Prosba o pomoc s opravou notebooku

Zpráva

#16 Příspěvek od **vyosek** » 26 říj 2012 09:45

Pokracujte ComboFixem

premet · #17 Příspěvek od **premet** » 26 říj 2012 12:23

tedka mam problem s Combofixem, spustil jsem to asi pred 3hodinama a porad to pise ze maze slozky C:DaS/User/WINDOWS
a 2x mi to preslo do usporneho rezimu, protoze jsem tu nebyl. pobezi to dal, nebo to mam ukoncit?

#18 Příspěvek od **vyosek** » 26 říj 2012 18:40

Aplikujte CF znovu v nouzovem rezimu

premet · #19 Příspěvek od **premet** » 26 říj 2012 20:10

tak jsem to spustil v nouzovem rezimu a zase sse to zaseklo ve stejnem kroku

#20 Příspěvek od **vyosek** » 26 říj 2012 21:11

Dejte novy log z RSIT

premet · #21 Příspěvek od **premet** » 26 říj 2012 22:06

Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2012-10-26 23:00:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (19%) free of 37 GB
Total RAM: 510 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:01:47, on 26.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rmctrl.exe
C:\PROGRA~1\MEDIAK~1\MagicKey.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MEDIAK~1\OSD.exe
C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe
C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\Documents and Settings\User\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\trend micro\User.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.190.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: the blinkx toolbar - {F08555B0-9CC3-11D2-AA8E-000000000567} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll
O2 - BHO: The blinkx Toolbar - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll (file missing)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: The blinkx Toolbar - {E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [blinkx_toolbar] "C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe" -startservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Edimax 11n USB Wireless LAN Utility.lnk = C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 11002 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default

prefs.js - "browser.startup.homepage" - "devilpage.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@macromedia.com/FlashPlayer8]
"Description"=Macromedia Flash Player 8.0
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
inspector@mozilla.org
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
flashplayer.xpt
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np_blinkx_plugin.dll
NPOFF12.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
blinkxtoolbar.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0069B690-7A2B-41C5-98CA-9F535B4C8532}]
The blinkx Toolbar - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll [2006-12-17 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-09 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-09 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} - The blinkx Toolbar - C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll [2009-09-16 264448]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-07-30 349680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-05 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-05 688218]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY []
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-05 339968]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-19 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"RemoteControl"=C:\WINDOWS\system32\rmctrl.exe [2006-04-01 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"MagicKey"=C:\PROGRA~1\MEDIAK~1\MagicKey.exe [2004-03-15 45056]
"HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2012-07-31 41944]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2012-07-30 640480]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2005-12-10 133016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"blinkx_toolbar"=C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe [2009-09-16 196608]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Edimax 11n USB Wireless LAN Utility.lnk - C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-05 46080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BPFTP Server\bpftpserver.exe"="C:\Program Files\BPFTP Server\bpftpserver.exe:*:Enabled:BulletProof FTP Server (http://www.bpftpserver.com)"
"C:\Program Files\Total Cmd\TOTALCMD.EXE"="C:\Program Files\Total Cmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\hry\Counter-Strike 1.6\hl.exe"="D:\hry\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i263_32.drv
"vidc.iv31"=Ir32_32.dll
"vidc.iv32"=Ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.vorbis"=vorbis.acm
"vidc.3ivx"=3ivxVfWCodec.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.wmv3"=wmv9vcm.dll
"VIDC.i263"=i263_32.drv
"msacm.imc"=imc32.acm
"vidc.MPG4"=Mpg4c32.dll
"vidc.MP42"=Mpg4c32.dll
"vidc.MP43"=Mpg4c32.dll
"vidc.LEAD"=LCODCCMP.DLL

