Prosím o preventivní kontrolu...děkuji

Zpráva

Phantome · #1 Příspěvek od **Phantome** » 18 říj 2011 19:08

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:41, on 18.10.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\HONZK~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Firefox\firefox.exe
C:\Users\honzík\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

--
End of file - 6536 bytes

#2 Příspěvek od **Mc_Murphy** » 19 říj 2011 10:43

Zdravím.

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary!

Potom fixni v HJT tyto položky:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Users\honzík\Desktop\HijackThis.exe

Až to provedeš, hoď mi sem ještě log z OTL na dočištění (hodil jsi log z HJT, ten už se tu nepoužívá, už delší dobu používáme RSIT, který má log detailnější).

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*nocd* /s
*AutoKMS* /s
*minodlogin* /s
*tnod* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Phantome · #3 Příspěvek od **Phantome** » 20 říj 2011 17:47

Ty soubory sem fixnul a pak sem stáhl OTL ale asi po 20 minutách se to seklo.Takže mi to ani zádný texťák nevyhodilo.

#4 Příspěvek od **Mc_Murphy** » 20 říj 2011 17:59

Dobrá, nevadí, zkus spustit OTL podle návodu, ale v Nouzovém režimu.

Phantome · #5 Příspěvek od **Phantome** » 20 říj 2011 19:44

opět to samé:-/ ... píše to chybu: "Cannot create file C:\Users\honzik\Desktop\cmd.bad."

#6 Příspěvek od **Mc_Murphy** » 21 říj 2011 10:27

V poho, nezoufej... vím, čím to je.

Spušť tedy OTL s takto pozměněným scriptem.

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*nocd* /s
*AutoKMS* /s
*minodlogin* /s
*tnod* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Phantome · #7 Příspěvek od **Phantome** » 21 říj 2011 11:16

OTL Extras logfile created on: 21.10.2011 11:50:34 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\honzík\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,80% Memory free
5,99 Gb Paging File | 4,57 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 91,50 Gb Free Space | 63,52% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 97,08 Gb Free Space | 67,40% Space Free | Partition Type: NTFS

Computer Name: HONZIKUVACER | User Name: honzík | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F6E17CB-0565-44A7-8C36-941EA56B215E}" = Worms World Party
"{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{2B290EE2-5576-4A00-918B-FEC299103FBD}" = Dlubal RSTAB 7
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40A05BA1-6154-4923-91E0-F9042027B37A}_is1" = PC Remote Controller version 0.98b
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Mayhem
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-7001-0405-0002-0060B0CE6BBA}" = AutoCAD 2009 - český
"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{6153B658-1CC9-404F-8F9E-2F93CD20EB66}" = RealWorld Photos
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E810309-4B18-4DC4-A383-F0FB830B02B1}" = AuthenTec Fingerprint Software
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A62B2A-50D6-4886-8AFA-7FC4DE273C61}" = RSTAB
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.4 - Czech
"{B9F96BAA-B492-45BE-B47C-2F16A6A8B798}" = RSTAB
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DBB7F606-0C13-4182-AD7F-427A4773580E}" = VibrateGameDeviceDriver
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}" = Commandos 2: Men of Courage
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"001FFF1FFF14FF00FF1101F01F02F000-R1" = ArchiCAD 14 CZE
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP2" = AIMP2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AutoCAD 2009 - český" = AutoCAD 2009 - český
"avast" = avast! Free Antivirus
"BatteryBar" = BatteryBar (remove only)
"CCleaner" = CCleaner
"Cross Fire_is1" = Cross Fire En
"DWG TrueView 2011" = DWG TrueView 2011
"DWG TrueView 2012" = DWG TrueView 2012
"DwgBrowser" = DwgBrowser v1.0.1
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"euroCALC Remote Student_is1" = euroCALC Remote Student
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HijackThis" = HijackThis 2.0.2
"InstallShield_{0F6E17CB-0565-44A7-8C36-941EA56B215E}" = Worms World Party
"InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"IrfanView" = IrfanView (remove only)
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MiKTeX 2.8" = MiKTeX 2.8
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OnLive" = OnLive
"Paintball2" = Paintball2 Alpha build 016
"Pet Racer" = Pet Racer
"Police" = Police
"Samsung SCX-4300 Series" = Samsung SCX-4300 Series
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"Trillian" = Trillian
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"VLC media player" = VLC media player 1.0.3
"WinEdt_is1" = WinEdt
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.10.2011 5:23:13 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Z8Games\crossfire\Aegis64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 15.10.2011 5:25:01 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2011 7:54:35 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Z8Games\crossfire\Aegis64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2011 7:56:20 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.10.2011 12:14:37 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Z8Games\crossfire\Aegis64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.10.2011 12:16:26 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 18.10.2011 13:29:23 | Computer Name = honzikuvACER | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385,
časové razítko: 0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x00009f9a ID chybujícího
procesu: 0x8b8 Čas spuštění chybující aplikace: 0x01cc8daa2f215899 Cesta k chybující
aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID
zprávy: b7bc3e43-f9ae-11e0-974e-001e68b83123

