prosím o kontrolu logu

Zpráva

Lukas.M · #1 Příspěvek od **Lukas.M** » 02 čer 2012 12:50

Dobrý den. Prosím o kontrolu logu. Velice pomalý PC... Předem děkuji za odpověď.

Logfile of random's system information tool 1.09 (written by random/random)
Run by adriana at 2012-06-02 03:49:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 115 GB (75%) free of 153 GB
Total RAM: 1022 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:50:04, on 2.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\HPZipm12.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\adriana\Plocha\RSIT.exe
C:\Program Files\trend micro\adriana.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = seznam.cz
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll
R3 - URLSearchHook: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\prxtbTor2.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: Bitlord - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\prxtbTor2.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: TheBflix - {9975C56F-480B-4861-8BEB-7E3CBF52F7B5} - C:\Documents and Settings\All Users\Data aplikací\TheBflix\bhoclass.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Skinner - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - C:\Program Files\Skinovacek\adxloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll
O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\prxtbTor2.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NeroCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2011102308
O8 - Extra context menu item: &Vyhledat - file://C:\Program Files\Dynamic Toolbar\VOLNY\najdito.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: VOLNÝ - {5A19F1FE-2A05-438c-BE6E-7D23266193E8} - http://web.volny.cz/ (file missing)
O9 - Extra 'Tools' menuitem: VOLNÝ - {5A19F1FE-2A05-438c-BE6E-7D23266193E8} - http://web.volny.cz/ (file missing)
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Downloads\QIP\qip.exe (file missing) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{874B58EE-4F76-4E05-B801-9299C1E77991}: NameServer = 217.117.216.66
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = volny.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = volny.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = volny.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\windows\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SkinnerUpdater (SkinnerUpdateService) - Unknown owner - C:\Program Files\Skinovacek\SkinnerService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 16242 bytes

======Scheduled tasks folder======

C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006UA.job
C:\windows\tasks\Norton Security Scan for adriana.job
C:\windows\tasks\RMSchedule.job
C:\windows\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default

prefs.js - "browser.startup.homepage" - "http://badoo.com/startpage/"
prefs.js - "keyword.URL" - "http://badoo.com/startpage/?source=bsb&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{2224E955-00E9-4613-A844-CE69FCCAAE91}"=C:\Program Files\Internet Saving Optimizer\3.7.2.4650\FF
"{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}"=C:\Program Files\Media Access Startup\2.0.0.1050\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\1.bin
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin]
"Description"=Fun Web Products Plugin
"Path"=C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@thrixxx.com/WebLaunch]
"Description"=thriXXX WebLaunch 1.0
"Path"=C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\
badoo.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
Bitlord Toolbar - C:\Program Files\TorrentMan\prxtbTor2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9975C56F-480B-4861-8BEB-7E3CBF52F7B5}]
TheBflix Class - C:\Documents and Settings\All Users\Data aplikací\TheBflix\bhoclass.dll [2012-02-23 141824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]
Skinner - C:\Program Files\Skinovacek\adxloader.dll [2011-05-07 466944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre2.dll [2011-05-09 176936]
{7c5c0f58-e061-457d-9033-77307f5ed00c} - Bitlord Toolbar - C:\Program Files\TorrentMan\prxtbTor2.dll [2011-01-17 175912]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL []
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2006-09-12 16264192]
"SkyTel"=C:\windows\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-06-07 111928]
"NeroCheck"=C:\windows\system32\NeroCheck.exe [2001-07-09 155648]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=2 /w /h []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"KernelFaultCheck"=C:\windows\system32\dumprep 0 -k []
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-05-20 1564368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-13 15360]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]
"LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
"Badoo Desktop"=C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe [2011-10-05 1051760]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"Google Update"=C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-05-16 116648]
"ICQ"=~C:\Program Files\ICQ7M\ICQ.exe silent loginmode=4 []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispCPL"=0
"NoSecCPL"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFavoritesMenu"=0
"NoFind"=0
"NoRun"=0
"NoLogOff"=0
"NoClose"=0
"NoSetFolders"=0
"NoFolderOptions"=0
"NoSetActiveDesktop"=0
"NoWindowsUpdate"=0
"NoAddPrinter"=0
"NoDeletePrinter"=0
"NoPrinterTabs"=0
"NoActiveDesktop"=0
"NoDesktop"=0
"RestrictRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\adriana\Local Settings\Temporary Internet Files\Content.IE5\XYDIACAG\SweetImSetup[1].exe"="C:\Documents and Settings\adriana\Local Settings\Temporary Internet Files\Content.IE5\XYDIACAG\SweetImSetup[1].exe:*:Enabled:SweetIM Installer"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe"="C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\windows\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\mpegacm.acm
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm
"VIDC.WMV3"=wmv9vcm.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"VIDC.MJPG"=Pvmjpg30.dll
"VIDC.I420"=vdrcodec.dll