======File associations======

.ini - open - notepad.exe %1

======List of files/folders created in the last 1 month======

2012-10-26 23:00:13 ----ASH---- C:\hiberfil.sys
2012-10-26 20:49:03 ----SD---- C:\ComboFix
2012-10-26 20:44:58 ----A---- C:\WINDOWS\ntbtlog.txt
2012-10-26 10:32:38 ----A---- C:\Boot.bak
2012-10-26 10:32:34 ----RASHD---- C:\cmdcons
2012-10-26 10:28:37 ----A---- C:\WINDOWS\zip.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\SWSC.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\SWREG.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\sed.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\PEV.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\NIRCMD.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\MBR.exe
2012-10-26 10:28:37 ----A---- C:\WINDOWS\grep.exe
2012-10-26 10:28:25 ----D---- C:\Qoobox
2012-10-26 10:27:57 ----D---- C:\WINDOWS\erdnt
2012-10-25 23:06:57 ----A---- C:\AdwCleaner[S1].txt
2012-10-25 20:44:56 ----A---- C:\AdwCleaner[R1].txt
2012-10-25 20:39:05 ----D---- C:\Program Files\trend micro
2012-10-25 20:38:56 ----D---- C:\rsit
2012-10-20 14:45:43 ----D---- C:\Documents and Settings\User\Data aplikací\BSplayer
2012-10-17 11:05:16 ----RA---- C:\WINDOWS\system32\drivers\RTL8192cu.sys
2012-10-17 11:05:12 ----R---- C:\WINDOWS\Rtlihvs.dll
2012-10-17 11:05:11 ----R---- C:\WINDOWS\RtlUI2.exe
2012-10-17 11:05:11 ----R---- C:\WINDOWS\RTLExtUI.dll
2012-10-17 11:05:09 ----R---- C:\WINDOWS\system32\Rtlihvs.dll
2012-10-17 11:05:08 ----R---- C:\WINDOWS\system32\RtlUI2.exe
2012-10-17 11:05:06 ----R---- C:\WINDOWS\system32\RTLExtUI.dll
2012-10-17 10:45:51 ----D---- C:\WINDOWS\system32\RtlGina
2012-10-17 10:45:50 ----D---- C:\Program Files\Edimax
2012-10-17 10:45:49 ----A---- C:\WINDOWS\system32\ISSRemoveSP.exe
2012-10-17 10:44:59 ----A---- C:\WINDOWS\RTacDbg.txt
2012-10-16 12:23:35 ----A---- C:\WINDOWS\system32\novamnk7.dll
2012-10-16 12:23:35 ----A---- C:\WINDOWS\system32\novamik7.dll
2012-10-16 12:23:12 ----D---- C:\Program Files\Common Files\StatSoft
2012-10-16 12:16:02 ----D---- C:\Program Files\StatSoft
2012-10-13 11:17:24 ----D---- C:\Program Files\Mozilla Firefox
2012-10-13 10:22:13 ----D---- C:\Program Files\uTorrent
2012-10-13 10:21:26 ----D---- C:\Documents and Settings\User\Data aplikací\uTorrent
2012-10-11 21:17:31 ----HD---- C:\WINDOWS\$NtUninstallKB2724197$
2012-10-11 09:17:51 ----HD---- C:\WINDOWS\$NtUninstallKB2756822$
2012-10-11 09:17:16 ----HD---- C:\WINDOWS\$NtUninstallKB2749655$
2012-10-11 09:12:32 ----HD---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2012-10-09 12:18:43 ----A---- C:\WINDOWS\system32\javaws.exe
2012-10-09 12:18:29 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-10-09 12:18:29 ----A---- C:\WINDOWS\system32\javaw.exe
2012-10-09 12:18:29 ----A---- C:\WINDOWS\system32\java.exe
2012-10-03 14:24:43 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2012-10-03 13:12:19 ----D---- C:\Documents and Settings\User\Data aplikací\QIP
2012-10-03 13:10:55 ----D---- C:\Program Files\QIP 2012
2012-10-02 23:17:12 ----D---- C:\WINDOWS\system32\XPSViewer
2012-10-02 23:17:05 ----D---- C:\Program Files\MSBuild
2012-10-02 23:17:01 ----D---- C:\WINDOWS\system32\en-US
2012-10-02 23:16:50 ----D---- C:\Program Files\Reference Assemblies
2012-10-02 23:15:44 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-10-02 23:15:44 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-10-02 23:15:43 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-10-02 22:57:05 ----D---- C:\Program Files\T-Mobile
2012-10-02 17:44:59 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2012-10-02 17:17:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2012-10-02 15:19:16 ----D---- C:\Documents and Settings\User\Data aplikací\StatSoft
2012-10-02 14:01:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-02 14:01:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-10-02 13:57:49 ----D---- C:\Documents and Settings\User\Data aplikací\Softland
2012-10-02 13:56:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\StatSoft
2012-10-02 13:26:26 ----A---- C:\WINDOWS\system32\drivers\dtscsi.sys
2012-10-02 13:26:22 ----D---- C:\Program Files\DAEMON Tools
2012-10-02 13:21:23 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-10-02 13:20:25 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll
2012-10-02 13:20:25 ----N---- C:\WINDOWS\system32\AdobePDF.dll
2012-10-02 13:07:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-10-02 13:03:31 ----A---- C:\WINDOWS\system32\drivers\sptd6125.sys
2012-10-02 13:03:31 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2012-10-02 12:36:47 ----D---- C:\Program Files\FastStone Image Viewer
2012-10-02 12:28:54 ----D---- C:\Documents and Settings\User\Data aplikací\BSplayer Pro
2012-10-02 12:28:51 ----D---- C:\Program Files\Webteh
2012-10-02 12:10:11 ----A---- C:\WINDOWS\system32\muweb.dll
2012-10-02 12:10:11 ----A---- C:\WINDOWS\system32\mucltui.dll
2012-10-01 22:48:15 ----D---- C:\Program Files\CCleaner
2012-10-01 22:45:22 ----D---- C:\Program Files\Unreal Commander
2012-10-01 22:41:19 ----D---- C:\Program Files\Microsoft Works
2012-10-01 22:38:44 ----D---- C:\Program Files\Microsoft.NET
2012-10-01 22:31:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-10-01 22:23:54 ----RHD---- C:\MSOCache