Error - 20.10.2011 7:22:08 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Z8Games\crossfire\Aegis64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.10.2011 7:24:01 | Computer Name = honzikuvACER | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 20.10.2011 8:45:43 | Computer Name = honzikuvACER | Source = MsiInstaller | ID = 11905
Description =

[ Media Center Events ]
Error - 24.2.2011 8:08:31 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 13:08:31 - Chyba při připojování k Internetu 13:08:31 - Nelze kontaktovat
server..

Error - 24.2.2011 8:08:42 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 13:08:37 - Chyba při připojování k Internetu 13:08:37 - Nelze kontaktovat
server..

Error - 24.2.2011 9:08:59 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 14:08:59 - Chyba při připojování k Internetu 14:08:59 - Nelze kontaktovat
server..

Error - 24.2.2011 9:09:06 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 14:09:04 - Chyba při připojování k Internetu 14:09:04 - Nelze kontaktovat
server..

Error - 24.2.2011 10:09:24 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 15:09:24 - Chyba při připojování k Internetu 15:09:24 - Nelze kontaktovat
server..

Error - 24.2.2011 10:09:31 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 15:09:30 - Chyba při připojování k Internetu 15:09:30 - Nelze kontaktovat
server..

Error - 27.2.2011 6:35:58 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 11:35:58 - Chyba při připojování k Internetu 11:35:58 - Nelze kontaktovat
server..

Error - 27.2.2011 6:36:09 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 11:36:03 - Chyba při připojování k Internetu 11:36:03 - Nelze kontaktovat
server..

Error - 28.3.2011 7:31:40 | Computer Name = honzikuvACER | Source = MCUpdate | ID = 0
Description = 13:31:40 - Chyba při připojování k Internetu 13:31:40 - Nelze kontaktovat
server..

[ System Events ]
Error - 18.10.2011 11:25:19 | Computer Name = honzikuvACER | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:23:08, ?18.?10.?2011) bylo neočekávané.

Error - 18.10.2011 11:25:27 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 19.10.2011 7:35:47 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 19.10.2011 11:43:40 | Computer Name = honzikuvACER | Source = bowser | ID = 8003
Description =

Error - 20.10.2011 6:08:21 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 20.10.2011 6:08:57 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby XobniService bylo dosaženo časového
limitu (30000 ms).

Error - 20.10.2011 6:08:57 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7000
Description = Služba XobniService neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 20.10.2011 10:35:21 | Computer Name = honzikuvACER | Source = BROWSER | ID = 8032
Description =

Error - 21.10.2011 5:29:58 | Computer Name = honzikuvACER | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 21.10.2011 5:51:58 | Computer Name = honzikuvACER | Source = BROWSER | ID = 8032
Description =

< End of report >

Phantome · #8 Příspěvek od **Phantome** » 21 říj 2011 11:17

OTL logfile created on: 21.10.2011 11:50:34 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\honzík\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,99 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,80% Memory free
5,99 Gb Paging File | 4,57 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 91,50 Gb Free Space | 63,52% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 97,08 Gb Free Space | 67,40% Space Free | Partition Type: NTFS

Computer Name: HONZIKUVACER | User Name: honzík | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.10.20 14:54:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\honzík\Desktop\OTL.exe
PRC - [2011.09.29 09:07:26 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Firefox\plugin-container.exe
PRC - [2011.09.29 09:07:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Firefox\firefox.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.04 14:34:50 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.07.26 23:06:05 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\honzík\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011.06.30 09:37:28 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.06.30 09:37:06 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.21 12:53:40 | 001,483,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.09.01 14:00:00 | 035,390,976 | ---- | M] (Graphisoft R&D) -- C:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe
PRC - [2010.09.01 14:00:00 | 000,416,768 | ---- | M] (Graphisoft R&D) -- C:\Program Files\Common Files\Graphisoft Shared\GSQtCom\14.0.1\GSQtCom.exe
PRC - [2010.08.12 01:35:12 | 000,056,040 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.09.05 16:29:06 | 003,449,856 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\Acer Bio Protection\BASVC.exe
PRC - [2009.09.05 16:29:04 | 003,570,176 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\Acer Bio Protection\PdtWzd.exe
PRC - [2009.09.05 16:28:52 | 003,360,768 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009.08.05 05:40:10 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008.04.16 07:30:12 | 000,536,576 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2003.01.16 11:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe

========== Modules (No Company Name) ==========

MOD - [2011.09.29 09:07:25 | 001,833,944 | ---- | M] () -- C:\Program Files\Firefox\mozjs.dll
MOD - [2011.03.15 15:03:31 | 006,053,536 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.09.01 14:00:00 | 004,902,912 | ---- | M] () -- C:\Program Files\Graphisoft\ArchiCAD 14\edmikit500.dll
MOD - [2010.09.01 14:00:00 | 000,872,448 | ---- | M] () -- C:\Program Files\Graphisoft\ArchiCAD 14\iconv.dll
MOD - [2010.09.01 14:00:00 | 000,704,512 | ---- | M] () -- C:\Program Files\Graphisoft\ArchiCAD 14\edm_libxml2.dll
MOD - [2009.11.03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.11.03 16:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2008.10.11 23:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.08.12 11:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008.07.29 14:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008.07.29 14:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008.07.29 14:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008.07.29 14:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008.07.29 13:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008.04.16 07:30:12 | 000,536,576 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

========== Win32 Services (SafeList) ==========

SRV - [2011.09.23 12:08:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.06.30 09:37:28 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.08.12 01:35:12 | 000,056,040 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009.11.15 19:38:14 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009.09.05 16:29:06 | 003,449,856 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009.08.05 05:40:10 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.06.30 09:38:06 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.06.30 09:38:06 | 000,037,592 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.06.30 09:38:04 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.15 19:23:54 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.23 11:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.08.05 06:14:40 | 000,659,328 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009.07.28 07:26:00 | 009,791,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009.07.14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.05.18 15:20:00 | 000,119,256 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.04.30 22:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.12 19:52:34 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.01.03 23:50:22 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2005.09.26 15:47:46 | 000,008,576 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DynCal.sys -- (DynCal)
DRV - [2005.08.18 00:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 81 8A D3 15 62 CA 01 [binary data]
IE - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@onlive.com/OlGameDetect,version=1.1.0.76892: C:\Program Files\OnLive\FirefoxPlugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\honzík\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.01.27 20:15:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2011.02.23 00:07:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.07 12:03:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Firefox\components [2011.10.18 19:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Firefox\plugins [2011.09.23 12:15:09 | 000,000,000 | ---D | M]

[2011.02.23 00:04:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\honzík\AppData\Roaming\Mozilla\Extensions
[2011.10.20 19:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\honzík\AppData\Roaming\Mozilla\Firefox\Profiles\yeamjaot.default\extensions
[2011.07.23 13:21:03 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\honzík\AppData\Roaming\Mozilla\Firefox\Profiles\yeamjaot.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.09.07 12:03:23 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\HONZĂK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YEAMJAOT.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\HONZĂK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YEAMJAOT.DEFAULT\EXTENSIONS\ELEMHIDEHELPER@ADBLOCKPLUS.ORG.XPI
File not found (No name found) -- C:\USERS\HONZĂK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YEAMJAOT.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI

========== Chrome ==========

CHR - default_search_provider: Bing ()
CHR - default_search_provider: search_url = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2011.07.26 21:33:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\..\Toolbar\WebBrowser: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.32.229.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0773DB26-D3CC-4DE0-94F3-8C3817372AC1}: DhcpNameServer = 147.32.229.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC2699D1-FEF1-49D8-A100-C5C0271B8AD1}: DhcpNameServer = 147.32.127.214 147.32.127.218
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) -C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.21 20:39:40 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.11.10 19:02:46 | 000,000,000 | ---D | M] - D:\AutoCad2009CZ -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.10.20 14:54:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\honzík\Desktop\OTL.exe
[2011.10.20 14:53:54 | 000,000,000 | ---D | C] -- C:\Users\honzík\Desktop\backups
[2011.10.20 14:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Callida euroCALC 3
[2011.10.20 14:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Callida
[2011.10.19 15:04:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dlubal
[2011.10.19 15:03:45 | 000,205,608 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\THREED32.OCX
[2011.10.19 15:03:45 | 000,117,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCTLDE.DLL
[2011.10.19 15:03:45 | 000,094,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GRID32.OCX
[2011.10.19 15:03:45 | 000,037,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGDE.DLL
[2011.10.19 15:03:44 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll
[2011.10.19 15:03:44 | 000,524,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGRID32.OCX
[2011.10.19 15:03:44 | 000,243,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msflxgrd.ocx
[2011.10.19 15:03:44 | 000,203,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX
[2011.10.19 15:03:44 | 000,163,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMCT232.OCX
[2011.10.19 15:03:33 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\STKIT432.DLL
[2011.10.19 15:02:58 | 000,302,784 | ---- | C] (Ing.-Software DLUBAL GmbH) -- C:\Windows\System32\DL_Bmpbtn.ocx
[2011.10.19 15:02:58 | 000,093,888 | ---- | C] (Ing.-Software DLUBAL) -- C:\Windows\System32\DL_HtmlButton.ocx
[2011.10.19 15:02:58 | 000,085,696 | ---- | C] (Ing.-Software DLUBAL) -- C:\Windows\System32\DL_HtmlStatic.ocx
[2011.10.19 15:02:58 | 000,077,504 | ---- | C] (Ing.-Software DLUBAL GmbH) -- C:\Windows\System32\DL_Caption.ocx
[2011.10.19 15:02:58 | 000,036,544 | ---- | C] (Dlubal) -- C:\Windows\System32\DL_Static.ocx
[2011.10.19 15:02:57 | 000,308,008 | ---- | C] (SommyTech®) -- C:\Windows\System32\BlnDialog.ocx
[2011.10.19 15:02:57 | 000,149,288 | ---- | C] (Desaware) -- C:\Windows\System32\ANIBTN32.OCX
[2011.10.19 15:00:52 | 000,274,432 | ---- | C] (Ing. Dlubal s.r.o.) -- C:\Windows\System32\ThmShellEx.dll
[2011.10.19 15:00:51 | 000,631,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2011.10.19 15:00:51 | 000,553,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2011.10.19 15:00:51 | 000,492,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll
[2011.10.19 15:00:51 | 000,484,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2011.10.19 15:00:51 | 000,348,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2011.10.19 15:00:50 | 001,106,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc80.dll
[2011.10.19 15:00:50 | 001,097,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc80u.dll
[2011.10.19 15:00:50 | 000,979,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll
[2011.10.19 14:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Dlubal
[2011.10.19 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Dlubal
[2011.10.19 14:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Dlubal
[2011.10.19 14:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Dlubal
[2011.10.19 14:56:12 | 000,000,000 | ---D | C] -- C:\Users\honzík\Desktop\Dlubal_RSTAB_7.02.0140
[2011.10.18 21:42:16 | 000,000,000 | ---D | C] -- C:\Users\honzík\Desktop\603_cz
[2011.10.18 19:36:02 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\honzík\Desktop\HijackThis.exe
[2011.10.14 15:06:42 | 000,000,000 | ---D | C] -- C:\Users\honzík\Desktop\svatoš

========== Files - Modified Within 7 Days ==========

[2011.10.21 11:52:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.21 11:37:25 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 11:37:25 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 11:35:48 | 000,282,624 | ---- | M] () -- C:\Users\honzík\Desktop\testik.rs7
[2011.10.21 11:35:37 | 000,669,432 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.10.21 11:35:37 | 000,654,786 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.21 11:35:37 | 000,141,032 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.10.21 11:35:37 | 000,121,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.21 11:29:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.21 11:29:39 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.20 20:53:37 | 734,023,588 | ---- | M] () -- C:\Users\honzík\Desktop\Hancock.avi
[2011.10.20 14:54:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\honzík\Desktop\OTL.exe
[2011.10.20 14:48:32 | 000,008,613 | ---- | M] () -- C:\Windows\vpd.properties
[2011.10.20 14:16:22 | 000,002,072 | ---- | M] () -- C:\Users\honzík\Desktop\euroCALC Remote Student .lnk
[2011.10.19 15:04:02 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Dlubal SHAPE-THIN 7.xx.lnk
[2011.10.19 15:04:02 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\Dlubal SHAPE-MASSIVE 6.xx.lnk
[2011.10.19 15:04:02 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\Dlubal RSTAB 7.xx.lnk
[2011.10.19 14:30:38 | 729,737,235 | ---- | M] () -- C:\Users\honzík\Desktop\Dlubal_RSTAB_7.02.0140.zip
[2011.10.18 21:40:54 | 578,500,034 | ---- | M] () -- C:\Users\honzík\Desktop\Dexter-S06E03-HDTV.XviD-ASAP.rar
[2011.10.18 21:40:54 | 000,022,172 | ---- | M] () -- C:\Users\honzík\Desktop\603_cz.rar
[2011.10.18 19:36:05 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\honzík\Desktop\HijackThis.exe
[2011.10.18 19:25:14 | 000,034,714 | ---- | M] () -- C:\Users\honzík\Documents\cc_20111018_192507.reg
[2011.10.18 19:21:10 | 000,001,054 | ---- | M] () -- C:\Users\honzík\Desktop\Mozilla Firefox.lnk
[2011.10.18 19:04:03 | 000,001,936 | ---- | M] () -- C:\Users\honzík\Documents\Firefox Sync Key.html
[2011.10.15 09:15:34 | 000,428,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.14 15:05:28 | 000,107,008 | ---- | M] () -- C:\Users\honzík\Desktop\voucher_7263375130.jpg