======List of files/folders created in the last 1 month======

2015-03-01 12:26:55 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
2015-03-01 12:26:54 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
2015-03-01 12:26:54 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
2015-03-01 12:26:53 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
2015-03-01 12:26:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2015-03-01 12:24:42 ----A---- C:\windows\system32\CNHMCA.dll
2015-03-01 12:24:42 ----A---- C:\windows\system32\CNC495U.dll
2015-03-01 12:24:42 ----A---- C:\windows\system32\CNC495L.dll
2015-03-01 12:24:42 ----A---- C:\windows\system32\CNC495I.dll
2015-03-01 12:24:42 ----A---- C:\windows\system32\CNC495C.dll
2015-03-01 12:24:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
2015-03-01 12:23:58 ----D---- C:\Program Files\Common Files\CANON
2015-03-01 12:23:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
2015-03-01 12:18:04 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2015-03-01 12:17:46 ----A---- C:\windows\system32\CNMLMA9.DLL
2015-03-01 12:17:37 ----HD---- C:\windows\system32\CanonIJ Uninstaller Information
2015-03-01 12:17:23 ----A---- C:\windows\system32\CNC495O.dll
2015-03-01 12:17:07 ----A---- C:\windows\system32\CNMIUA9.DLL
2015-03-01 12:16:42 ----HD---- C:\Program Files\CanonBJ
2015-03-01 12:15:45 ----D---- C:\windows\system32\STRING
2015-03-01 12:15:45 ----A---- C:\windows\system32\CNMNPUI.DLL
2015-03-01 12:15:44 ----A---- C:\windows\system32\CNMNPPM.DLL
2015-03-01 12:14:35 ----D---- C:\Program Files\Canon
2015-02-28 09:26:13 ----D---- C:\Documents and Settings\adriana\Data aplikací\BabylonToolbar
2015-02-28 08:55:09 ----A---- C:\user.js
2015-02-28 08:55:07 ----D---- C:\Program Files\BabylonToolbar
2015-02-28 08:54:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2015-02-28 08:54:39 ----D---- C:\Documents and Settings\adriana\Data aplikací\Babylon
2015-02-28 08:54:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Premium
2015-02-28 08:54:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\TheBflix
2015-02-28 08:53:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2015-02-25 11:44:47 ----RA---- C:\windows\NPSExec.exe
2015-02-25 11:44:47 ----D---- C:\Program Files\Electronic Arts
2015-02-23 02:58:53 ----D---- C:\Documents and Settings\adriana\Data aplikací\BSplayer Pro
2015-02-23 02:58:53 ----D---- C:\Documents and Settings\adriana\Data aplikací\BSplayer
2015-02-23 02:58:52 ----D---- C:\Program Files\Webteh
2015-02-21 04:01:38 ----D---- C:\Documents and Settings\adriana\Data aplikací\MAGIX
2015-02-21 03:57:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\MAGIX
2015-02-21 03:57:04 ----D---- C:\Program Files\Common Files\MAGIX Services
2015-02-18 14:01:18 ----D---- C:\Documents and Settings\adriana\Data aplikací\Boolat Games
2015-02-18 14:00:29 ----D---- C:\Program Files\DoubleGames.tv
2015-02-18 14:00:04 ----D---- C:\Program Files\Alawarhry.cz
2012-06-02 03:43:36 ----D---- C:\Program Files\trend micro
2012-06-02 03:43:35 ----D---- C:\rsit
2012-05-28 03:57:53 ----D---- C:\Program Files\Sateira
2012-05-28 03:45:23 ----D---- C:\Program Files\Easy Audio CD Burner
2012-05-28 03:45:23 ----A---- C:\windows\system32\cdr.dll
2012-05-24 08:19:50 ----SHD---- C:\found.000
2012-05-20 06:47:12 ----D---- C:\Documents and Settings\adriana\Data aplikací\ICQ Search
2012-05-20 06:46:52 ----D---- C:\Program Files\Guard-ICQ
2012-05-20 06:46:18 ----D---- C:\Documents and Settings\adriana\Data aplikací\ICQ
2012-05-20 06:45:59 ----D---- C:\Program Files\ICQ7M
2012-05-17 12:24:06 ----D---- C:\Program Files\MadZ Clone DVD Pro
2012-05-15 14:21:03 ----D---- C:\Documents and Settings\adriana\Data aplikací\Canneverbe Limited
2012-05-15 13:54:06 ----A---- C:\windows\system32\drivers\StarOpen.sys
2012-05-15 13:53:57 ----D---- C:\Program Files\CDBurnerXP
2012-05-13 23:52:50 ----D---- C:\Program Files\Common Files\Skype
2012-05-13 23:50:34 ----RD---- C:\Program Files\Skype
2012-05-09 22:11:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-05-09 22:11:01 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2015-03-02 11:31:57 ----D---- C:\Program Files\Cryptic Studios
2015-03-02 11:31:25 ----D---- C:\Program Files\FDRLab
2015-03-02 11:31:06 ----D---- C:\Program Files\AoaoPhotoEditorPlatinum
2015-03-01 12:25:44 ----D---- C:\windows\system32\FxsTmp
2015-03-01 12:24:42 ----D---- C:\windows\twain_32
2015-03-01 12:24:42 ----D---- C:\windows\Media
2015-02-28 09:26:48 ----D---- C:\Program Files\free-downloads.net
2015-02-25 11:43:13 ----D---- C:\Program Files\Maxis
2015-02-21 04:00:03 ----RSD---- C:\windows\Fonts
2015-02-18 14:16:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\rionix
2015-02-18 13:59:48 ----D---- C:\Program Files\Hry.cz
2012-06-02 03:49:52 ----D---- C:\Documents and Settings\adriana\Data aplikací\Skype
2012-06-02 03:44:22 ----D---- C:\windows\Prefetch
2012-06-02 03:43:36 ----RD---- C:\Program Files
2012-06-02 01:26:00 ----A---- C:\windows\SchedLgU.Txt
2012-06-02 00:42:43 ----D---- C:\windows\Temp
2012-06-01 00:04:32 ----D---- C:\windows\system32\CatRoot2
2012-05-31 06:39:23 ----HD---- C:\windows\inf
2012-05-29 06:06:14 ----SHD---- C:\windows\Installer
2012-05-29 05:55:59 ----HD---- C:\Config.Msi
2012-05-28 03:55:02 ----D---- C:\Program Files\Vypalovač
2012-05-28 03:45:24 ----AD---- C:\windows\system32
2012-05-28 03:23:48 ----D---- C:\Temp
2012-05-20 06:46:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-20 06:46:56 ----D---- C:\Program Files\ICQ6Toolbar
2012-05-20 06:46:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2012-05-16 22:39:39 ----D---- C:\WINDOWS
2012-05-16 12:34:08 ----SD---- C:\windows\Tasks
2012-05-15 14:20:50 ----D---- C:\windows\system32\drivers
2012-05-14 01:04:03 ----A---- C:\windows\vypalovac.ini
2012-05-13 23:52:50 ----D---- C:\Program Files\Common Files
2012-05-13 23:52:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-09 22:11:09 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\windows\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-08-29 697328]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 AmdK8;AMD-Prozessortreiber; C:\windows\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 ASPI32;ASPI32; C:\windows\system32\drivers\ASPI32.sys [2007-12-25 17101]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\windows\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2009-11-16 50704]
R2 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BridgeMP;Miniport mostu MAC; C:\windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2006-09-12 4381184]
R3 MarvinBus;Pinnacle Marvin Bus; C:\windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2006-07-11 84096]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S2 X4HSEx_Pr298;X4HSEx_Pr298; \??\C:\Program Files\Frag Games\X4HSEx.Sys []
S3 Bridge;Most MAC; C:\windows\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 smserial;smserial; C:\windows\system32\DRIVERS\smserial.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 UNDPR3K;UNDPR3K; \??\C:\WINDOWS\system32\drivers\UNDPR3K.SYS []
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-13 14336]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-05-20 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~1\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2006-07-20 143426]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\system32\HPZipm12.exe [2005-03-14 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-13 14336]
S2 Fax;Fax; C:\windows\system32\fxssvc.exe [2008-04-13 268288]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe []
S2 PCLEPCI;PCLEPCI; C:\windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S2 SkinnerUpdateService;SkinnerUpdater; C:\Program Files\Skinovacek\SkinnerService.exe [2011-05-07 7168]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-07-07 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-09 129976]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 02 čer 2012 14:08

Zdravim

No ani se nedivim, ze je to pomale

Mate tam (nebo uzivatel/ka adriana) fakt slusnou sbirku smeti.
Kontrola bude nejakou dobu trvat.

Zatim odinstalujte Advanced SystemCare a pripadne vse od IObit. Dokaze to nadelat vice skody, nez uzitku.

#3 Příspěvek od **Márty84** » 02 čer 2012 15:02

Nejdrive tedy odinstalujte Advanced SystemCare a pripadne vse od IObit

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Najdete tento soubor C:\Program Files\trend micro\adriana.exe a spustte ho.
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre2.dll
R3 - URLSearchHook: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\prxtbTor2.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (file missing)
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2011102308
O9 - Extra button: VOLNÝ - {5A19F1FE-2A05-438c-BE6E-7D23266193E8} - http://web.volny.cz/ (file missing)
O9 - Extra 'Tools' menuitem: VOLNÝ - {5A19F1FE-2A05-438c-BE6E-7D23266193E8} - http://web.volny.cz/ (file missing)
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Downloads\QIP\qip.exe (file missing) (HKCU)

Kliknete na nápis Fix checked a potvrdte

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files)

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\badoo.xml
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.gif
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.src
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.xml
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006UA.job
C:\windows\tasks\Norton Security Scan for adriana.job
C:\windows\tasks\RMSchedule.job
C:\windows\tasks\SmartDefrag_Startup.job
C:\Documents and Settings\adriana\Data aplikací\BabylonToolbar
C:\Program Files\BabylonToolbar
C:\Documents and Settings\All Users\Data aplikací\Babylon
C:\Documents and Settings\adriana\Data aplikací\Babylon
C:\Program Files\ConduitEngine
C:\Program Files\MyWebSearch
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění/McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9975C56F-480B-4861-8BEB-7E3CBF52F7B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"=-
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"=-
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=-
"{D5D47440-0750-463D-BAEF-A47D02414806}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
"{07B18EA9-A523-4961-B6BB-170DE4475CCA}"=-
"{98889811-442D-49dd-99D7-DC866BE87DBC}"=-
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=-
"ISUSPM Startup"=-
"ISUSScheduler"=-
"SweetIM"=-
"NeroCheck"=-
"My Web Search Bar Search Scope Monitor"=-
"MyWebSearch Email Plugin"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"CanonMyPrinter"=-
"CanonSolutionMenuEx"=-
"KernelFaultCheck"=-
"Guard.Mail.ru.gui"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MyWebSearch Email Plugin"=-
"Advanced SystemCare 5"=-
"Badoo Desktop"=-
"Skype"=-
"Google Update"=-
"ICQ"=-

:services
ICQ Service
JavaQuickStarterService
NAUpdate
MyWebSearchService
SkypeUpdate
McComponentHostService

:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Lukas.M · #4 Příspěvek od **Lukas.M** » 06 čer 2012 16:08

Dobré odpoledne. Udělal jsem vše, tak jak jste napsal. Tady je log z OTM:

All processes killed
Error: Unable to interpret <C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění/McAfee Security Scan Plus.lnk> in the current context!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9975C56F-480B-4861-8BEB-7E3CBF52F7B5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9975C56F-480B-4861-8BEB-7E3CBF52F7B5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d6451db9-67e1-4ca3-bfba-4d77fface17f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ecdee021-0d17-467f-a1ff-c7a115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7c5c0f58-e061-457d-9033-77307f5ed00c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SkyTel deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CanonMyPrinter deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CanonSolutionMenuEx deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 5 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Badoo Desktop deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named ICQ Service was found to stop!
Service\Driver key ICQ Service not found.
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service NAUpdate stopped successfully!
Service NAUpdate deleted successfully!
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Error: No service named McComponentHostService was found to stop!
Service\Driver key McComponentHostService not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: adriana
->Temp folder emptied: 614826750 bytes
->Temporary Internet Files folder emptied: 384185595 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56024865 bytes
->Google Chrome cache emptied: 37319881 bytes
->Flash cache emptied: 3171265 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 4308719 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2172324 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25660963 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 155161179 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 224,00 mb

[EMPTYFLASH]

User: adriana
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 06062012_070142

Files moved on Reboot...
File C:\windows\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

#5 Příspěvek od **Márty84** » 06 čer 2012 18:16

Log ale tvrdi, ze tam nebyla cast scriptu

Zkuste spustit OTM podle stejneho navodu jeste jednou, ale tentokrat tam zkopirujte tento skript (vcetne te dvojtecky pred slovem files!!!)

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\badoo.xml
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.gif
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.src
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.xml
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006UA.job
C:\windows\tasks\Norton Security Scan for adriana.job
C:\windows\tasks\RMSchedule.job
C:\windows\tasks\SmartDefrag_Startup.job
C:\Documents and Settings\adriana\Data aplikací\BabylonToolbar
C:\Program Files\BabylonToolbar
C:\Documents and Settings\All Users\Data aplikací\Babylon
C:\Documents and Settings\adriana\Data aplikací\Babylon
C:\Program Files\ConduitEngine
C:\Program Files\MyWebSearch
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění/McAfee Security Scan Plus.lnk

:commands
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

A rad bych zase videl jeho log.

Pak sem dejte novy log z RSIT

Lukas.M · #6 Příspěvek od **Lukas.M** » 06 čer 2012 18:27

Určitě jsem předtím zkopíroval všechno, divné... Ale když dám Movelt, tak mi to hází nějakou chybu :-/ Mám sem napsat přesné znění té chyby?

Lukas.M · #7 Příspěvek od **Lukas.M** » 06 čer 2012 18:34

Když kliknu na Movelt hlásí to: Invalid Time Flag (McAfee Security Scan Plus.Ink) Must Be Numerical Dál se nic neděje, zmizí ikony na ploše i dolní lišta a počítač se zakousne...

#8 Příspěvek od **Márty84** » 06 čer 2012 18:37

Tak zkuste jeste tento skript

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\badoo.xml
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.gif
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.src
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.xml
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006UA.job
C:\windows\tasks\Norton Security Scan for adriana.job
C:\windows\tasks\RMSchedule.job
C:\windows\tasks\SmartDefrag_Startup.job
C:\Documents and Settings\adriana\Data aplikací\BabylonToolbar
C:\Program Files\BabylonToolbar
C:\Documents and Settings\All Users\Data aplikací\Babylon
C:\Documents and Settings\adriana\Data aplikací\Babylon
C:\Program Files\ConduitEngine
C:\Program Files\MyWebSearch

:commands
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

Kdyz to nepujde, zkuste to jeste s timto skriptem v nouzovem rezimu

Lukas.M · #9 Příspěvek od **Lukas.M** » 06 čer 2012 18:42

Teď to chybu nenapsalo a tady je log:

All processes killed
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\badoo.xml not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.gif not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.src not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\searchplugins\icqplugin.xml not found.
File/Folder C:\windows\tasks\AppleSoftwareUpdate.job not found.
File/Folder C:\windows\tasks\GoogleUpdateTaskMachineCore.job not found.
File/Folder C:\windows\tasks\GoogleUpdateTaskMachineUA.job not found.
File/Folder C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006Core.job not found.
File/Folder C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041956366-1255808042-2611896803-1006UA.job not found.
File/Folder C:\windows\tasks\Norton Security Scan for adriana.job not found.
File/Folder C:\windows\tasks\RMSchedule.job not found.
File/Folder C:\windows\tasks\SmartDefrag_Startup.job not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\BabylonToolbar not found.
File/Folder C:\Program Files\BabylonToolbar not found.
File/Folder C:\Documents and Settings\All Users\Data aplikací\Babylon not found.
File/Folder C:\Documents and Settings\adriana\Data aplikací\Babylon not found.
File/Folder C:\Program Files\ConduitEngine not found.
File/Folder C:\Program Files\MyWebSearch not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: adriana
->Temp folder emptied: 587133 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 25803774 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 25,00 mb

[EMPTYFLASH]

User: adriana
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 06062012_093948

Files moved on Reboot...
File C:\windows\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

#10 Příspěvek od **Márty84** » 06 čer 2012 18:54

OK, toto je v poradku. OTMko pise, ze nic z toho uz v pc neni, takze to asi smazlo uz predtim, akorat to nebylo v logu.
Jak je na tom pc, nastala nejaka zmena?

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Zitra to prohlednu

Lukas.M · #11 Příspěvek od **Lukas.M** » 06 čer 2012 19:59

Počítač se zdá být lepší. Tady je první log:

OTL Extras logfile created on: 6.6.2012 9:58:44 - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Documents and Settings\adriana\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,48 Mb Total Physical Memory | 495,09 Mb Available Physical Memory | 48,42% Memory free
2,85 Gb Paging File | 2,49 Gb Available in Paging File | 87,29% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 115,37 Gb Free Space | 77,41% Space Free | Partition Type: NTFS

Computer Name: LG | User Name: adriana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"59156:TCP" = 59156:TCP:*:Enabled:Pando Media Booster
"59156:UDP" = 59156:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"26463:TCP" = 26463:TCP:*:Enabled:BitComet 26463 TCP
"26463:UDP" = 26463:UDP:*:Enabled:BitComet 26463 UDP
"59156:TCP" = 59156:TCP:*:Enabled:Pando Media Booster
"59156:UDP" = 59156:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh -- (iMesh, Inc)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Documents and Settings\adriana\Local Settings\Temporary Internet Files\Content.IE5\XYDIACAG\SweetImSetup[1].exe" = C:\Documents and Settings\adriana\Local Settings\Temporary Internet Files\Content.IE5\XYDIACAG\SweetImSetup[1].exe:*:Enabled:SweetIM Installer
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe" = C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( )
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{040FF9BD-17BE-427B-85DD-67694FB8F786}" = Badoo Desktop
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08ED8855-4C2E-429B-A878-F129E1F624FA}" = SweetIM for Messenger 3.2
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers
"{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1" = Media Access Startup
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1CD4D45E-4851-496D-840F-2C2E752ECFB7}" = SweetIM Toolbar for Internet Explorer 3.9
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{27555031-A116-4EC6-9991-7B400142A936}" = HP PSC & OfficeJet 6.1.A
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37476589-E48E-439E-A706-56189E2ED4C4}" = TheBflix
"{3AD59E07-5D54-4142-8505-62889FEDFA59}" = InterVideo DVD
"{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}" = Ulead Video ToolBox Basic
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update
"{58005385-C433-4B89-BFA5-484A7C315C55}_is1" = Vypalovač CD / DVD / Blu-ray / HD-DVD 1.25
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{850C4C12-57E2-43E4-B66B-B08B120C55F3}" = FireBurner
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}" = Internet Explorer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A74C1699-4BCE-433F-82D6-F11207A0581B}" = Sony ACID Music Studio 7.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C7D27207-0F86-4B6F-859C-21800A2C592E}" = Grand Prix 4
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA2D9BC0-75E9-4975-9A0A-DD82198DDC53}" = MSXML 6.0 Parser
"{EABF2170-CA2F-4C48-9921-3D5050F30EBA}" = Hooligans - Storm over Europe
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F96368D6-ECE9-4502-B5C4-A4200637F2A3}" = ArcSoft Software Suite
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BabylonToolbar" = Babylon toolbar on IE
"BSPlayerf" = BS.Player FREE
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Centrum.cz Toolbar_is1" = Centrum.cz Toolbar 1.110.021.004
"Collectorz.com MP3 Collector" = Collectorz.com MP3 Collector
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 5.0.6.2
"Docking Station" = Docking Station
"Dragonboard" = Dragonboard
"Easy Audio CD Burner 3.71" = Easy Audio CD Burner 3.71
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"GDiVX" = Global DiVX Player
"Harmony Sound_is1" = Harmony Sound 1.0 trial
"ie8" = Windows Internet Explorer 8
"iMesh" = iMesh
"Indeo® software" = Indeo® software
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWebSearch bar Uninstall" = My Web Search (Webfetti)
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"Network Play System (Patching)" = Network Play System (Patching)
"Neverball" = Neverball
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Okoker MP3 Splitter_is1" = Okoker MP3 Splitter 5.0
"OpenAL" = OpenAL
"Pontifex" = Pontifex
"Royal Envoy™ Collector’s Edition_is1" = Royal Envoy™ Collector’s Edition
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"save2pc_is1" = save2pc 5.10
"Skinovacek" = Skinovacek
"Smart Defrag 2_is1" = Smart Defrag 2
"Sudden Strike II Demo" = Sudden Strike II Demo
"Super Spacys Space-Hockey" = Super Spacys Space-Hockey
"The KMPlayer" = The KMPlayer (remove only)
"The Memory 3D_is1" = The Memory 3D v1.37
"thriXXX WebLaunch" = thriXXX WebLaunch
"ThumbsPlus7" = ThumbsPlus version 7 SP2
"TorrentMan Toolbar" = TorrentMan Toolbar
"TrafficGiant-Gold Edition" = TrafficGiant-Gold Edition
"Virtual Stratton" = Virtual Stratton (remove only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XP Codec Pack" = XP Codec Pack
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomPlayer" = Zoom Player (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.4.2012 8:56:16 | Computer Name = LG | Source = MsiInstaller | ID = 1043
Description = Ukončení transakce Instalační služby systému Windows se nezdařilo.
Při ukončení transakce došlo k chybě 5.

