cache emptied: 766 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: xp
->Temp folder emptied: 25724 bytes
->Temporary Internet Files folder emptied: 694780 bytes
->FireFox cache emptied: 59648873 bytes
->Flash cache emptied: 17098 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 116,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: home
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: xp
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.37.3 log created on 03192010_143935

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


jo jeste neco, vsiml jsem si ze na C: se odstranil autorun.inf coz, ale nebyl soubor ale slozka ve ktere byl soubor lpt3.This folder was created by Flash_Disinfector, vytvoreny programem Flash Disinfector, ale na jinych discich (E, H) zustal, muzu ho nejak dostat i z tech zbylych disku? stacilo by ten script provest znovu a dopsat tam

Kód: Vybrat vše

E:\autorun.inf
H:\autorun.inf

popripade i z flash disku F:\autorun.inf

[Damned]

Jasně, včetně stop v registru (F: tam nevidím):

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - AutoRun File - [2010.03.18 15:22:19 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.18 15:22:19 | 000,000,000 | R--D | M] - H:\autorun.inf -- [ NTFS ]

:files
E:\autorun.inf
H:\autorun.inf
F:\autorun.inf

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[martas01]

tak nevim no script probehl ale porad to tam zustalo no to je jedno to uz neresim, jeste me napadlo co kdybych to nabootoval treba pod Ubuntu a smazal to tam? ale jestli by to neslo tak uz je to jedno, uz bych to dal neresil, PC mam snad uz cisty, cmd funguje jak ma tak je to OK, teda poku neprijdu po nejake dobe na dalsi chybu

[Damned]

Pokud nejdou smazat, budou systémové.
Smaž složku C:\_OTL a vysypej Koš.

Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.

Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.