========== Files Created - No Company Name ==========

[2011.10.20 20:52:31 | 734,023,588 | ---- | C] () -- C:\Users\honzík\Desktop\Hancock.avi
[2011.10.20 14:59:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.20 14:16:22 | 000,002,072 | ---- | C] () -- C:\Users\honzík\Desktop\euroCALC Remote Student .lnk
[2011.10.19 17:31:05 | 000,282,624 | ---- | C] () -- C:\Users\honzík\Desktop\testik.rs7
[2011.10.19 15:04:02 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\Dlubal SHAPE-THIN 7.xx.lnk
[2011.10.19 15:04:02 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\Dlubal SHAPE-MASSIVE 6.xx.lnk
[2011.10.19 15:04:01 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\Dlubal RSTAB 7.xx.lnk
[2011.10.19 13:52:51 | 729,737,235 | ---- | C] () -- C:\Users\honzík\Desktop\Dlubal_RSTAB_7.02.0140.zip
[2011.10.18 21:40:50 | 000,022,172 | ---- | C] () -- C:\Users\honzík\Desktop\603_cz.rar
[2011.10.18 21:39:52 | 578,500,034 | ---- | C] () -- C:\Users\honzík\Desktop\Dexter-S06E03-HDTV.XviD-ASAP.rar
[2011.10.18 19:25:12 | 000,034,714 | ---- | C] () -- C:\Users\honzík\Documents\cc_20111018_192507.reg
[2011.10.18 19:21:10 | 000,001,054 | ---- | C] () -- C:\Users\honzík\Desktop\Mozilla Firefox.lnk
[2011.10.18 19:04:03 | 000,001,936 | ---- | C] () -- C:\Users\honzík\Documents\Firefox Sync Key.html
[2011.10.14 15:05:21 | 000,107,008 | ---- | C] () -- C:\Users\honzík\Desktop\voucher_7263375130.jpg
[2011.09.24 10:18:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.09.21 19:10:32 | 000,000,025 | ---- | C] () -- C:\Windows\TraceInf.ini
[2011.06.16 10:32:00 | 000,001,496 | ---- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat
[2011.02.23 00:03:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.25 17:06:44 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.09.25 17:06:40 | 000,110,592 | ---- | C] () -- C:\Windows\Wiainst.exe
[2010.09.25 17:06:29 | 000,217,088 | R--- | C] () -- C:\Windows\System32\ssminidriver.dll
[2010.09.25 17:06:29 | 000,027,136 | R--- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2010.09.25 17:06:29 | 000,011,264 | R--- | C] () -- C:\Windows\System32\sssegfilter.dll
[2010.09.25 17:06:29 | 000,010,752 | R--- | C] () -- C:\Windows\System32\sserrhandler.dll
[2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.21 12:39:42 | 000,000,337 | ---- | C] () -- C:\Users\honzík\AppData\Local\Perfmon.PerfmonCfg
[2009.11.30 16:08:49 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sse1ml3.dll
[2009.11.30 13:07:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.15 18:37:35 | 000,005,632 | ---- | C] () -- C:\Users\honzík\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.10 23:26:41 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.11.10 23:26:41 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009.11.10 23:26:41 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009.11.10 23:26:41 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009.11.10 17:55:36 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.10 17:33:21 | 000,123,780 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2009.11.10 17:33:21 | 000,000,728 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2009.11.10 17:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009.11.10 17:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009.11.10 17:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009.11.10 17:33:21 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.07.14 10:44:22 | 000,669,432 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,141,032 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,428,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,654,786 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,121,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:59:08 | 000,011,776 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2009.07.14 02:58:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2009.07.14 02:58:25 | 000,010,240 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2009.07.14 02:56:53 | 000,159,232 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.09.11 20:01:00 | 000,081,920 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.09.09 17:38:48 | 000,097,792 | ---- | C] () -- C:\Windows\System32\INT15_64.dll
[2008.09.09 17:38:48 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008.03.12 19:52:34 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011.10.13 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\AIMP
[2009.11.10 21:19:46 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Ashampoo
[2011.09.21 21:13:21 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Autodesk
[2011.06.16 12:52:06 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\BatteryBar
[2011.10.18 19:23:38 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\DAEMON Tools Lite
[2010.01.30 18:55:31 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Facebook
[2011.06.08 16:56:42 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\GHISLER
[2011.10.20 14:48:36 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Graphisoft
[2011.07.24 22:08:22 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\ICQ
[2011.08.16 11:48:51 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\IrfanView
[2010.01.21 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Leadertech
[2010.02.15 17:23:32 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Microgaming
[2011.01.29 14:53:20 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Nokia
[2011.03.25 17:11:34 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\OnLive App
[2011.01.29 14:52:31 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\PC Suite
[2011.08.19 13:26:12 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\PhotoFiltre
[2009.11.10 19:53:15 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\QIP
[2011.04.01 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Trillian
[2011.10.04 08:29:36 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2010.12.21 12:53:40 | 001,483,264 | ---- | M] (Nokia)