Error - 14.5.2012 4:20:18 | Computer Name = LG | Source = MsiInstaller | ID = 11720
Description = Product: Skype Click to Call -- Error 1720. There is a problem with
this Windows Installer package. A script required for this install to complete
could not be run. Contact your support personnel or package vendor. Custom action
GetChromeRootPath.05B3CEE0_7172_4F7F_8DE8_E2DBADD223A0 script error -2146827859,
Microsoft VBScript - chyba při běhu programu: Součást ActiveX nemůže vytvořit objekt.:
'Scripting.FileSystemObject' Line 14, Column 7,

Error - 17.5.2012 4:02:05 | Computer Name = LG | Source = MsiInstaller | ID = 11720
Description = Product: Ask Toolbar -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be
run. Contact your support personnel or package vendor. Custom action vb_IsPartnerEmpty
script error -2146827859, Microsoft VBScript - chyba při běhu programu: Součást
ActiveX nemůže vytvořit objekt.: 'Scripting.FileSystemObject' Line 3, Column 3,

Error - 17.5.2012 16:36:03 | Computer Name = LG | Source = MsiInstaller | ID = 11720
Description = Product: Ask Toolbar -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be
run. Contact your support personnel or package vendor. Custom action vb_IsPartnerEmpty
script error -2146827859, Microsoft VBScript - chyba při běhu programu: Součást
ActiveX nemůže vytvořit objekt.: 'Scripting.FileSystemObject' Line 3, Column 3,

Error - 29.5.2012 9:54:53 | Computer Name = LG | Source = MsiInstaller | ID = 11720
Description = Product: Ask Toolbar -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be
run. Contact your support personnel or package vendor. Custom action vb_IsPartnerEmpty
script error -2146827859, Microsoft VBScript - chyba při běhu programu: Součást
ActiveX nemůže vytvořit objekt.: 'Scripting.FileSystemObject' Line 3, Column 3,

Error - 29.5.2012 9:55:59 | Computer Name = LG | Source = MsiInstaller | ID = 1043
Description = Ukončení transakce Instalační služby systému Windows se nezdařilo.
Při ukončení transakce došlo k chybě 5.

Error - 29.5.2012 10:06:14 | Computer Name = LG | Source = MsiInstaller | ID = 11720
Description = Product: Ask Toolbar -- Error 1720.There is a problem with this Windows
Installer package. A script required for this install to complete could not be
run. Contact your support personnel or package vendor. Custom action vb_IsPartnerEmpty
script error -2146827859, Microsoft VBScript - chyba při běhu programu: Součást
ActiveX nemůže vytvořit objekt.: 'Scripting.FileSystemObject' Line 3, Column 3,

Error - 6.6.2012 10:45:30 | Computer Name = LG | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 6.6.2012 10:45:31 | Computer Name = LG | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 6.6.2012 10:45:31 | Computer Name = LG | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

[ System Events ]
Error - 6.6.2012 13:31:47 | Computer Name = LG | Source = Service Control Manager | ID = 7000
Description = Služba X4HSEx_Pr298 neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 6.6.2012 13:39:49 | Computer Name = LG | Source = Service Control Manager | ID = 7034
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 6.6.2012 13:39:49 | Computer Name = LG | Source = Service Control Manager | ID = 7034
Description = Služba FABS - Helping agent for MAGIX media database byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 6.6.2012 13:39:49 | Computer Name = LG | Source = Service Control Manager | ID = 7034
Description = Služba Canon Inkjet Printer/Scanner/Fax Extended Survey Program byla
neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 6.6.2012 13:39:49 | Computer Name = LG | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 6.6.2012 13:39:49 | Computer Name = LG | Source = Service Control Manager | ID = 7034
Description = Služba Pml Driver HPZ12 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.6.2012 13:41:52 | Computer Name = LG | Source = Service Control Manager | ID = 7000
Description = Služba StarOpen neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 6.6.2012 13:41:52 | Computer Name = LG | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
SkinnerUpdater.

Error - 6.6.2012 13:41:52 | Computer Name = LG | Source = Service Control Manager | ID = 7000
Description = Služba SkinnerUpdater neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 6.6.2012 13:41:52 | Computer Name = LG | Source = Service Control Manager | ID = 7000
Description = Služba X4HSEx_Pr298 neuspěla při spuštění v důsledku následující chyby:
%%3

< End of report >

Lukas.M · #12 Příspěvek od **Lukas.M** » 06 čer 2012 20:02

Druhý log:

OTL logfile created on: 6.6.2012 9:58:44 - Run 1
OTL by OldTimer - Version 3.2.46.1 Folder = C:\Documents and Settings\adriana\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1022,48 Mb Total Physical Memory | 495,09 Mb Available Physical Memory | 48,42% Memory free
2,85 Gb Paging File | 2,49 Gb Available in Paging File | 87,29% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 115,37 Gb Free Space | 77,41% Space Free | Partition Type: NTFS

Computer Name: LG | User Name: adriana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.06 09:57:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adriana\Plocha\OTL.exe
PRC - [2012.05.09 22:10:53 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.02.23 07:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.02.23 07:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.04.05 11:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.04.13 19:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

