Kontrola logu prosím

[daniel.vrsek]

========== Files Created - No Company Name ==========

[2010.06.09 17:32:48 | 000,097,589 | ---- | C] () -- C:\Users\Daniel\Desktop\Disk D.jpg
[2010.06.09 17:16:09 | 000,183,126 | ---- | C] () -- C:\Users\Daniel\Desktop\Místní disk.jpg
[2010.06.09 17:14:12 | 000,055,368 | ---- | C] () -- C:\Users\Daniel\Desktop\Plocha.jpg
[2010.06.09 17:10:36 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.06.08 20:43:07 | 000,000,652 | ---- | C] () -- C:\Windows\FIX.reg
[2010.06.08 20:43:07 | 000,000,280 | ---- | C] () -- C:\Windows\reset.reg
[2010.06.08 16:23:04 | 000,001,059 | ---- | C] () -- C:\Users\Daniel\Desktop\Counter-Strike Source.lnk
[2010.06.07 18:22:07 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.06.05 13:33:54 | 000,794,906 | ---- | C] () -- C:\Windows\unins000.exe
[2010.06.05 13:33:54 | 000,004,153 | ---- | C] () -- C:\Windows\unins000.dat
[2010.06.04 16:32:32 | 000,001,039 | ---- | C] () -- C:\Users\Daniel\Desktop\KMPlayer.lnk
[2010.06.04 16:28:59 | 000,033,021 | ---- | C] () -- C:\Windows\SysWow64\CoreVorbis-uninstall.exe
[2010.06.04 16:26:43 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm
[2010.06.04 16:26:43 | 000,497,664 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm
[2010.06.04 16:24:14 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.06.04 16:04:26 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.06.04 16:04:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.06.04 16:04:24 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2010.06.04 16:04:23 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.04 16:04:23 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.06.04 16:04:23 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.06.04 16:04:23 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010.06.04 14:09:40 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.06.04 14:09:33 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.06.03 18:46:41 | 000,004,608 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.31 20:19:17 | 000,000,733 | ---- | C] () -- C:\Users\Daniel\Desktop\Download.lnk
[2010.05.29 20:30:00 | 000,001,794 | ---- | C] () -- C:\Users\Daniel\Desktop\Google Chrome.lnk
[2010.05.26 19:28:52 | 000,001,106 | ---- | C] () -- C:\Users\Daniel\Desktop\EVEREST Home Edition.lnk
[2010.05.24 18:56:35 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2010.05.23 12:10:40 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\ren
[2010.05.22 10:05:57 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.05.21 18:31:12 | 000,000,102 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\default.pls
[2010.05.21 17:14:33 | 000,002,745 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.05.21 17:14:33 | 000,002,681 | ---- | C] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2010.05.21 16:33:07 | 000,000,832 | ---- | C] () -- C:\Users\Daniel\Desktop\GTA Vice City.lnk
[2010.05.21 13:12:02 | 000,000,980 | ---- | C] () -- C:\Users\Daniel\Desktop\Counter Strike.lnk
[2010.05.21 13:07:43 | 000,066,714 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_05_21__11_07_43_306.mdmp
[2010.05.21 13:06:31 | 000,066,770 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_05_21__11_06_31_513.mdmp
[2010.05.21 13:06:06 | 000,066,714 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_05_21__11_06_06_638.mdmp
[2010.05.21 12:55:30 | 000,066,714 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_05_21__10_55_30_673.mdmp
[2010.05.12 18:55:56 | 000,004,341 | ---- | C] () -- C:\Users\Daniel\Documents\Dokument.rtf
[2010.04.28 20:21:48 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2010.04.21 17:25:53 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Astroburn Pro
[2010.06.08 09:01:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Azureus
[2010.04.21 17:21:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2010.06.08 20:22:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ESET
[2010.06.05 13:34:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FFSJ
[2010.06.04 16:15:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Hide IP NG
[2010.06.09 17:28:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2010.05.22 19:16:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2010.05.22 10:06:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TeamViewer
[2010.06.09 17:28:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2010.05.28 22:27:26 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

[kilmal]