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NTFS.SYS >
[2011.03.11 07:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 14:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 07:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 07:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 06:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010.11.20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 07:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
[2008.01.04 08:57:42 | 000,019,968 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\System32\spool\prtprocs\w32x86\sse1mpc.dll
[2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 10:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 23:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.01.03 20:24:12 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ATSwpWDF_01007.Wdf
[2011.01.29 14:52:22 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.03.14 12:13:40 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2010.10.21 16:28:42 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf
[2011.01.29 14:52:41 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2009.11.10 16:56:11 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.10 12:43:55 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2009.07.28 07:26:00 | 000,004,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvBridge.kmd
[2009.07.09 14:20:28 | 000,123,780 | ---- | M] () -- C:\Windows\system32\drivers\RtConvEQ.DAT
[2005.06.27 05:29:50 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX0.dat
[2005.06.27 05:29:28 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX1.dat
[2008.08.21 13:43:36 | 000,000,520 | ---- | M] () -- C:\Windows\system32\drivers\RTEQEX2.dat
[2009.07.09 14:20:28 | 000,000,728 | ---- | M] () -- C:\Windows\system32\drivers\RtHdatEx.dat
[2009.06.18 16:47:04 | 000,001,496 | ---- | M] () -- C:\Windows\system32\drivers\RtkAcerM.dat
[2007.07.13 14:11:56 | 000,000,008 | ---- | M] () -- C:\Windows\system32\drivers\rtkhdaud.dat

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.11.15 19:23:54 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.10.21 11:37:25 | 000,013,456 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 11:37:25 | 000,013,456 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.21 11:35:37 | 000,141,032 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.10.21 11:35:37 | 000,121,658 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.10.21 11:35:37 | 000,669,432 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.10.21 11:35:37 | 000,654,786 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.10.21 11:35:37 | 001,583,990 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[70 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2009.11.10 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Adobe
[2011.10.13 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\AIMP
[2009.11.10 21:19:46 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Ashampoo
[2011.09.21 21:13:21 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Autodesk
[2011.06.16 12:52:06 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\BatteryBar
[2011.10.18 19:23:38 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\DAEMON Tools Lite
[2011.10.13 22:24:02 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\dvdcss
[2010.01.30 18:55:31 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Facebook
[2011.06.08 16:56:42 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\GHISLER
[2011.10.20 14:48:36 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Graphisoft
[2011.07.24 22:08:22 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\ICQ
[2009.11.10 16:53:04 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Identities
[2009.11.10 23:26:24 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\InstallShield
[2011.08.16 11:48:51 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\IrfanView
[2010.01.21 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Leadertech
[2009.11.10 18:05:08 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Macromedia
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Media Center Programs
[2010.02.15 17:23:32 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Microgaming
[2011.10.14 15:53:28 | 000,000,000 | --SD | M] -- C:\Users\honzík\AppData\Roaming\Microsoft
[2010.06.17 11:13:00 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\MiKTeX
[2011.02.23 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Mozilla
[2011.01.29 14:53:20 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Nokia
[2011.03.25 17:11:34 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\OnLive App
[2011.01.29 14:52:31 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\PC Suite
[2011.08.19 13:26:12 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\PhotoFiltre
[2009.11.10 19:53:15 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\QIP
[2011.03.08 22:55:15 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\RealWorld
[2011.10.18 19:18:07 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Skype
[2011.10.18 18:12:26 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\skypePM
[2011.04.01 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Trillian
[2011.10.20 20:03:54 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\vlc
[2009.11.10 17:25:40 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\WinRAR
[2010.08.15 22:30:55 | 000,000,000 | ---D | M] -- C:\Users\honzík\AppData\Roaming\Xfire

< %APPDATA%\*.* >

< %APPDATA%\*.exe /s >
[2010.01.30 18:55:31 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\honzík\AppData\Roaming\Facebook\uninstall.exe
[2011.03.08 22:55:04 | 000,029,926 | R--- | M] () -- C:\Users\honzík\AppData\Roaming\Microsoft\Installer\{6153B658-1CC9-404F-8F9E-2F93CD20EB66}\_37E68263F08599419C91CC.exe
[2011.03.08 22:55:04 | 000,111,091 | R--- | M] () -- C:\Users\honzík\AppData\Roaming\Microsoft\Installer\{6153B658-1CC9-404F-8F9E-2F93CD20EB66}\_60D0EF8CF64354ABF2161C.exe
[2011.03.08 22:55:04 | 000,010,134 | R--- | M] () -- C:\Users\honzík\AppData\Roaming\Microsoft\Installer\{6153B658-1CC9-404F-8F9E-2F93CD20EB66}\_6FEFF9B68218417F98F549.exe
[2011.03.08 22:55:04 | 000,111,091 | R--- | M] () -- C:\Users\honzík\AppData\Roaming\Microsoft\Installer\{6153B658-1CC9-404F-8F9E-2F93CD20EB66}\_AC07786753C2FA5F800EC8.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2011.06.14 18:07:03 | 006,220,927 | ---- | M] () -- \Users\honzík\Downloads\Dirt 2 crack.rar