========== Modules (No Company Name) ==========

MOD - [2012.06.06 00:50:18 | 001,765,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12060601\algo.dll
MOD - [2012.05.09 22:10:53 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.12.02 12:42:09 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.02.23 07:04:14 | 000,144,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswDld.dll
MOD - [2010.04.05 11:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2010.02.18 00:49:10 | 000,323,584 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.02.10 18:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006.07.20 10:58:00 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.05.09 22:10:54 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.05.07 20:08:39 | 000,007,168 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Skinovacek\SkinnerService.exe -- (SkinnerUpdateService)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.02.23 07:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.05 11:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.07.07 00:45:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.08.07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008.07.29 10:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.13 19:22:45 | 000,141,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008.04.13 19:22:44 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008.04.13 19:22:38 | 000,111,616 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.13 19:22:38 | 000,111,616 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.13 19:22:31 | 000,032,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008.04.13 19:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.13 19:22:14 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.13 19:22:13 | 000,005,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008.04.13 19:22:08 | 000,129,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008.04.13 19:22:05 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008.04.13 19:21:48 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.13 19:21:46 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.13 19:21:41 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008.04.13 19:21:36 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2005.03.14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2004.08.18 04:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Frag Games\X4HSEx.Sys -- (X4HSEx_Pr298)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UNDPR3K.SYS -- (UNDPR3K)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011.02.23 06:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.02.23 06:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.02.23 06:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.02.23 06:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.02.23 06:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.02.23 06:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.02.23 06:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.26 19:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010.08.29 02:45:38 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.11.16 08:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 18:40:45 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\windows\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.13 18:31:03 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.13 18:30:48 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.13 11:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\windows\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.13 10:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\windows\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007.12.25 02:42:44 | 000,017,101 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\windows\System32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2007.07.03 17:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007.07.03 17:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007.07.03 17:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007.01.04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006.11.10 05:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006.09.12 09:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.07.11 10:31:02 | 000,084,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.07.05 04:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.18 13:38:18 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.14 06:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.03.24 08:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2004.08.18 04:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\windows\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004.08.18 04:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2004.08.18 04:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\windows\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004.08.18 04:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\windows\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004.08.18 04:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004.08.03 14:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = seznam.cz

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = seznam.cz

IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes,DefaultScope = {8A244612-A1F7-11E0-95C0-E71F4824019B}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{0D5BAA0C-C86D-496C-937E-0E141EE9B195}: "URL" = http://search.seznam.cz/searchScreen?w= ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 3D16002AAE
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{22CC10DF-C285-4EC4-8769-CC9F481F7874}: "URL" = http://slovnik.seznam.cz/?lg=cz_en&wd={ ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{3EC4DBFF-46C7-4964-AB26-60E942F7387C}: "URL" = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{4C508336-9A3B-4078-88FE-FAF7868D0E7B}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7AMSA
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{75C3F1D5-F961-47FC-9C9F-5E573C85DDA6}: "URL" = http://slovnik.seznam.cz/?lg=en_cz&wd={ ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{8588BED3-78EA-42AF-841C-6BA975F9C4FA}: "URL" = http://zbozi.seznam.cz/?q={searchTerms} ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/webResults.html ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}: "URL" = http://search.seznam.cz/searchScreen?w= ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{AB65709D-7E2C-44EB-8B19-51828FE1828A}: "URL" = http://www.mapy.cz/?query={searchTerms} ... rer:source?}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1640187
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{B372B08E-1F21-4916-80AC-361598365C3F}: "URL" = http://www.google.com/search?q={searchT ... 1I7AMSA_en
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{C8498CC4-8546-4259-989F-639C34DB6091}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{CDBFB47B-58A8-4111-BF95-06178DCE326D}: "URL" =
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... oolbar=NG2
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{DE16C108-2426-470E-BF8A-F19079401C15}: "URL" = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = seznam.cz

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: bookmarks@cometmarks.com:1.61
FF - prefs.js..extensions.enabledItems: ctrl-tab@design-noir.de:0.20
FF - prefs.js..extensions.enabledItems: {567F62D2-2162-43fe-A573-E5620D0934B2}:2.05
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.17
FF - prefs.js..extensions.enabledItems: {F5CEF9AD-F6AF-4b69-AB6D-936BF6BCB6D7}:1.7
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.7.2.4650\FF [2009.09.08 06:46:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\2.0.0.1050\FF [2009.09.08 06:46:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.03.02 08:19:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.09 22:10:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firefox@skins.com: C:\Program Files\Skinovacek\firefox@skins.com [2011.05.07 20:08:40 | 000,000,000 | ---D | M]

[2012.04.22 14:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\adriana\Data aplikací\Mozilla\Extensions
[2012.05.26 19:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions
[2012.05.20 06:46:50 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.22 14:28:04 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.04.22 14:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.04.22 14:27:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012.04.22 14:27:43 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{567F62D2-2162-43FE-A573-E5620D0934B2}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{B042753D-F57E-4E8E-A01B-7379A6D4CEFB}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{F5CEF9AD-F6AF-4B69-AB6D-936BF6BCB6D7}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\BOOKMARKS@COMETMARKS.COM
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\CTRL-TAB@DESIGN-NOIR.DE
[2012.05.09 22:10:53 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.13 00:38:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.03.13 00:38:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.03.13 00:38:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.03.13 00:38:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.03.13 00:38:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://badoo.com/startpage/?source=bsb&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\adriana\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: thriXXX WebLaunch (Enabled) = C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Stylish = C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: TheBflix = C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah\5.0_0\

O1 HOSTS File: ([2012.06.06 07:02:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\windows\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKU\.DEFAULT..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe (Pinnacle Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSecCPL = 0
O8 - Extra context menu item: &Vyhledat - file://C:\Program Files\Dynamic Toolbar\VOLNY\najdito.htm File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78951C6C-09BF-4E45-B21A-A8147BCC3BAD}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{874B58EE-4F76-4E05-B801-9299C1E77991}: NameServer = 217.117.216.66
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2012.02.19 06:42:05 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c8bbb7a4-80f6-11da-8eb0-0018f3aa37e1}\Shell - "" = AutoRun
O33 - MountPoints2\{c8bbb7a4-80f6-11da-8eb0-0018f3aa37e1}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

Lukas.M · #13 Příspěvek od **Lukas.M** » 06 čer 2012 20:02

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\windows\System32\ac3filter.acm ()
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\windows\System32\ffdshow.ax ()
Drivers32: VIDC.I420 - vdrcodec.dll File not found
Drivers32: vidc.iv31 - C:\windows\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\Ir32_32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Ligos Corporation)
Drivers32: VIDC.MJPG - C:\windows\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\windows\System32\Iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.03.01 15:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\Zivotopis Adrianka
[2015.03.01 12:26:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2015.03.01 12:26:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2015.03.01 12:26:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2015.03.01 12:26:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2015.03.01 12:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2015.03.01 12:24:42 | 001,335,296 | ---- | C] (CANON INC.) -- C:\windows\System32\CNC495C.dll
[2015.03.01 12:24:42 | 000,307,200 | ---- | C] (CANON INC.) -- C:\windows\System32\CNC495L.dll
[2015.03.01 12:24:42 | 000,114,688 | ---- | C] (CANON INC.) -- C:\windows\System32\CNC495I.dll
[2015.03.01 12:24:42 | 000,106,496 | ---- | C] (CANON INC.) -- C:\windows\System32\CNC495U.dll
[2015.03.01 12:24:42 | 000,015,872 | ---- | C] (CANON INC.) -- C:\windows\System32\CNHMCA.dll
[2015.03.01 12:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2015.03.01 12:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2015.03.01 12:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2015.03.01 12:18:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2015.03.01 12:17:46 | 000,290,816 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMLMA9.DLL
[2015.03.01 12:17:37 | 000,000,000 | -H-D | C] -- C:\windows\System32\CanonIJ Uninstaller Information
[2015.03.01 12:17:23 | 000,094,208 | ---- | C] (Canon Inc.) -- C:\windows\System32\CNC495O.dll
[2015.03.01 12:17:07 | 000,180,224 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMIUA9.DLL
[2015.03.01 12:16:42 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2015.03.01 12:15:45 | 000,034,816 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMNPUI.DLL
[2015.03.01 12:15:45 | 000,000,000 | ---D | C] -- C:\windows\System32\STRING
[2015.03.01 12:15:44 | 000,340,992 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMNPPM.DLL
[2015.03.01 12:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2015.02.28 08:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Local Settings\Data aplikací\Babylon
[2015.02.28 08:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Premium
[2015.02.28 08:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TheBflix
[2015.02.28 08:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2015.02.25 11:44:47 | 000,033,792 | R--- | C] (Electronic Arts) -- C:\windows\NPSExec.exe
[2015.02.25 11:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2015.02.23 02:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer Pro
[2015.02.23 02:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer
[2015.02.23 02:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2015.02.21 04:02:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Dokumenty\MAGIX_Music_Maker_17_Silver
[2015.02.21 04:02:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Dokumenty\MAGIX downloads
[2015.02.21 04:01:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\MAGIX
[2015.02.21 03:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2015.02.21 03:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2015.02.18 14:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\desktop
[2015.02.18 14:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\Boolat Games
[2015.02.18 14:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\DoubleGames.tv
[2015.02.18 14:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Alawarhry.cz
[2012.06.06 09:57:17 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\adriana\Plocha\OTL.exe
[2012.06.06 06:45:16 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.06.06 06:43:47 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\adriana\Plocha\OTM.exe
[2012.06.05 13:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\mp3 net
[2012.06.05 13:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\s Milackem
[2012.06.02 03:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.02 03:43:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012.05.28 03:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sateira
[2012.05.28 03:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Easy Audio CD Burner
[2012.05.28 03:45:23 | 000,647,168 | ---- | C] (NUGROOVZ) -- C:\windows\System32\cdr.dll
[2012.05.28 03:45:23 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Audio CD Burner
[2012.05.24 08:19:50 | 000,000,000 | -HSD | C] -- C:\found.000
[2012.05.20 06:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\ICQ Search
[2012.05.20 06:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ICQ7M
[2012.05.20 06:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2012.05.20 06:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\ICQ
[2012.05.20 06:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7M
[2012.05.20 05:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\Zoo
[2012.05.17 12:32:07 | 082,879,712 | ---- | C] (Nero AG) -- C:\Documents and Settings\adriana\Plocha\Nero_BurningROM-10.6.10600_trial.exe
[2012.05.15 14:21:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Data aplikací\Canneverbe Limited
[2012.05.15 00:58:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\Milacek
[2012.05.14 02:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\pam
[2012.05.14 01:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Vypalovač CD, DVD, Blu-ray, HD-DVD
[2012.05.13 23:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.05.13 23:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.05.13 23:50:34 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.05.09 22:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.05.09 22:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.05.08 02:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Plocha\Maminky horory