Spust OTL, do spodniho okna vloz skript, dej opravit, po restartu log sem

Kód: Vybrat vše

:otl
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.icq.com/ [binary data]
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 74 A5 B1 BC DC CA 01 [binary data]
IE - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaultthis.engineName: "PageRage Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60280&qkw="
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
O2 - BHO: () - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O3:64bit: - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O4 - HKLM..\Run: [DivX Free Codec] C:\Program Files (x86)\DivX Free Codec\Divx Free Update.exe File not found
O4 - HKLM..\Run: [reset] C:\Windows\reset.reg ()
O4 - HKU\S-1-5-21-3732995390-3839235142-1401659564-1001..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - AutoRun File - [2003.07.18 16:18:16 | 000,000,051 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3f160578-4d59-11df-8a63-6cf04905c3e7}\Shell - "" = AutoRun
O33 - MountPoints2\{3f160578-4d59-11df-8a63-6cf04905c3e7}\Shell\AutoRun\command - "" = F:\win\CDSplash.exe -- File not found
O33 - MountPoints2\{4942ca66-48ad-11df-8304-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4942ca66-48ad-11df-8304-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PlayDiskStart.exe -- [2003.07.18 16:18:16 | 000,040,960 | R--- | M] ()

:commands
[emptytemp]
[reboot]

[daniel.vrsek]

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-3732995390-3839235142-1401659564-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3732995390-3839235142-1401659564-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Crawler Search" removed from browser.search.defaultenginename
Prefs.js: "PageRage Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Crawler Search" removed from browser.search.order.1
Prefs.js: "http://www.crawler.com/search/dispatche ... 60280&qkw=" removed from keyword.URL
C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3732995390-3839235142-1401659564-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-3732995390-3839235142-1401659564-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivX Free Codec deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\reset deleted successfully.
C:\Windows\reset.reg moved successfully.
Registry value HKEY_USERS\S-1-5-21-3732995390-3839235142-1401659564-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\inbox\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}\ deleted successfully.
File {37540F19-DD4C-478B-B2DF-C19281BCAF27} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ deleted successfully.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\inbox\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}\ not found.
File {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f160578-4d59-11df-8a63-6cf04905c3e7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f160578-4d59-11df-8a63-6cf04905c3e7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f160578-4d59-11df-8a63-6cf04905c3e7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f160578-4d59-11df-8a63-6cf04905c3e7}\ not found.
File F:\win\CDSplash.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4942ca66-48ad-11df-8304-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4942ca66-48ad-11df-8304-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4942ca66-48ad-11df-8304-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4942ca66-48ad-11df-8304-806e6f6e6963}\ not found.
File move failed. E:\PlayDiskStart.exe scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Daniel
->Temp folder emptied: 236131268 bytes
->Temporary Internet Files folder emptied: 98869640 bytes
->Java cache emptied: 316788 bytes
->FireFox cache emptied: 90200448 bytes
->Google Chrome cache emptied: 214255984 bytes
->Flash cache emptied: 25268 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19050670 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 127269787 bytes

Total Files Cleaned = 750,00 mb


OTL by OldTimer - Version 3.2.5.3 log created on 06092010_184355

Files\Folders moved on Reboot...
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\PlayDiskStart.exe scheduled to be moved on reboot.
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[kilmal]

Co PC, zlepsilo se?
Udelej kompletni test pres mbam (predtim vsak aktualizuj databazi na treti zalozce) http://www.download.com/Malwarebytes-An ... tag=button

[daniel.vrsek]

jojo...mockrát děkuju a čim to bylo?

[kilmal]

jeste dej ten log z mbam! chybne veci a bordel v registrech

[daniel.vrsek]

jeste neni celkovy delam jen C

[kilmal]

Ok, pak ho sem dej...Staci udelat kompletni na systemovem disku...

[daniel.vrsek]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4183

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9.6.2010 21:33:31
mbam-log-2010-06-09 (21-33-31).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 198686
Uplynulý čas: 18 minuta(y), 29 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[kilmal]

spust otl, klik na vycistit...

[daniel.vrsek]

Nějaky divný.. windows mi po restartu hlásí že mám kopii windowsu..

[kilmal]

jakou kopii windows?

[daniel.vrsek]

Myslel se nelegálni windows už to nedělá

[kilmal]

v tom pripade se nemame o cem bavit pokud mas winy nejisteho puvodu- vyreseno zakoupenim licence:?

[daniel.vrsek]

ale ja mam origo! a hlasilo mi to ze ho mam nelegalne sel sem na microsoft a udelal si overeni toho win a bylo to ok

[kilmal]

Hlaska stale trva, pokud jo kontaktuj support microsoftu