< *keygen* /s >

< *nocd* /s >

< *AutoKMS* /s >

< *minodlogin* /s >

< *tnod* /s >
[2010.09.01 14:00:00 | 000,013,106 | ---- | M] () -- \Program Files\Graphisoft\ArchiCAD 14\Napoveda\Files\images\FilletNode1.png
[2010.09.01 14:00:00 | 000,000,527 | ---- | M] () -- \Program Files\Graphisoft\ArchiCAD 14\Napoveda\Files\images\InsertNodeIcon.png
[2010.09.01 14:00:00 | 000,009,031 | ---- | M] () -- \Program Files\Graphisoft\ArchiCAD 14\Napoveda\Files\images\VRObjectNodeRepos.png

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-21 09:35:32

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.21 11:52:32 | 000,000,512 | ---- | M] () MD5=2FCFB2CD3F8F83B1FE88539CF14589B0 -- C:\PhysicalMBR.bin

< End of report >

#9 Příspěvek od **Mc_Murphy** » 21 říj 2011 11:36

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 81 8A D3 15 62 CA 01 [binary data]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - default_search_provider: Bing ()
CHR - default_search_provider: search_url = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O3 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\..\Toolbar\WebBrowser: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[70 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Users\honzík\Downloads\Dirt 2 crack.rar /d

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Phantome · #10 Příspěvek od **Phantome** » 21 říj 2011 20:59