========== Files - Modified Within 30 Days ==========

[2015.02.28 08:55:10 | 000,000,237 | ---- | M] () -- C:\user.js
[2015.02.25 11:45:08 | 000,000,952 | ---- | M] () -- C:\windows\eReg.dat
[2015.02.23 02:59:29 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\adriana\Plocha\BS.Player FREE.lnk
[2015.02.21 14:16:21 | 001,541,392 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012.06.06 10:04:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.06 09:57:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adriana\Plocha\OTL.exe
[2012.06.06 09:41:56 | 000,001,158 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2012.06.06 09:41:52 | 000,000,427 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts.ics
[2012.06.06 09:40:56 | 000,051,048 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2012.06.06 09:40:47 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2012.06.06 09:40:45 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.06 07:02:12 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012.06.06 06:45:34 | 001,081,656 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2012.06.06 06:45:34 | 001,021,890 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.06.06 06:45:34 | 000,401,114 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2012.06.06 06:45:34 | 000,374,356 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.06.06 06:43:51 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adriana\Plocha\OTM.exe
[2012.06.06 04:10:24 | 004,665,920 | R--- | M] () -- C:\Documents and Settings\adriana\Plocha\09-Pořád-to-zkoušíš.mp3
[2012.06.05 13:26:58 | 019,087,256 | ---- | M] () -- C:\Documents and Settings\adriana\Plocha\DEEYAJ MIX STARS (CLUB MIX Part1) (Michel Telo - Ai Se Eu Te Pego) (Bikini Party Video).mp3
[2012.06.02 03:42:54 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\adriana\Plocha\RSIT.exe
[2012.05.28 03:52:45 | 000,002,057 | ---- | M] () -- C:\untitled.acb
[2012.05.24 02:43:25 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\adriana\Plocha\Google Chrome.lnk
[2012.05.21 10:05:20 | 000,000,664 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2012.05.20 06:47:12 | 000,001,482 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7M.lnk
[2012.05.17 12:32:54 | 082,879,712 | ---- | M] (Nero AG) -- C:\Documents and Settings\adriana\Plocha\Nero_BurningROM-10.6.10600_trial.exe
[2012.05.16 11:19:44 | 000,130,560 | ---- | M] () -- C:\Documents and Settings\adriana\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.14 01:04:03 | 000,000,149 | ---- | M] () -- C:\windows\vypalovac.ini

========== Files Created - No Company Name ==========

[2015.03.01 12:24:42 | 000,012,800 | ---- | C] () -- C:\windows\System32\CNC1747D.TBL
[2015.02.28 08:55:09 | 000,000,237 | ---- | C] () -- C:\user.js
[2015.02.23 02:59:29 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\adriana\Plocha\BS.Player FREE.lnk
[2012.06.06 10:04:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.06 04:10:12 | 004,665,920 | R--- | C] () -- C:\Documents and Settings\adriana\Plocha\09-Pořád-to-zkoušíš.mp3
[2012.06.06 00:11:33 | 019,087,256 | ---- | C] () -- C:\Documents and Settings\adriana\Plocha\DEEYAJ MIX STARS (CLUB MIX Part1) (Michel Telo - Ai Se Eu Te Pego) (Bikini Party Video).mp3
[2012.06.02 03:42:53 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\adriana\Plocha\RSIT.exe
[2012.05.28 03:52:45 | 000,002,057 | ---- | C] () -- C:\untitled.acb
[2012.05.20 06:47:12 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7M.lnk
[2012.04.17 04:34:24 | 000,000,149 | ---- | C] () -- C:\windows\vypalovac.ini
[2012.02.19 06:42:04 | 000,196,096 | ---- | C] () -- C:\windows\System32\macd32.dll
[2012.02.19 06:42:04 | 000,138,752 | ---- | C] () -- C:\windows\System32\mase32.dll
[2012.02.19 06:42:04 | 000,136,192 | ---- | C] () -- C:\windows\System32\mamc32.dll
[2012.02.19 06:42:04 | 000,057,856 | ---- | C] () -- C:\windows\System32\masd32.dll
[2012.02.19 06:42:04 | 000,027,648 | ---- | C] () -- C:\windows\System32\ma32.dll
[2012.02.19 06:30:15 | 000,002,048 | ---- | C] () -- C:\windows\System32\Picbat.dll
[2012.02.04 21:09:42 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\adriana\Local Settings\Data aplikací\SRDownloader.nast
[2012.02.04 20:39:35 | 000,020,480 | ---- | C] () -- C:\windows\System32\H@tKeysH@@k.DLL
[2012.01.29 05:08:06 | 000,014,776 | ---- | C] () -- C:\windows\System32\drivers\SmartDefragDriver.sys
[2012.01.03 11:59:55 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll
[2012.01.03 11:59:55 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll
[2012.01.03 11:59:55 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll
[2011.12.04 13:58:13 | 000,000,248 | ---- | C] () -- C:\windows\XIIIHooligans.ini
[2011.11.17 21:34:50 | 000,000,000 | ---- | C] () -- C:\windows\oodcnt.INI
[2011.11.06 09:13:01 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2011.09.20 11:55:34 | 000,364,288 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.04.27 16:30:47 | 000,000,001 | ---- | C] () -- C:\windows\acdddl.dlll
[2011.04.10 11:54:28 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2011.01.09 18:57:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2011.01.07 15:13:39 | 022,193,755 | ---- | C] () -- C:\windows\System32\TiskProRadost_AlbumMaker_uninstaller.exe
[2010.12.18 16:52:56 | 000,000,952 | ---- | C] () -- C:\windows\eReg.dat
[2010.12.18 16:32:04 | 000,103,607 | ---- | C] () -- C:\windows\hpoins08.dat
[2010.12.18 16:32:04 | 000,004,445 | ---- | C] () -- C:\windows\hpomdl08.dat
[2010.12.18 16:17:02 | 000,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2010.12.18 16:17:00 | 000,056,832 | ---- | C] () -- C:\windows\System32\Iyvu9_32.dll
[2010.09.13 01:48:14 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat

========== LOP Check ==========

[2011.11.29 14:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Airport Control Simulator
[2011.08.02 12:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\AnvSoft
[2015.02.18 14:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Boolat Games
[2015.02.23 03:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer
[2015.02.23 02:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer Pro
[2012.05.15 14:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Canneverbe Limited
[2009.12.25 16:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\CometNetwork
[2012.02.04 14:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\DAEMON Tools Lite
[2011.09.01 08:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\facemoods.com
[2012.04.14 13:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\gtk-2.0
[2012.06.06 06:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ICQ
[2012.05.20 06:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ICQ Search
[2012.01.29 05:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\IObit
[2011.06.04 22:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Leadertech
[2009.09.25 19:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\LimeWire
[2015.02.21 04:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\MAGIX
[2010.01.21 14:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Miranda
[2011.07.06 06:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Nokia
[2006.01.14 07:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\OpenOffice.org
[2011.07.06 06:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\PC Suite
[2011.01.04 14:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\PlayFirst
[2008.12.25 10:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\QIP
[2012.01.29 06:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\SAMSUNG
[2011.03.02 04:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\SecondLife
[2012.02.19 06:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Sony
[2009.01.24 05:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ThumbsPlus
[2010.09.11 02:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\u-turn
[2008.04.03 04:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Ulead Systems
[2011.06.15 22:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Unity
[2012.04.08 12:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\uTorrent
[2010.07.05 17:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Zoner
[2010.03.14 14:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2008.11.22 01:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2011.03.02 08:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.02.19 09:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2012.03.15 06:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Badoo
[2009.11.11 15:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.01.19 13:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2015.03.01 12:18:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2015.03.01 12:26:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2015.03.01 12:26:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2015.03.01 12:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2015.03.01 12:26:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2012.06.01 00:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2015.03.01 12:26:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2015.03.01 12:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2010.05.26 12:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2010.08.29 02:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2008.03.04 08:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2008.08.17 03:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.03.14 14:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.04.10 11:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Frag Games
[2012.05.20 06:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.06 06:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2015.02.28 08:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2012.01.29 05:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2015.02.21 03:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2011.07.06 06:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.10.19 09:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.10.19 09:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
[2011.01.04 14:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.09.20 23:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2015.02.28 08:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Premium
[2015.02.18 14:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2008.12.19 12:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2009.11.15 21:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sukoku
[2012.01.03 11:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.01.03 11:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2015.02.28 09:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TheBflix
[2009.01.24 05:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ThumbsPlus
[2008.04.03 04:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2012.05.20 06:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 10:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 10:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 13:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 13:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 04:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.13 19:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.13 19:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 04:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.18 04:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 10:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 10:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 04:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 04:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.13 19:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.13 19:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.13 19:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.13 19:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.13 19:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.13 19:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2005.04.07 10:48:41 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=88260E46E778EC78345959A08F047634 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hal.dll
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 10:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 10:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 04:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.18 04:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 10:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.25 05:51:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 04:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.13 18:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 18:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 04:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.13 19:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.13 19:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 11:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 11:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 04:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.13 19:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.13 19:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 04:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.13 19:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.13 19:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 04:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.13 19:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.13 19:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.18 04:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.13 19:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.13 19:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 02:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 11:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 03:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 03:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 03:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 03:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 03:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.13 19:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.13 19:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.13 19:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.13 19:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 04:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.13 19:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.13 19:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]
[1 C:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\*.tmp files -> C:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.10.31 08:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Adobe
[2010.08.28 09:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Ahead
[2011.11.29 14:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Airport Control Simulator
[2011.08.02 12:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\AnvSoft
[2010.09.11 02:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\AVS4YOU
[2015.02.18 14:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Boolat Games
[2015.02.23 03:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer
[2015.02.23 02:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\BSplayer Pro
[2012.05.15 14:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Canneverbe Limited
[2009.12.25 16:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\CometNetwork
[2012.02.04 14:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\DAEMON Tools Lite
[2011.09.01 08:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\facemoods.com
[2009.10.11 00:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Google
[2012.04.14 13:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\gtk-2.0
[2012.06.06 06:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ICQ
[2012.05.20 06:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ICQ Search
[2012.02.19 06:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\InstallShield
[2012.01.29 05:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\IObit
[2011.06.04 22:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Leadertech
[2009.09.25 19:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\LimeWire
[2007.01.02 08:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Macromedia
[2015.02.21 04:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\MAGIX
[2012.01.31 14:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Media Player Classic
[2011.10.31 08:26:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\adriana\Data aplikací\Microsoft
[2010.01.21 14:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Miranda
[2012.04.22 14:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Mozilla
[2011.04.27 16:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Nero
[2011.07.06 06:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Nokia
[2006.01.14 07:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\OpenOffice.org
[2011.07.06 06:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\PC Suite
[2011.01.04 14:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\PlayFirst
[2008.12.25 10:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\QIP
[2008.10.19 01:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Real
[2012.01.29 06:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\SAMSUNG
[2011.03.02 04:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\SecondLife
[2012.06.06 06:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Skype
[2011.09.01 08:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\skypePM
[2012.02.19 06:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Sony
[2009.06.17 03:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Sun
[2008.07.19 10:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Symantec
[2008.10.18 00:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Talkback
[2009.01.24 05:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\ThumbsPlus
[2010.09.11 02:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\u-turn
[2011.11.21 13:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\U3
[2008.04.03 04:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Ulead Systems
[2011.06.15 22:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Unity
[2012.04.08 12:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\uTorrent
[2012.02.05 08:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Winamp
[2010.08.29 02:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\WinRAR
[2010.07.05 17:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\adriana\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\adriana\Data aplikací\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.08.29 02:45:38 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.11.03 22:34:34 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2006.11.03 22:34:34 | 000,638,976 | ---- | M] () -- C:\windows\System32\config\software.sav
[2006.11.03 22:34:34 | 000,495,616 | ---- | M] () -- C:\windows\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.02.21 14:16:21 | 001,541,392 | ---- | M] () -- C:\windows\system32\FNTCACHE.DAT
[2012.06.06 09:40:56 | 000,051,048 | ---- | M] () -- C:\windows\system32\nvapps.xml
[2012.06.06 06:45:34 | 000,401,114 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2012.06.06 06:45:34 | 000,374,356 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2012.06.06 06:45:34 | 001,081,656 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2012.06.06 06:45:34 | 001,021,890 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2012.06.06 06:45:34 | 000,004,864 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
[2012.06.06 09:41:56 | 000,001,158 | ---- | M] () -- C:\windows\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\windows\system32\ctfmon.exe -- [2008.04.13 19:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"LaunchList" = C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe -- [2007.03.21 16:41:38 | 000,145,496 | ---- | M] (Pinnacle Systems)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.06 10:04:17 | 000,000,512 | ---- | M] () MD5=E4410D6A7491D605AECEEDFE5152A9A0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.02.05 20:10:38 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2011.08.17 17:47:42 | 000,004,328 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class
[2006.09.11 09:18:14 | 000,006,877 | ---- | M] () -- \Program Files\Pinnacle\Studio 11\Plugins\RTFx\3DServer\FiltersPlus3D\CrackedSlab3D.xml

< *keygen* /s >
[2011.10.30 05:27:56 | 000,011,807 | ---- | M] () -- \Documents and Settings\adriana\Data aplikací\uTorrent\Sony ACIDpro 7.0 build 502 + Keygen.torrent