======List of files/folders modified in the last 1 month======

2012-10-26 23:00:38 ----A---- C:\WINDOWS\system32\eRLog.ini
2012-10-26 23:00:36 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2012-10-26 10:32:40 ----RASH---- C:\BOOT.INI
2012-10-26 10:29:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-26 10:27:22 ----A---- C:\WINDOWS\NeroDigital.ini
2012-10-24 20:24:52 ----A---- C:\WINDOWS\winamp.ini
2012-10-11 17:54:00 ----A---- C:\WINDOWS\system32\MRT.exe
2012-10-09 15:01:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-09 12:18:12 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-10-09 12:18:10 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-10-04 09:58:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-10-01 22:45:40 ----A---- C:\WINDOWS\wincmd.ini
2012-10-01 22:03:50 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2003-10-28 20016]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-10-02 642560]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-10-17 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-05 1035776]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2012-10-02 223128]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-12-19 6144]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys [2010-08-06 907496]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-05 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024]
S3 catchme;catchme; \??\C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-15 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-15 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-15 21744]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-09-10 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-10-12 100736]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SI15CI;SI15CI; \??\c:\elements\1stboot\SI15CI.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-08-22 123320]
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-05 364544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-10-09 161768]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-21 136176]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE [2011-06-26 256000]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-02 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-21 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#22 Příspěvek od **vyosek** » 27 říj 2012 12:41

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

premet · #23 Příspěvek od **premet** » 27 říj 2012 14:43

OTL logfile created on: 27.10.2012 14:48:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,16 Mb Total Physical Memory | 186,87 Mb Available Physical Memory | 36,63% Memory free
1,22 Gb Paging File | 0,81 Gb Available in Paging File | 66,54% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,94 Gb Total Space | 6,91 Gb Free Space | 19,23% Space Free | Partition Type: FAT32
Drive D: | 36,32 Gb Total Space | 2,18 Gb Free Space | 5,99% Space Free | Partition Type: FAT32
Drive F: | 1,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,70 Gb Total Space | 0,12 Gb Free Space | 3,38% Space Free | Partition Type: FAT32

Computer Name: INTERNAT | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.10.27 14:17:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
PRC - [2012.10.13 11:20:20 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.09.24 23:13:00 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.08.22 16:59:58 | 000,123,320 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:26 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.30 15:02:22 | 000,640,480 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010.07.27 19:11:18 | 000,991,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2009.09.16 14:27:52 | 000,196,608 | ---- | M] () -- C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.04.01 22:08:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\rmctrl.exe
PRC - [2005.12.10 16:57:20 | 000,133,016 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2005.08.17 18:39:58 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.05.19 17:09:46 | 000,360,448 | ---- | M] (acer Inc.) -- C:\Program Files\acer\eRecovery\Monitor.exe
PRC - [2005.05.19 14:45:52 | 000,069,632 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2005.04.18 11:41:34 | 000,081,920 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2005.03.30 15:29:48 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
PRC - [2005.03.09 18:59:26 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Arcade\PCMService.exe
PRC - [2004.10.11 10:47:02 | 000,245,760 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2004.10.05 16:25:10 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2004.03.16 18:00:02 | 000,122,880 | ---- | M] () -- C:\Program Files\Media Key\OSD.exe
PRC - [2004.03.15 13:27:24 | 000,045,056 | ---- | M] () -- C:\Program Files\Media Key\MagicKey.exe
PRC - [2002.08.30 15:02:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Launch Manager\Powerkey.exe

========== Modules (No Company Name) ==========

MOD - [2012.10.27 10:05:32 | 001,824,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12102700\algo.dll
MOD - [2012.10.13 11:19:56 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009.12.09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2009.09.16 14:27:52 | 000,196,608 | ---- | M] () -- C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe
MOD - [2009.02.27 19:06:14 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.SKY
MOD - [2009.02.27 19:01:34 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.POL
MOD - [2009.02.27 18:56:34 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.HUN
MOD - [2009.02.27 18:51:26 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.CZE
MOD - [2007.07.12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Edimax\11n USB Wireless LAN Utility\acAuth.dll
MOD - [2006.04.01 22:08:02 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\ctrldll.dll
MOD - [2006.04.01 22:08:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\rmctrl.exe
MOD - [2005.07.27 11:17:00 | 000,007,168 | ---- | M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2005.04.18 11:41:34 | 000,081,920 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2005.03.30 15:29:48 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
MOD - [2004.10.11 10:47:02 | 000,245,760 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
MOD - [2004.03.19 16:11:40 | 000,045,056 | ---- | M] () -- C:\Program Files\Media Key\NTKBHook.dll
MOD - [2004.03.19 16:07:00 | 000,049,152 | ---- | M] () -- C:\Program Files\Media Key\KBHook.dll
MOD - [2004.03.16 18:00:02 | 000,122,880 | ---- | M] () -- C:\Program Files\Media Key\OSD.exe
MOD - [2004.03.15 13:27:24 | 000,045,056 | ---- | M] () -- C:\Program Files\Media Key\MagicKey.exe
MOD - [2002.08.30 15:02:48 | 000,094,208 | ---- | M] () -- C:\Program Files\Launch Manager\Powerkey.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.13 11:20:02 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.02 13:21:26 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.09.24 23:13:00 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.08.22 16:59:58 | 000,123,320 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2012.08.21 11:12:26 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.26 08:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Stopped] -- c:\elements\1stboot\SI15CI.SYS -- (SI15CI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (mailKmd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.10.02 13:26:28 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2012.10.02 13:03:32 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.08.21 11:13:16 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:16 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:16 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.08.21 11:13:14 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:14 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.21 11:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010.08.06 08:45:28 | 000,907,496 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2009.10.12 15:21:54 | 000,100,736 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.10 14:55:52 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.08.19 17:31:52 | 003,644,800 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.04.05 21:58:48 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.03.04 16:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005.01.14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\acer\eRecovery\int15.sys -- (int15.sys)
DRV - [2005.01.10 15:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004.12.22 01:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.12.15 15:18:30 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2004.12.15 15:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004.12.15 15:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004.12.02 16:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003.12.05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.04.28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [2000.12.19 18:29:52 | 000,002,343 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Launch Manager\POWERKEY.SYS -- (POWERKEY)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\URLSearchHook: {F08555B0-9CC3-11D2-AA8E-000000000567} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll ()
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\SearchScopes\{72A1A00B-12D8-4488-6D15-C5A40642CA}: "URL" = http://toolbar.blinkx.com/search?query= ... d83f1627bf
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.190.2:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "devilpage.cz"
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..extensions.enabledAddons: {d62bb6fa-7192-47fd-b640-ad8855c444f3}:1.1
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - prefs.js..network.proxy.backup.ftp: "192.168.190.2"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "192.168.190.2"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "192.168.190.2"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "192.168.190.2"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "192.168.190.2"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.190.2"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.190.2"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.190.2"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.190.2"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.09.18 15:21:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.13 11:17:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.13 11:17:26 | 000,000,000 | ---D | M]

[2012.10.02 13:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Data aplikací\Mozilla\Extensions
[2006.04.01 22:35:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\extensions
[2012.10.02 14:01:58 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.10.02 14:49:36 | 000,015,706 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi
[2012.10.24 14:09:34 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\Mozilla\Firefox\Profiles\21yz3urf.default\searchplugins\icqplugin.xml
[2012.10.13 11:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.10.13 11:17:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.10.13 11:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\21YZ3URF.DEFAULT\EXTENSIONS\{D62BB6FA-7192-47FD-B640-AD8855C444F3}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\21YZ3URF.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
[2012.10.13 11:20:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.09.16 14:27:52 | 000,057,344 | ---- | M] (blinkx) -- C:\Program Files\mozilla firefox\plugins\np_blinkx_plugin.dll
[2011.01.25 22:36:46 | 000,001,132 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\blinkxtoolbar.xml
[2012.09.06 06:25:46 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.09.06 06:25:46 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.09.06 06:25:46 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.09.06 06:25:46 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.09.06 06:25:46 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\PROGRA~1\MOZILL~1\plugins\NPSWF32.dll
CHR - plugin: blinkx (Enabled) = C:\PROGRA~1\MOZILL~1\plugins\np_blinkx_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.10.25 23:21:04 | 000,000,727 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (The blinkx Toolbar) - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll File not found
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll (IE Toolbar)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (The blinkx Toolbar) - {E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [eRecoveryService] C:\WINDOWS\system32\Check.exe (acer Inc.)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [MagicKey] C:\Program Files\Media Key\MagicKey.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerKey] C:\Program Files\Launch Manager\PowerKey.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKU\S-1-5-21-270878693-3797569647-3346314554-1005..\Run: [blinkx_toolbar] C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Edimax 11n USB Wireless LAN Utility.lnk = C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &ICQ Toolbar Search - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22EF37BE-15CA-4521-A595-0826ED7DE2A4}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.01 00:36:54 | 000,000,027 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.3ivx - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.I420 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Ligos Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.10.27 14:17:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
[2012.10.27 12:07:58 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.27 12:07:58 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.10.27 12:07:57 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.26 20:49:03 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.10.26 10:32:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.10.26 10:28:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.10.26 10:28:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.10.26 10:28:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.10.26 10:28:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.10.26 10:28:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.10.26 10:27:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.10.26 10:15:59 | 004,988,534 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Plocha\ComboFix.exe
[2012.10.26 10:07:41 | 001,678,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\User\Plocha\rkill.com
[2012.10.25 20:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Plocha\RK_Quarantine
[2012.10.25 20:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.25 20:38:56 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.20 15:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Nabídka Start\Programy\MV2Player
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.10.27 15:03:42 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job
[2012.10.27 15:03:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.27 14:55:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.27 14:17:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
[2012.10.27 14:14:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.10.27 14:13:52 | 000,000,792 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2012.10.27 14:13:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.27 14:13:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.27 14:13:24 | 535,007,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.27 13:19:36 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.10.26 10:32:40 | 000,000,310 | RHS- | M] () -- C:\BOOT.INI
[2012.10.26 10:16:42 | 004,988,534 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Plocha\ComboFix.exe
[2012.10.26 10:07:22 | 001,678,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\User\Plocha\rkill.com
[2012.10.25 23:09:48 | 000,000,096 | ---- | M] () -- C:\WINDOWS\ComponentList.xml
[2012.10.25 20:47:28 | 001,580,544 | ---- | M] () -- C:\Documents and Settings\User\Plocha\RogueKiller.exe
[2012.10.25 20:44:16 | 000,538,941 | ---- | M] () -- C:\Documents and Settings\User\Plocha\adwcleaner.exe
[2012.10.25 20:38:12 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\User\Plocha\RSIT.exe
[2012.10.24 20:24:52 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012.10.23 12:02:38 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.20 15:12:16 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\User\Plocha\MV2Player.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.10.27 14:55:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.26 23:00:13 | 535,007,232 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.26 10:32:38 | 000,000,196 | ---- | C] () -- C:\Boot.bak
[2012.10.26 10:32:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.10.26 10:28:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.10.26 10:28:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.10.26 10:28:37 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.10.26 10:28:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.10.26 10:28:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.10.25 20:47:28 | 001,580,544 | ---- | C] () -- C:\Documents and Settings\User\Plocha\RogueKiller.exe
[2012.10.25 20:44:15 | 000,538,941 | ---- | C] () -- C:\Documents and Settings\User\Plocha\adwcleaner.exe
[2012.10.25 20:38:16 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\User\Plocha\RSIT.exe
[2012.10.20 15:12:15 | 000,000,604 | ---- | C] () -- C:\Documents and Settings\User\Plocha\MV2Player.lnk
[2012.10.17 10:45:49 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2012.10.02 13:26:26 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.10.02 13:03:31 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd6125.sys
[2012.03.07 13:19:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009.06.11 16:56:13 | 035,118,048 | ---- | C] () -- C:\Program Files\setupcze.exe
[2007.02.08 04:05:20 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\fusioncache.dat
[2006.07.28 20:37:11 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2006.07.26 11:45:56 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2007.02.05 23:42:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.04.29 06:35:24 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 05:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.11.13 20:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.06.21 19:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.09.24 22:06:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.10.02 13:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\StatSoft
[2012.10.02 13:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Softland
[2006.04.01 22:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQLite
[2006.04.02 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ACD Systems
[2007.02.09 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQ Toolbar
[2008.11.13 20:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQ
[2012.10.02 12:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\BSplayer Pro
[2012.10.02 13:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Softland
[2012.10.02 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\StatSoft
[2012.10.03 13:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\QIP
[2012.10.13 10:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\uTorrent
[2012.10.20 14:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\BSplayer

========== Purity Check ==========

========== Custom Scans ==========

< >
[1980.01.01 00:00:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2004.09.17 12:16:27 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.06.23 07:29:41 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job
[2012.06.21 19:48:38 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 19:48:39 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.18 15:23:34 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: ATAPI.SYS >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 05:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\I386\AUTOCHK.EXE
[2004.08.18 05:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 05:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 05:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:12:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:40 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.06.11 16:28:38 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 05:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 05:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2004.08.18 05:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 18:20:56 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 05:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2004.09.17 12:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Identities
[2004.09.17 12:03:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\User\Data aplikací\Microsoft
[2005.12.21 21:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Adobe
[2005.12.25 01:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\CyberLink
[2006.03.31 20:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Help
[2006.04.01 20:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Macromedia
[2006.04.01 22:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQLite
[2006.04.01 22:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Sun
[2006.04.01 22:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Mozilla
[2006.04.01 22:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Talkback
[2006.04.01 23:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Google
[2006.04.01 23:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Skype
[2006.04.02 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ACD Systems
[2006.04.13 18:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\AdobeUM
[2006.06.11 21:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Ahead
[2007.02.09 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQ Toolbar
[2008.11.13 20:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQ
[2012.10.02 12:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\BSplayer Pro
[2012.10.02 13:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Softland
[2012.10.02 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\StatSoft
[2012.10.03 13:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\QIP
[2012.10.13 10:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\uTorrent
[2012.10.20 14:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\BSplayer

< %APPDATA%\*.exe /s >
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.10.27 15:18:46 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job
[2012.10.27 14:13:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.27 15:03:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.27 14:14:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.10.02 13:03:32 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd6125.sys
[2012.10.02 13:03:32 | 000,642,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2012.10.02 13:26:28 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys

< %systemroot%\System32\config\*.sav >
[2004.09.17 12:02:34 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2004.09.17 12:02:34 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.09.17 12:02:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.27 14:13:52 | 000,000,792 | ---- | M] () -- C:\WINDOWS\system32\eRLog.ini
[2012.10.27 12:07:58 | 000,004,078 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.7.0_09-b05.log
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"blinkx_toolbar" = "C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.exe" -startservice -- [2009.09.16 14:27:52 | 000,196,608 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.13 11:20:20 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=BC03475EC281AA1E685388896ACADE8D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.10.10 12:06:18 | 001,239,064 | ---- | M] (Google Inc.) MD5=848D034D067BE2FF5CD3D779BECBDA00 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.27 14:55:02 | 000,000,512 | ---- | M] () MD5=0A8BC7085D6A59B653A3A05FD3D6E09C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.06.18 12:28:14 | 000,002,623 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\Examples\Datasets\Cracker promotion.sta

< *keygen* /s >

< *loader* /s >
[2012.08.29 21:27:00 | 000,306,840 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Adobe\AIH.d507a28503c12eec721edc6613d2a6c251451bdd\downloader.bundle
[2012.07.26 02:03:00 | 000,511,944 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Adobe\AIH.d507a28503c12eec721edc6613d2a6c251451bdd\downloader.dll
[2004.08.18 05:00:00 | 000,017,423 | ---- | M] () -- \I386\DMLOADER.DL_
[2004.08.18 05:00:00 | 000,115,153 | ---- | M] () -- \I386\OSLOADER.EX_
[2004.08.18 05:00:00 | 000,132,757 | ---- | M] () -- \I386\OSLOADER.NT_
[2008.03.18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2002.09.25 21:05:38 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2008.05.18 16:51:36 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.05.18 16:51:36 | 000,005,520 | ---- | M] () -- \Program Files\ICQ6\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2008.05.18 16:51:36 | 000,005,520 | ---- | M] () -- \Program Files\ICQ6\services\icqApp\ver1\theme\MUICoreLib\xtraLoader.swf
[2009.04.15 18:01:14 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2011.04.26 06:57:20 | 000,007,233 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\MULTIMED\images\ProgressLoader.png
[2011.04.26 06:57:24 | 000,007,233 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\MULTIMED\swf\loaderlogo.png
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 05:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.13 20:31:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< End of report >

premet · #24 Příspěvek od **premet** » 27 říj 2012 14:45

OTL Extras logfile created on: 27.10.2012 14:48:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,16 Mb Total Physical Memory | 186,87 Mb Available Physical Memory | 36,63% Memory free
1,22 Gb Paging File | 0,81 Gb Available in Paging File | 66,54% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,94 Gb Total Space | 6,91 Gb Free Space | 19,23% Space Free | Partition Type: FAT32
Drive D: | 36,32 Gb Total Space | 2,18 Gb Free Space | 5,99% Space Free | Partition Type: FAT32
Drive F: | 1,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,70 Gb Total Space | 0,12 Gb Free Space | 3,38% Space Free | Partition Type: FAT32

Computer Name: INTERNAT | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1542:TCP" = 1542:TCP:*:Enabled:Realtek WPS TCP Prot
"1542:UDP" = 1542:UDP:*:Enabled:Realtek WPS UDP Prot
"53:UDP" = 53:UDP:*:Enabled:Realtek AP UDP Prot

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\BPFTP Server\bpftpserver.exe" = C:\Program Files\BPFTP Server\bpftpserver.exe:*:Enabled:BulletProof FTP Server (http://www.bpftpserver.com) -- (DigitalCandle, Inc.)
"C:\Program Files\Total Cmd\TOTALCMD.EXE" = C:\Program Files\Total Cmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\hry\Counter-Strike 1.6\hl.exe" = D:\hry\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe" = C:\Program Files\Edimax\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan -- (Realtek Semiconductor Corp.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Arcade 3.0
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2C4223E2-F084-46FC-AAE3-811E3CEA3DAD}" = STATISTICA CZ 10
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D12314F45EB}" = Edimax Wireless LAN Driver and Utility
"{9D14BEA3-9115-42C2-870A-5CDC14309F68}" = Media Key
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_952" = Adobe Acrobat 9.5.2 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.0.8.3
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe SVG Viewer" = Adobe SVG Viewer
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"blinkx Remote Toolbar" = blinkx Remote Toolbar
"Body Mass Index_is1" = Body Mass Index 2.1
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"BSPlayerf" = BS.Player FREE
"BulletProof FTP Server_is1" = BulletProof FTP Server (remove only)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_00801025" = SoftV90 Data Fax Modem with SmartCP
"Counter-Strike 1.6" = Counter-Strike 1.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"IDOS - Autobusy 2005/2006" = IDOS - Autobusy 2005/2006
"IDOS - ProgramTT" = IDOS - Prohlížeč jízdních řádů
"IDOS - Vlaky 2005/2006" = IDOS - Vlaky 2005/2006
"ie8" = Windows Internet Explorer 8
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"KLiteCodecPack_is1" = K-Lite Codec Pack
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 16.0.1 (x86 cs)" = Mozilla Firefox 16.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"popupkiller" = popupkiller
"Skype_is1" = Skype 2.0
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF 7.4 printer)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Communication Centre" = Web'n'walk Manager
"Totalcmd" = Total Commander (Remove or Repair)
"UnrealCommander_is1" = Unreal Commander v0.95
"uTorrent" = µTorrent
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"XviDDec" = XviD Decoder 1.0-Beta3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7221

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.6.2009 0:43:34 | Computer Name = INTERNAT | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
qasf.dll, verze 10.0.0.3646, adresa chyby 0x0001aa8f.

Error - 27.1.2010 15:38:42 | Computer Name = INTERNAT | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.1.2011 13:57:16 | Computer Name = INTERNAT | Source = MsiInstaller | ID = 10005
Description = Product: TIxx21 -- The processor is not adequate for running TIxx21.

Error - 6.2.2011 14:24:44 | Computer Name = INTERNAT | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 6.2.2011 14:24:44 | Computer Name = INTERNAT | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 31.5.2011 3:14:46 | Computer Name = INTERNAT | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.5.2011 3:19:59 | Computer Name = INTERNAT | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 24.10.2012 8:09:52 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby stisvc.

Error - 26.10.2012 4:10:42 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7034
Description = Služba Broadcom Wireless LAN Tray Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 26.10.2012 4:10:48 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7034
Description = Služba Pml Driver HPZ12 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 26.10.2012 14:46:45 | Computer Name = INTERNAT | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 26.10.2012 14:47:19 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 26.10.2012 14:47:19 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 26.10.2012 14:47:19 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 26.10.2012 14:47:19 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 26.10.2012 14:47:19 | Computer Name = INTERNAT | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD AmdK8 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT
RasAcd
Rdbss
Tcpip

Error - 26.10.2012 17:00:53 | Computer Name = INTERNAT | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.39 pro síťovou kartu s adresou 801F022DE398
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#25 Příspěvek od **vyosek** » 27 říj 2012 16:16

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2011.06.26 08:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Stopped] -- c:\elements\1stboot\SI15CI.SYS -- (SI15CI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (mailKmd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme)
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\URLSearchHook: {F08555B0-9CC3-11D2-AA8E-000000000567} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll ()
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..\SearchScopes\{72A1A00B-12D8-4488-6D15-C5A40642CA}: "URL" = http://toolbar.blinkx.com/search?query={searchTerms}&refer=toolbar_ie7&domainid=PIN05&version=0.5.64&toolbaridb4aebafd-2c91-4142-98e4-6dd83f1627bf
IE - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.190.2:3128
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "devilpage.cz"
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..extensions.enabledAddons: {d62bb6fa-7192-47fd-b640-ad8855c444f3}:1.1
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.backup.ftp: "192.168.190.2"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "192.168.190.2"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "192.168.190.2"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "192.168.190.2"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "192.168.190.2"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.190.2"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.190.2"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.190.2"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.190.2"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4
[2012.10.13 11:17:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.09.16 14:27:52 | 000,057,344 | ---- | M] (blinkx) -- C:\Program Files\mozilla firefox\plugins\np_blinkx_plugin.dll
O2 - BHO: (The blinkx Toolbar) - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll File not found
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (The blinkx Toolbar) - {E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll ()
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-270878693-3797569647-3346314554-1005\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
[2007.02.09 02:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
[2012.10.27 15:18:46 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job
[2012.10.27 14:13:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.27 15:03:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.27 14:14:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"HP Software Update"=-
"Adobe Acrobat Speed Launcher"=-
""=-
"Acrobat Assistant 8.0"=-
"DAEMON Tools"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
"blinkx_toolbar"=-

:files
C:\Program Files\ICQToolbar
C:\Program Files\blinkx Remote Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

premet · #26 Příspěvek od **premet** » 27 říj 2012 17:13

All processes killed
========== OTL ==========
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
C:\ComboFix\pev.3XE moved successfully.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service Wbutton stopped successfully!
Service Wbutton deleted successfully!
File C:\WINDOWS\system32\drivers\Wbutton.sys not found.
Service SI15CI stopped successfully!
Service SI15CI deleted successfully!
File c:\elements\1stboot\SI15CI.SYS not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service mailKmd stopped successfully!
Service mailKmd deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File system32\drivers\InCDRm.sys not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File system32\drivers\InCDPass.sys not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File system32\drivers\InCDFs.sys not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File E:\INSTALL\GMSIPCI.SYS not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F08555B0-9CC3-11D2-AA8E-000000000567} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F08555B0-9CC3-11D2-AA8E-000000000567}\ deleted successfully.
C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll moved successfully.
HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Internet Explorer\SearchScopes\{72A1A00B-12D8-4488-6D15-C5A40642CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72A1A00B-12D8-4488-6D15-C5A40642CA}\ not found.
HKU\S-1-5-21-270878693-3797569647-3346314554-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "devilpage.cz" removed from browser.startup.homepage
Prefs.js: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6 removed from extensions.enabledAddons
Prefs.js: {d62bb6fa-7192-47fd-b640-ad8855c444f3}:1.1 removed from extensions.enabledAddons
Prefs.js: "http://search.icq.com/search/afe_result ... id=afex&q=" removed from keyword.URL
Prefs.js: "192.168.190.2" removed from network.proxy.backup.ftp
Prefs.js: 3128 removed from network.proxy.backup.ftp_port
Prefs.js: "192.168.190.2" removed from network.proxy.backup.gopher
Prefs.js: 3128 removed from network.proxy.backup.gopher_port
Prefs.js: "192.168.190.2" removed from network.proxy.backup.socks
Prefs.js: 3128 removed from network.proxy.backup.socks_port
Prefs.js: "192.168.190.2" removed from network.proxy.backup.ssl
Prefs.js: 3128 removed from network.proxy.backup.ssl_port
Prefs.js: "192.168.190.2" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "192.168.190.2" removed from network.proxy.gopher
Prefs.js: 3128 removed from network.proxy.gopher_port
Prefs.js: "192.168.190.2" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "192.168.190.2" removed from network.proxy.socks
Prefs.js: 3128 removed from network.proxy.socks_port
Prefs.js: "192.168.190.2" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Prefs.js: 4 removed from network.proxy.type
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\np_blinkx_plugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0069B690-7A2B-41C5-98CA-9F535B4C8532}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0069B690-7A2B-41C5-98CA-9F535B4C8532}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
C:\Program Files\ICQToolbar\tbu9\toolbaru.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6}\ deleted successfully.
C:\Program Files\blinkx Remote Toolbar\the_blinkx_toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-270878693-3797569647-3346314554-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
C:\Documents and Settings\User\Data aplikací\ICQ Toolbar folder moved successfully.
C:\WINDOWS\002762_.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP251.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP273.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40F.tmp\PresentationUI.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5DF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP602.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP650.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP774.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP882.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP89F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1.tmp\System.IdentityModel.Selectors.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP225.tmp folder deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\111.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_32596.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_32596.tmp folder deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{887F46D2-6843-475E-914E-556ED8610763}.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\blinkx_toolbar deleted successfully.
========== FILES ==========
C:\Program Files\ICQToolbar\tbu9\Cache folder moved successfully.
C:\Program Files\ICQToolbar\tbu9 folder moved successfully.
C:\Program Files\ICQToolbar folder moved successfully.
C:\Program Files\blinkx Remote Toolbar\blinkxtoolbar\chrome\skin folder moved successfully.
C:\Program Files\blinkx Remote Toolbar\blinkxtoolbar\chrome\content folder moved successfully.
C:\Program Files\blinkx Remote Toolbar\blinkxtoolbar\chrome folder moved successfully.
C:\Program Files\blinkx Remote Toolbar\blinkxtoolbar folder moved successfully.
C:\Program Files\blinkx Remote Toolbar\icons folder moved successfully.
C:\Program Files\blinkx Remote Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: User
->Temp folder emptied: 1363057 bytes
->Temporary Internet Files folder emptied: 15250964 bytes
->Java cache emptied: 4739958 bytes
->FireFox cache emptied: 62163382 bytes
->Google Chrome cache emptied: 6819885 bytes
->Flash cache emptied: 9885 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 31405944 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 116,00 mb

[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: User
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: User
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10272012_180542

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#27 Příspěvek od **vyosek** » 28 říj 2012 23:11

Jak se chova ntb?

premet · #28 Příspěvek od **premet** » 28 říj 2012 23:40

chova se dost zle. treba kdyz mam otevrenych nekolik oken(word,excel,acrobat,mozillu) pisu neco ve wordu a prepinam mezi okny, tak mi najednou zmizi pismenka z wordu, potom cele odstavce a nakonec i text v mozille a cele se to zasekne,takz to musim natvrdo vypnout a zase szapnout cely stroj. a filmy mi porad nektere nejedou.

#29 Příspěvek od **vyosek** » 29 říj 2012 10:26

Otestujte HD pomoci HD Tune http://www.stahuj.centrum.cz/utility_a_ ... g/hd-tune/

Udelejte testy Benchmark a Error Scan - dejte screeny
Dejte screen ze zalozky Health
Screen udelate kdyz klilknete na tu modrou disketku a pak jej sem dejte dle tohoto navdou http://forum.viry.cz/viewtopic.php?f=11&t=14114 - zajima Vas jen cast "zaslani na forum" samozrejme

CDI, pouziji koleguv navod

Mc_Murphy píše: Stáhni CrystalDisk Info: http://www.studna.cz/crystaldiskinfo-p-11601.html
Nainstaluj ho, spusť a přes Úpravy >> Kopírovat sem vlož log.

premet · #30 Příspěvek od **premet** » 29 říj 2012 19:36

http://imageshack.us/photo/my-images/25 ... 5n080.png/
http://imageshack.us/photo/my-images/69 ... 80atm.png/
http://imageshack.us/photo/my-images/20 ... 5n080.png/

VIRY.CZ

Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku

Re: Prosba o pomoc s opravou notebooku