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-2118059315-1497923381-3254338474-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_USERS\S-1-5-21-2118059315-1497923381-3254338474-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}\ not found.
Registry value HKEY_USERS\S-1-5-21-2118059315-1497923381-3254338474-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\centrumcztoolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61A97628-7C82-4315-957A-C74C2CDD85DF}\ deleted successfully.
File {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1498.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDD92.tmp\PresentationFramework.Classic.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDD92.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDFF2.tmp folder deleted successfully.
C:\Windows\Installer\MSI2AA1.tmp deleted successfully.
C:\Windows\Installer\MSI2BCA.tmp deleted successfully.
C:\Windows\Installer\MSI2C96.tmp deleted successfully.
C:\Windows\Installer\MSI2E3C.tmp deleted successfully.
C:\Windows\Installer\MSI77FC.tmp deleted successfully.
C:\Windows\Installer\MSIA4DC.tmp deleted successfully.
C:\Windows\Installer\MSIDEF0.tmp deleted successfully.
C:\Windows\Installer\MSIE0B5.tmp deleted successfully.
C:\Windows\temp\sig1358.tmp deleted successfully.
C:\Windows\temp\sig1378.tmp deleted successfully.
C:\Windows\temp\sig14EF.tmp deleted successfully.
C:\Windows\temp\sig1A66.tmp deleted successfully.
C:\Windows\temp\sig1CAE.tmp deleted successfully.
C:\Windows\temp\sig1EF7.tmp deleted successfully.
C:\Windows\temp\sig223.tmp deleted successfully.
C:\Windows\temp\sig23E7.tmp deleted successfully.
C:\Windows\temp\sig2436.tmp deleted successfully.
C:\Windows\temp\sig2437.tmp deleted successfully.
C:\Windows\temp\sig2456.tmp deleted successfully.
C:\Windows\temp\sig2496.tmp deleted successfully.
C:\Windows\temp\sig2774.tmp deleted successfully.
C:\Windows\temp\sig27C3.tmp deleted successfully.
C:\Windows\temp\sig28A0.tmp deleted successfully.
C:\Windows\temp\sig28DD.tmp deleted successfully.
C:\Windows\temp\sig290F.tmp deleted successfully.
C:\Windows\temp\sig297D.tmp deleted successfully.
C:\Windows\temp\sig2FEA.tmp deleted successfully.
C:\Windows\temp\sig34A1.tmp deleted successfully.
C:\Windows\temp\sig390F.tmp deleted successfully.
C:\Windows\temp\sig39AC.tmp deleted successfully.
C:\Windows\temp\sig3C5C.tmp deleted successfully.
C:\Windows\temp\sig4258.tmp deleted successfully.
C:\Windows\temp\sig42C6.tmp deleted successfully.
C:\Windows\temp\sig4334.tmp deleted successfully.
C:\Windows\temp\sig47E1.tmp deleted successfully.
C:\Windows\temp\sig4821.tmp deleted successfully.
C:\Windows\temp\sig48FC.tmp deleted successfully.
C:\Windows\temp\sig5231.tmp deleted successfully.
C:\Windows\temp\sig60A3.tmp deleted successfully.
C:\Windows\temp\sig6101.tmp deleted successfully.
C:\Windows\temp\sig620C.tmp deleted successfully.
C:\Windows\temp\sig7DF.tmp deleted successfully.
C:\Windows\temp\sigA2F.tmp deleted successfully.
C:\Windows\temp\sigB940.tmp deleted successfully.
C:\Windows\temp\sigBD66.tmp deleted successfully.
C:\Windows\temp\sigBF1C.tmp deleted successfully.
C:\Windows\temp\sigC33E.tmp deleted successfully.
C:\Windows\temp\sigC4F6.tmp deleted successfully.
C:\Windows\temp\sigC65A.tmp deleted successfully.
C:\Windows\temp\sigC706.tmp deleted successfully.
C:\Windows\temp\sigC822.tmp deleted successfully.
C:\Windows\temp\sigC833.tmp deleted successfully.
C:\Windows\temp\sigCADD.tmp deleted successfully.
C:\Windows\temp\sigCB89.tmp deleted successfully.
C:\Windows\temp\sigCC93.tmp deleted successfully.
C:\Windows\temp\sigCD2F.tmp deleted successfully.
C:\Windows\temp\sigCF9D.tmp deleted successfully.
C:\Windows\temp\sigD1C2.tmp deleted successfully.
C:\Windows\temp\sigD23F.tmp deleted successfully.
C:\Windows\temp\sigD50E.tmp deleted successfully.
C:\Windows\temp\sigD51E.tmp deleted successfully.
C:\Windows\temp\sigD53C.tmp deleted successfully.
C:\Windows\temp\sigD54D.tmp deleted successfully.
C:\Windows\temp\sigD73C.tmp deleted successfully.
C:\Windows\temp\sigDA9B.tmp deleted successfully.
C:\Windows\temp\sigDA9C.tmp deleted successfully.
C:\Windows\temp\sigDC70.tmp deleted successfully.
C:\Windows\temp\sigDC71.tmp deleted successfully.
C:\Windows\temp\sigDC90.tmp deleted successfully.
C:\Windows\temp\sigDC91.tmp deleted successfully.
C:\Windows\temp\sigDCEF.tmp deleted successfully.
C:\Windows\temp\sigDCF0.tmp deleted successfully.
C:\Windows\temp\sigE069.tmp deleted successfully.
C:\Windows\temp\sigE0B7.tmp deleted successfully.
C:\Windows\temp\sigE615.tmp deleted successfully.
C:\Windows\temp\sigE644.tmp deleted successfully.
C:\Windows\temp\sigE645.tmp deleted successfully.
C:\Windows\temp\sigE683.tmp deleted successfully.
C:\Windows\temp\sigE6A3.tmp deleted successfully.
C:\Windows\temp\sigE6E2.tmp deleted successfully.
C:\Windows\temp\sigE870.tmp deleted successfully.
C:\Windows\temp\sigEAD2.tmp deleted successfully.
C:\Windows\temp\sigEAF2.tmp deleted successfully.
C:\Windows\temp\sigEB51.tmp deleted successfully.
C:\Windows\temp\sigEBB7.tmp deleted successfully.
C:\Windows\temp\sigEE2.tmp deleted successfully.
C:\Windows\temp\sigEE8C.tmp deleted successfully.
C:\Windows\temp\sigF02.tmp deleted successfully.
C:\Windows\temp\sigF17F.tmp deleted successfully.
C:\Windows\temp\sigF467.tmp deleted successfully.
C:\Windows\temp\sigF4D5.tmp deleted successfully.
C:\Windows\temp\sigF534.tmp deleted successfully.
C:\Windows\temp\sigF90.tmp deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Users\honzík\Downloads\Dirt 2 crack.rar deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: honzík
->Temp folder emptied: 2846063 bytes
->Temporary Internet Files folder emptied: 778997 bytes
->Java cache emptied: 5886042 bytes
->FireFox cache emptied: 159608313 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4151 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1381346 bytes
RecycleBin emptied: 1870001 bytes

Total Files Cleaned = 164,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: honzík
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10212011_215509

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#11 Příspěvek od **Mc_Murphy** » 22 říj 2011 05:13

OK, OTL provedlo, co mělo, můžeme dočistit a máme hotovo.

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

A pokud nejsou žádné dotazy, bylo by to z mé strany vše.

Phantome · #12 Příspěvek od **Phantome** » 22 říj 2011 14:11

Děkuju moc;-)

#13 Příspěvek od **Mc_Murphy** » 22 říj 2011 15:28

Není vůbec zač a rádo se stalo.

Přeji pěkný den.

VIRY.CZ

Prosím o preventivní kontrolu...děkuji

Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji

Re: Prosím o preventivní kontrolu...děkuji