< *loader* /s >
[2011.02.23 22:21:47 | 000,000,074 | ---- | M] () -- \CMLoader.log
[2012.02.04 21:09:42 | 000,000,952 | ---- | M] () -- \Documents and Settings\adriana\Local Settings\Data aplikací\SRDownloader.nast
[2006.01.15 11:01:55 | 000,000,723 | ---- | M] () -- \Documents and Settings\adriana\Local Settings\Data aplikací\Google\Chrome\User Data\Temp\scoped_dir_23140\CRX_INSTALL\img\ajax-loader.gif
[2006.01.15 11:01:41 | 000,000,979 | ---- | M] () -- \Documents and Settings\adriana\Local Settings\Data aplikací\Google\Chrome\User Data\Temp\scoped_dir_23140\CRX_INSTALL\js\FMLoader_Obfs.js
[2009.09.29 13:17:52 | 000,001,021 | ---- | M] () -- \Documents and Settings\adriana\SendTo\AVS Mobile Uploader.lnk
[2011.08.12 15:13:22 | 000,000,024 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\__FileUploader.log
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2011.08.19 16:19:50 | 000,001,608 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\JDownloader Uninstaller.lnk
[2011.08.19 16:19:50 | 000,001,587 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\JDownloader Update.lnk
[2011.08.19 16:19:50 | 000,001,629 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\JDownloader.lnk
[2009.10.21 03:09:52 | 000,003,727 | ---- | M] () -- \Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
[2007.03.14 07:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 07:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 06:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2009.06.23 08:57:48 | 004,470,344 | ---- | M] () -- \Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2009.06.09 02:25:00 | 000,043,296 | ---- | M] () -- \Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2009.03.01 02:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 02:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2011.03.03 14:05:41 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2011.03.03 14:05:45 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2012.05.20 06:46:00 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.05.20 06:46:01 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.05.20 06:46:00 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 01:29:39 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.05.20 06:48:56 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.11.04 03:53:24 | 000,819,200 | ---- | M] () -- \Program Files\iMesh Applications\iMesh\BerkeleyLoader.dll
[2009.11.04 03:53:24 | 003,552,808 | ---- | M] () -- \Program Files\iMesh Applications\iMesh\ImageUploader5.ocx
[2011.08.17 17:47:42 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2011.08.17 17:47:42 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2011.08.17 17:47:42 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderBETA.exe
[2011.08.17 17:47:42 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderD3D.exe
[2011.08.19 16:20:44 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2011.08.17 17:47:42 | 000,007,069 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.08.17 17:47:42 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2011.01.17 17:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2006.01.14 07:19:17 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 20:07:52 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2006.01.14 07:19:30 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 13:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2011.05.07 20:08:37 | 000,466,944 | ---- | M] () -- \Program Files\Skinovacek\adxloader.dll
[2011.05.07 20:09:28 | 000,062,712 | ---- | M] () -- \Program Files\Skinovacek\adxloader.exe
[2011.05.07 20:08:38 | 000,664,576 | ---- | M] () -- \Program Files\Skinovacek\adxloader64.dll
[2008.02.24 22:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.02.10 18:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 04:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.18 04:00:00 | 000,017,423 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2004.08.18 04:00:00 | 000,115,153 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2004.08.18 04:00:00 | 000,132,757 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2008.04.13 19:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 10:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 10:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.13 19:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2011.12.15 02:10:22 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.02.02 05:35:38 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >
[2006.02.23 04:23:58 | 000,114,688 | ---- | M] () -- \Program Files\Ulead Systems\Ulead Video ToolBox Basic\SimpleBurn\afdwTextNode.dll

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.08.30 17:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011.10.20 01:15:20 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2007.02.23 14:19:48 | 000,061,440 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\HfxSerial.exe
[2005.11.04 16:40:18 | 000,004,608 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-CHS.dll
[2005.11.04 16:40:18 | 000,005,632 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-DEU.dll
[2005.11.04 16:40:18 | 000,005,120 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-ESP.dll
[2005.11.04 16:40:18 | 000,005,632 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-FRA.dll
[2005.11.04 16:40:18 | 000,005,120 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-ITA.dll
[2005.11.04 16:40:18 | 000,005,120 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-JPN.dll
[2005.11.04 16:40:18 | 000,005,120 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-KOR.dll
[2005.11.04 16:40:18 | 000,005,632 | ---- | M] () -- \Program Files\Pinnacle\Hollywood Fx For Studio\6.0\Languages\HfxSerial-NLD.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.18 04:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2006.11.03 21:50:36 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.01.24 06:00:10 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.20 01:12:58 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.01.24 06:00:24 | 000,090,112 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.06.13 09:36:47 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.08.12 01:23:05 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.20 01:42:40 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.20 01:40:24 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2011.08.12 01:19:56 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
[2004.08.18 04:00:00 | 000,024,957 | ---- | M] () -- \WINDOWS\I386\DPSERIAL.DL_
[2004.08.18 04:00:00 | 000,030,301 | ---- | M] () -- \WINDOWS\I386\SERIAL.SY_
[2004.08.18 04:00:00 | 000,006,549 | ---- | M] () -- \WINDOWS\I386\SERIALUI.DL_
[2004.07.15 05:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 02:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.09.10 08:46:28 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.13 18:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 18:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.08.18 04:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.18 04:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2004.08.18 04:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2004.08.18 04:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 18:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:466F9D5D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:87FA5E8A
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:79F970BE
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C25C9263
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:89CC7FD8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5216CD26

< End of report >

#14 Příspěvek od **Márty84** » 07 čer 2012 09:18

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem otl)

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Frag Games\X4HSEx.Sys -- (X4HSEx_Pr298)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes,DefaultScope = {8A244612-A1F7-11E0-95C0-E71F4824019B}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=&apn_uid=10DAF6BC-5148-4583-A8F1-BBC24E7DA96E&apn_sauid=86891091-378C-49DB-B9DD-273D16002AAE
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/webResults.html?src=ieb&q={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1640187
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{C8498CC4-8546-4259-989F-639C34DB6091}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{CDBFB47B-58A8-4111-BF95-06178DCE326D}: "URL" =
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=NG2
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
IE - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
[2012.05.20 06:46:50 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
CHR - default_search_provider: search_url = http://badoo.com/startpage/?source=bsb&q={searchTerms}
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\ShellBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup File not found
[2015.02.28 08:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adriana\Local Settings\Data aplikací\Babylon
[2012.06.06 06:45:34 | 001,081,656 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2012.06.06 06:45:34 | 001,021,890 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.06.06 06:45:34 | 000,401,114 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2012.06.06 06:45:34 | 000,374,356 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.01.29 05:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\adriana\Data aplikací\IObit
[2008.08.17 03:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.01.29 05:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[7 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]
[1 C:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\*.tmp files -> C:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\*.tmp -> ]
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:466F9D5D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:87FA5E8A
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:79F970BE
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C25C9263
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:89CC7FD8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5216CD26

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[Purity]
[EMPTYFLASH]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Lukas.M · #15 Příspěvek od **Lukas.M** » 11 čer 2012 16:02

Dobrý den. Omlouvám se, že je to trochu zdlouhavější. Počítač se mi zdá stále pomalý... Ještě udělám tu kontrolu MBAMem.
Tady je nový log z OTL:

All processes killed
========== OTL ==========
Service X4HSEx_Pr298 stopped successfully!
Service X4HSEx_Pr298 deleted successfully!
File C:\Program Files\Frag Games\X4HSEx.Sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Assistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1041956366-1255808042-2611896803-1006\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Assistant| /E : value set successfully!
HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{C8498CC4-8546-4259-989F-639C34DB6091}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C8498CC4-8546-4259-989F-639C34DB6091}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry key HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Documents and Settings\adriana\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin not found.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\Mozilla\Firefox\Profiles\l56m0988.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Unable to fix default_search_provider items.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7C5C0F58-E061-457D-9033-77307F5ED00C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C5C0F58-E061-457D-9033-77307F5ED00C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}\ not found.
Registry value HKEY_USERS\S-1-5-21-1041956366-1255808042-2611896803-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender_298 deleted successfully.
C:\Documents and Settings\adriana\Local Settings\Data aplikací\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Documents and Settings\adriana\Local Settings\Data aplikací\Babylon\Setup folder moved successfully.
C:\Documents and Settings\adriana\Local Settings\Data aplikací\Babylon folder moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Smart Defrag 2 folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\IObit Malware Fighter folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\adriana\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\Charon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus\Charon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster 3\BackLnk folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster 3 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP114.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14B.tmp\PresentationCore.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B3.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E9.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF7.tmp folder deleted successfully.
C:\windows\Installer\MSI11.tmp deleted successfully.
C:\windows\Installer\MSI22.tmp deleted successfully.
C:\windows\twain_32\hpqgnds2.tmp deleted successfully.
C:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\TBM57.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:466F9D5D deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:87FA5E8A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:79F970BE deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:C25C9263 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:89CC7FD8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5216CD26 deleted successfully.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: adriana
->Temp folder emptied: 1121406 bytes
->Temporary Internet Files folder emptied: 37973100 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 449247865 bytes
->Google Chrome cache emptied: 35148812 bytes
->Flash cache emptied: 14233 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 139160 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4748504 bytes

Total Files Cleaned = 504,00 mb

[EMPTYFLASH]

User: adriana
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.46.1 log created on 06112012_065046

Files\Folders moved on Reboot...
File\Folder C:\windows\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu